github openpgpjs/openpgpjs v5.0.0-2
on GitHub

latest releases: v6.0.0-beta.1, v6.0.0-beta.0, v5.11.1...
pre-release3 years ago

This is a prerelease of v5.0.0. The full changelog since OpenPGP.js v4 can be found here. The changelog since v5.0.0-1 is:

  • Remove Key.prototype.encrypt and Key.prototype.decrypt in favor of openpgp.encryptKey and openpgp.decryptKey (#1285)
  • Fix encoded length in unencrypted v5 secret key packets (#1278)
  • Add expectSigned option to openpgp.decrypt and openpgp.verify (#1275)
  • Fix streaming verification example in README (#1269)
  • Fix createMessage return type in type definitions (#1276)
  • Test type definitions in Continuous Integration
  • Disallow passing streams to readKey[s], readSignature and readCleartextMessage
  • Remove top-level streaming options, and only return a stream if a stream was passed
  • Replace Message.fromText and Message.fromBinary with createMessage, and replace CleartextMessage.fromText with createCleartextMessage
  • Fetch Streams ponyfill on demand in lightweight build
  • Internally use ArrayStreams instead of real streams when not streaming
  • Use consistent name casing (#1268)
    • Use PascalCase for classes (with uppercase acronyms)
    • Use camelCase for function and variables (first word/acronym is always lowercase, otherwise acronyms are uppercase)
  • Make the packet classes' tag properties static
  • Add config.rejectPublicKeyAlgorithms (#1264)
    • Default to disallowing the use of ElGamal and DSA for verifying and signing or encrypting new messages
    • When verifying a message, if the verification key is not found or too weak, the corresponding signature will have signature.valid=false (instead of signature.valid=null); signature.error will explain whether the key was missing/too weak/etc
  • Take config.minRsaBits into account when signing, verifying and encrypting messages, not just on key generation
  • Drop support for verification of detached cleartext signatures (#1265)
  • Add key.write() and update type definitions (#1267)
  • Simplify algorithm preference selection and normalize config names (#1262)
    • Rename config.compression to config.preferredCompressionAlgorithm
    • Rename config.encryptionCipher to config.preferredSymmetricAlgorithm
    • Rename config.preferHashAlgorithm to config.preferredHashAlgorithm
    • Rename config.aeadMode to config.preferredAeadAlgorithm
    • When encrypting to public keys, the compression/aead/symmetric algorithm is selected by:
      • taking the preferred algorithm specified in config, if it is supported by all recipients
      • otherwise, taking the "MUST implement" algorithm specified by rfc4880bis
    • When encrypting to passphrases only (no public keys), the preferred algorithms from config are always used
    • EdDSA signing with a hash algorithm weaker than sha256 is explicitly disallowed (https://tools.ietf.org/id/draft-ietf-openpgp-rfc4880bis-10.html#section-15-7.2)
Check out latest releases or
releases around openpgpjs/openpgpjs v5.0.0-2

Don't miss a new openpgpjs release

NewReleases is sending notifications on new releases.

Get notifications