Nontrivial changes
- Implement V5 signatures and update V5 keys to rfc4880bis-07 (#895)
- Remove support for
openpgp.config.aead_protect_version = 0(see below) - Add separate config option to use V5 keys,
openpgp.config.v5_keys = true. Previously, this was implied byopenpgp.config.aead_protect = true. This is no longer the case. This also means that it is now possible to use AEAD (which is often much faster in browsers) in combination with V4 keys. - DSA: Fix intermittent generation of invalid signatures (#938)
- Fix armor checksum errors being ignored when not streaming (#935)
- Decrypt message with multiple keys in parallel
- Don't keep the entire message in memory while decrypting when streaming
- Accept
@in User ID names (#930) - Implement ECDH using Web Crypto for supported (NIST) curves (#914)
- Implement ECDH using Node crypto (#921)
Trivial changes
- Fix test failing due to expired key (#941)
- Disable HKP tests due to keyserver.ubuntu.com no longer serving CORS headers (#940)
- Fix comment describing RSA coefficient u (#937)
- Don't babelify ES6 in unit tests when testing in modern browsers
- Style fixes and new style rules for ESLint (#919)
- Fix grunt-saucelabs by updating Sauce Labs Tunnel (#917)
Backwards-incompatible changes
This release is backwards-incompatible if you do all of the following:
- Set
openpgp.config.aead_protect = true, - Generate keys in OpenPGP.js,
- Export them (these keys would have been incompatible with the new spec),
- Store them on disk and/or expect them to continue working
Or:
- Set
openpgp.config.aead_protect = trueandopenpgp.config.aead_protect_version = 0 - Encrypt messages
- Store them on disk and/or expect them to continue working
There's a warning about breaking changes when using these config options in the README, hence why these changes were made in a minor release. If anyone is affected by this anyway, please ask for help on gitter and I'll try my best to offer some workarounds.