[skip changelog] Bump github.com/ProtonMail/go-crypto from 1.1.0-alpha.0 to 1.1.0-alpha.4-proton

[dependabot]

Bumps github.com/ProtonMail/go-crypto from 1.1.0-alpha.0 to 1.1.0-alpha.4-proton.

Release notes

Sourced from github.com/ProtonMail/go-crypto's releases.

v1.1.0-alpha.4-proton

This pre-release is v1.1.0-alpha.4 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.

v1.1.0-alpha.3-proton

This pre-release is v1.1.0-alpha.3 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.

v1.1.0-alpha.1-proton

This pre-release is v1.1.0-alpha.1 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.

v1.1.0-alpha.0-proton

This pre-release is v1.1.0-alpha.0 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.

v1.1.0-alpha.4

What's Changed

• ECDH with v6 must use the full fingerprint (ProtonMail/go-crypto#211)
• Restrict S2K types (ProtonMail/go-crypto#213)
• Put support for reading v5 packets behind a feature flag (ProtonMail/go-crypto#212)
• Allow empty Key Flags subpackets (ProtonMail/go-crypto#214)
• Randomize v4 and v5 signatures via custom notation (ProtonMail/go-crypto#209)
• Fix SEIPDv2 packet parsing error messages (ProtonMail/go-crypto#215)

Full Changelog: ProtonMail/go-crypto@v1.1.0-alpha.3...v1.1.0-alpha.4

v1.1.0-alpha.3

What's Changed

• New functions to verify signature hash tags
• Allow parsing certifications explicitly marked as exportable
• Sorting signature sub-packets by their ID when serializing
• Mark creation time, issuer key ID, and key flag signature sub-packets as critical
• When AEAD is in use, the session key length is now determined by the cipher specified in the AEAD preference.

Full Changelog: v1.1.0-alpha.2...v1.1.0-alpha.3

v1.1.0-alpha.1

What's Changed

Removes the openpgp.VerifyDetachedSignatureAndSaltedHash function and the packet.SaltedHashSpecifier as they are no longer required. They were introduced for verifying the headers in cleartext messages. However, in the latest crypto-refresh specification, cleartext message headers were dropped.

Full Changelog: v1.1.0-alpha.0...v1.1.0-alpha.1

Commits

• 0b33f7b Fix HMAC generation (#204)
• 9c1877a Replace ioutil.ReadAll with io.ReadAll
• 91a0def fix(v2): Adapt NewForwardingEntity to refactored NewEntity
• da66ff5 fix(v2): Do not allow encrpytion with a forwarding key
• f27ab7d feat: Add symmetric keys to v2
• 4017cb3 fix: Address warnings
• fcee26d feat: Add forwarding to v2 api
• 20a257b fix: Address rebase on version 2 issues
• a5524a5 Use fingerprints instead of KeyIDs
• 9be33fe Create a copy of the encrypted key when forwarding
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 70.22%. Comparing base (b4f8849) to head (712b91e).

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2666      +/-   ##
==========================================
- Coverage   70.24%   70.22%   -0.02%     
==========================================
  Files         222      222              
  Lines       21346    21346              
==========================================
- Hits        14994    14991       -3     
- Misses       5174     5176       +2     
- Partials     1178     1179       +1     

Flag	Coverage Δ
unit	70.22% <ø> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[dependabot]

Superseded by #2670.