Skip to content

Releases: openpgpjs/openpgpjs

v4.10.10

24 Jan 15:57
@twiss twiss
v4.10.10
1f237e6
Compare
Choose a tag to compare
v4.10.10
  • Update tweetnacl-js to v1.0.3 (fixing a security issue with generating Ed25519 signatures)
  • Fix ElGamal parameter range and PKCS1 decoding (#1169)
Assets 2

v4.10.9

07 Dec 19:35
@twiss twiss
v4.10.9
21f4ba4
Compare
Choose a tag to compare
v4.10.9
  • WKD: Fix "TypeError: fetch is not a function" in Node.js environment (#1181)
  • Fix and test dummy key conversion (#1172)
  • Fix documentation of the HKP keyId option (#1151)
Assets 2

v4.10.8

28 Sep 15:56
@twiss twiss
v4.10.8
aa89893
Compare
Choose a tag to compare
v4.10.8
  • Add config option to allow insecure decryption with RSA signing keys (#1148)
  • Allow decryption with revoked keys (#1135)
  • Support non-human-readable notation values (#983)
  • Add test case for unknown binary notations (#1140)
  • Add SecretKey.prototype.makeDummy (#1131)
  • Use correct algorithm in ECC validation tests
Assets 2

v4.10.7

21 Jul 13:21
@twiss twiss
v4.10.7
34b0928
Compare
Choose a tag to compare
v4.10.7
  • Handle CORS errors during WKD lookup (#1125)
    • Throw in WKD lookup on HTTP errors instead of returning undefined
  • Refactor WKD lookup code (#1123)
  • Fix key validation tests
  • Fix decryption tests
Assets 2

v4.10.6

14 Jul 16:28
@twiss twiss
v4.10.6
20c468c
Compare
Choose a tag to compare
v4.10.6
  • Don't zero-copy transfer buffers from the worker by default
    Fixes signing messages using the same key multiple times in one worker.
Assets 2

v4.10.5

13 Jul 18:32
@twiss twiss
v4.10.5
1c41c72
Compare
Choose a tag to compare
v4.10.5
  • Faster and more secure, cipher-specific key validation (#1116). Also,
    • Validate keys during decryption
    • Check binding signatures for decryption keys when decrypting messages
    • Do not always fallback on Web Crypto ECC errors
  • Add support for advanced WKD lookup (#1115)
  • Fix stream-encrypting+signing a message using the Worker (#1112)
  • Pass around KDF params as objects (#1104)
  • Fix keyId types in JSDoc comments (#1100)
  • Also create issuer fingerprint subpacket for v4 keys, not just v5 keys (#1097)
Assets 2

v4.10.4

22 Apr 17:29
@twiss twiss
v4.10.4
2c6cbc4
Compare
Choose a tag to compare
v4.10.4
  • Fix normalizing \n after \r\n (broken in v4.10.3)
Assets 2

v4.10.3

22 Apr 17:28
@twiss twiss
v4.10.3
35b4380
Compare
Choose a tag to compare
v4.10.3
  • Support compressed data packets with algorithm=uncompressed (#1085)
  • Fix memory usage when non-streaming-en/decrypting large files (broken in v4.10.2)
  • Drop support for \r as EOL (#1073)
  • Fix verification of EdDSA signatures with short MPIs (#1083)
  • Support PKCS5 padding longer than 8 bytes (#1081)
Assets 2

v4.10.2

15 Apr 15:46
@twiss twiss
v4.10.2
04fb053
Compare
Choose a tag to compare
v4.10.2
  • Unpublish npm-shrinkwrap.json (#1079)
  • Support verification of text signatures on non-UTF-8 messages (#1071)
  • Update dependencies (#1061)
  • Update grunt; fix lodash vulnerability warning (#1060)
  • Fix signature verification examples in the README (#1058)
  • Fix "TypeError: fetch is not a function" in Node.js environment (#1052)
Assets 2

v4.10.1

27 Feb 16:19
@twiss twiss
v4.10.1
b6a6f52
Compare
Choose a tag to compare
v4.10.1
  • Fix generating keys with a date in the future
    This was broken in 4.10.0. (Before then, the revocation certificate was already broken when generating a key with a date in the future.)
  • Remove no-op revocationCertificate option from reformatKey
Assets 2