Release version 2.4.8

Add AEAD decryption support

Release version 2.4.7

• DecryptMIMEMessage will return the decrypted content in the OnBody callback, even when there's a signature verification error. That lets the caller decide whether they want to use the content with a warning or hard fail on signature errors.
• Key generation functions no longer return an error if either the name or email is empty

Release version 2.4.6

Fix MIME signature parsing issues

Release version 2.4.5

Deprecate SeparateKeyAndData, replace with (msg *PGPMessage) SplitMessage() to split PGP messages

Release version 2.4.4

Clone returned slices from SeparateKeyAndData

Release version 2.4.3

Security

• Fixed incorrect MDC parsing for session key decryption

Changed

• SeparateKeyAndData is now implemented in a more generic way, by checking for the location in the bytes of the last session key packet, then splitting the binary message after that point.

Fixed

• SeparateKeyAndData now correctly parses AEAD packets.
• (ap *AttachmentProcessor) Finish() now returns encryption errors correctly.

Release version 2.4.2

Update underlying crypto library and prevent AEAD messages from being created until the specification is stable

Release version 2.4.1

Fixed bug with NewPGPSplitMessageFromArmored(armored) and PGPMessage.SeparateKeyAndData(). Those functions didn't parse AEAD encrypted messages correctly (eg messages encrypted with the latest versions of gnupg), resulting in a nil DataPacket.

Release version 2.4.0

Update underlying crypto library and add functionality to get the signature timestamp of a verified signature

Release version 2.3.1

Fix the verification of PGP/MIME message signatures:

• Improve the handling of the dual verification status so that it is considered invalid if both embedded and PGP/MIME signatures are invalid.
• start calling callback.OnVerified(status int) to communicate the status verification of the message.