Major FFI, CLI and security improvements and compatibility fixes, and Windows support.
General
- Improved key validation: require to have at least one valid, non-expiring self signature.
- Added support for 'stripped' keys without userids and certifications but with valid subkey binding signature.
- Added support for Windows via MinGW/MSYS2.
- Added support for Windows via MSVC.
- Fixed secret key locking when it is updated with new signatures/subkeys.
- Fixed key expiry/flags calculation (take in account only the latest valid self-signature/subkey binding).
- Fixed MDC reading if it appears on 8k boundary.
- Disabled logging by default in release builds and added support for environment variable
RNP_LOG_CONSOLE
to enable it back.
- Fixed leading zeroes for secp521r1 b & n field constants.
- Allowed keys and signatures with invalid MPI bit count.
- Added support for private/experimental signature subpackets, used by GnuPG and other implementations.
- Added support for reserved/placeholder signatures.
- Added support for zero-size userid/attr packet.
- Relaxed packet dumping, ignoring invalid packets and allowing to find wrong packet easier.
- Improved logging of errored keys/subkeys information for easier debugging.
- Fixed support for old RSA sign-only/encrypt-only and ElGamal encrypt-and-sign keys.
- Fixed support for ElGamal keys larger then 3072 bits.
- Fixed symbol visibility so only FFI functions are exposed outside of the library.
- Added support for unwrapping of raw literal packets.
- Fixed crash with non-detached signature input, fed into the
rnp_op_verify_detached_create()
.
- Significantly reduced memory usage for the keys large number of signatures.
- Fixed long armor header lines processing.
- Added basic support for GnuPG's offline primary keys (
gnupg --export-secret-subkeys
) and secret keys, stored on card.
- Fixed primary key binding signature validation when hash algorithm differs from the one used in the subkey binding signature.
- Fixed multiple memory leaks related to invalid algorithms/versions/etc.
- Fixed possible crashes during processing of malformed armored input.
- Limited allowed nesting levels for OpenPGP packets.
- Fixed support for text-mode signatures.
- Replaced strcpy calls with std::string and memcpy where applicable.
- Removed usage of mktemp, replacing it with mkstemp.
- Replaced usage of deprecated
botan_pbkdf()
with botan_pwdhash()
.
- Added support for the marker packet, issued by some implementations.
- Added support for unknown experimental s2ks.
- Fixed armored message contents detection (so armored revocation signature is not more reported as the public key).
- Changed behaviour to use latest encryption subkey by default.
- Fixed support for widechar parameters/file names on Windows.
- Implemented userid validity checks so only certified/non-expired/non-revoked userid may be searched.
- Fixed GnuPG compatibility issues with CR (
\r
) characters in text-mode and cleartext-signed documents.
- Improved performance of the key/uid signatures access.
- Migrated tests to the Python 3.
- Migrated most of the internal code to C++.
CLI
- Do not load keyring when it is not required, avoiding extra
keyring not found
output.
- Input/output data via the tty, if available, instead of stdin/stdout.
- Fixed possible crash when HOME variable is not set.
- rnpkeys: Added
--import-sigs
and changed behavior of --import
to check whether input is key or signature.
- rnpkeys: Added
--export-rev
command to export key's revocation, parameters --rev-type
, --rev-reason
.
- rnpkeys: Added
--revoke-key
command.
- rnpkeys: Added
--permissive
parameter to --import-keys
command.
- rnpkeys: Added
--password
options, allowing to specify password and/or generate unprotected key.
FFI
- Added keystore type constants
RNP_KEYSTORE_*
.
- Added
rnp_import_signatures
.
- Added
rnp_key_export_revocation
.
- Added
rnp_key_revoke
.
- Added
rnp_request_password
.
- Added
rnp_key_set_expiration
to update key's/subkey's expiration time.
- Added flag
RNP_LOAD_SAVE_PERMISSIVE
to rnp_import_keys
, allowing to skip erroneous packets.
- Added flag
RNP_LOAD_SAVE_SINGLE
, allowing to import keys one-by-one.
- Added
rnp_op_verify_get_protection_info
to check mode and cipher used to encrypt message.
- Added functions to retrieve recipients information (
rnp_op_verify_get_recipient_count
, rnp_op_verify_get_symenc_count
, etc.).
- Added flag
RNP_KEY_REMOVE_SUBKEYS
to rnp_key_remove
function.
- Added function
rnp_output_pipe
allowing to write data from input to the output.
- Added function
rnp_output_armor_set_line_length
allowing to change base64 encoding line length.
- Added function
rnp_key_export_autocrypt
to export public key in autocrypt-compatible format.
- Added functions to retrieve information about the secret key's protection (
rnp_key_get_protection_type
, etc.).
- Added functions
rnp_uid_get_type
, rnp_uid_get_data
, rnp_uid_is_primary
.
- Added function
rnp_uid_is_valid
.
- Added functions
rnp_key_get_revocation_signature
and rnp_uid_get_revocation_signature
.
- Added function
rnp_signature_get_type
.
- Added function
rnp_signature_is_valid
.
- Added functions
rnp_key_is_valid
and rnp_key_valid_till
.
- Added exception guard to FFI boundary.
- Fixed documentation for the
rnp_unload_keys
function.
Security
OpenPGP signing key
Fingerprint: BEDBA05C1E6EE2DFB4BA72E1EC5D520AD90A7262