Skip to content

Releases: ProtonMail/gopenpgp

Release v2.7.0

20 Apr 14:01
@marinthiercelin marinthiercelin
v2.7.0
753a3fe
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release v2.7.0

Changed

  • The SignatureVerificationError struct now has a Cause error field, which is returned by the the Unwrap function. The cause is also included in the error message.
    NB: If the caller was relying on the exact message of the error, it might break the flow.
  • When a signature fails verification because of the signature context, it returns a SignatureVerificationError with
    status constants.SIGNATURE_BAD_CONTEXT instead of constants.SIGNATURE_FAILED.

Added

  • Add api for signature context on streams SignDetachedStreamWithContext.
  • Add API for signature context on embedded signatures.

Fixed

  • When verifying detached signatures, gopenpgp sometimes needs to reattempt verification a second time to check for edge cases of signature expiration. This logic was broken because it was not rewinding the data readers.
Assets 2
Loading

Release v2.6.1-proton

22 Mar 13:26
@marinthiercelin marinthiercelin
v2.6.1-proton
392c2e0
Compare
Choose a tag to compare
Release v2.6.1-proton

This release is 2.6.1 with support for symmetric keys and automatic forwarding, both of which are not standardized yet

Assets 2
Loading

Release v2.6.1

22 Mar 13:13
@marinthiercelin marinthiercelin
v2.6.1
5037273
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release v2.6.1

Security fix

  • Update github.com/ProtonMail/go-crypto and github.com/ProtonMail/go-mime to fix
    panic on invalid inputs.
Assets 2
Loading

Release 2.6.0-proton

17 Mar 11:11
@wussler wussler
v2.6.0-proton
a10e9cd
Compare
Choose a tag to compare
Release 2.6.0-proton

This release is 2.6.0 with symmetric keys and forwarding support

Assets 2
Loading

Release version 2.6.0

15 Mar 09:46
@marinthiercelin marinthiercelin
v2.6.0
62f2ca8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.6.0

Added

  • API for adding context to detached signatures: 
     sig, err := keyRing.SignDetachedWithContext(message, context)
  • API to verify the context of detached signatures: 
     err := keyRing.VerifyDetachedWithContext(message, signature, verifyTime, verificationContext)

Changed

  • Update github.com/ProtonMail/go-crypto to the latest version
  • More strictly verify detached signatures: reject detached signatures from revoked and expired keys.
  • In GetVerifiedSignatureTimestamp, use the new VerifyDetachedSignatureAndHash function to get the verified signature, instead of parsing the signature packets manually to get the timestamp.
  • Upgraded golang.org/x/crypto dependency to v0.7.0
Assets 2
Loading

Release version 2.5.2

26 Jan 11:43
@marinthiercelin marinthiercelin
v2.5.2
b4e40eb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.5.2

Changed

  • Update github.com/ProtonMail/go-crypto to the latest version
Assets 2
Loading

Release version 2.5.1

25 Jan 09:30
@marinthiercelin marinthiercelin
v2.5.1
2adafdb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.5.1

Added

  • Streaming API to encrypt with compression:
    • func (keyRing *KeyRing) EncryptStreamWithCompression
    • func (keyRing *KeyRing) EncryptSplitStreamWithCompression
    • func (sk *SessionKey) EncryptStreamWithCompression
Assets 2
Loading

Release version 2.5.0

16 Dec 09:34
@marinthiercelin marinthiercelin
v2.5.0
e1f4ae0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.5.0

Changed

  • Update github.com/ProtonMail/go-crypto to the latest version
  • Update github.com/ProtonMail/go-mime to the latest version, which cleans up unneeded dependencies. And fix an issue with PGP/MIME messages with non standard encodings.
  • Sanitize strings returned in MIMECallbacks.OnBody() and PlainMessage.GetString(). Strings that have non utf8 characters will be sanitized to have the "character unknown" character : � instead.
  • Detached sign text messages with signature type text. Similarly, clearsigned messages now also use signature type text.
  • Leave trailing spaces of text messages intact (except for clearsigned messages, where the spec requires us to trim trailing spaces). Note that for backwards compatibility, when verifying detached signatures over text messages, the application will have to trim trailing spaces in order for the signature to verify, if it was created by a previous version of this library (using crypto.NewPlainMessageFromString()).
Assets 2
Loading

Release version 2.4.10

23 Aug 11:54
@wussler wussler
v2.4.10
dd858da
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.4.10

Update go-crypto

Assets 2
Loading

Release version 2.4.9

19 Aug 09:58
@wussler wussler
v2.4.9
3278880
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release version 2.4.9

Upgrade underlying go-crypto version

Assets 2
Loading