The two interfaces Recipient and Identity went from
type Identity interface {
Type() string
Unwrap(block *Stanza) (fileKey []byte, err error)
}
type Recipient interface {
Type() string
Wrap(fileKey []byte) (*Stanza, error)
}
to
type Identity interface {
Unwrap(stanzas []*Stanza) (fileKey []byte, err error)
}
type Recipient interface {
Wrap(fileKey []byte) ([]*Stanza, error)
}
This is a better abstraction for interacting with complex implementations like plugins, as explained in the commit messages.
Most age applications (including all the public ones) use implementations provided by the age module itself, so they won't be affected by this breaking change. If third-party code implemented custom recipients or identities, they will need to update.
The IdentityMatcher interface was also removed, a positive side-effect of this change.
The header format was also changed to expect a short line at the end of every stanza, which allows the format to be used in a streaming protocol. No encrypted files produced by cmd/age are affected. A small number of encrypted files produced by rage are affected, and won't decrypt with newer versions of age. They still decrypt with any version of rage.
Finally, an NoIdentityMatchError type was added, to detect the specific Decrypt error condition.
This is hopefully the first and last breaking change before v1.0.0 is released.