v4.1.0
Bug fixes:
- Fixed #762 by always considering the last valid signature rather than just the last signature
- Fixed #765 by disregarding non-self revocation signatures and by returning an error when parsing a key with an authorized revocation key subpacket (not supported by the library)
- Fixed #752 by adding some documentation to avoid confusion about text vs. binary formats
API changes:
Key.prototype.getRevocationCertificate
is now asyncSubKey.prototype.getExpirationTime
is now async and takesprimaryKey
,[date]
as parameters instead of just[date]
- When parsing a key with an authorized revocation key subpacket, we now return an error in the
(await openpgp.key.read/readArmored(key)).err
array, but also still return the key in the.keys
array. This is because we ignore valid third-party revocation signatures made by authorized keys, so the key might not be safe to use in some cases.