This is a prerelease of v5.0.0. The full changelog since OpenPGP.js v4 can be found here. The changelog since v5.0.0-1 is:
- Remove
Key.prototype.encrypt
andKey.prototype.decrypt
in favor ofopenpgp.encryptKey
andopenpgp.decryptKey
(#1285) - Fix encoded length in unencrypted v5 secret key packets (#1278)
- Add
expectSigned
option toopenpgp.decrypt
andopenpgp.verify
(#1275) - Fix streaming verification example in README (#1269)
- Fix createMessage return type in type definitions (#1276)
- Test type definitions in Continuous Integration
- Disallow passing streams to
readKey[s]
,readSignature
andreadCleartextMessage
- Remove top-level streaming options, and only return a stream if a stream was passed
- Replace
Message.fromText
andMessage.fromBinary
withcreateMessage
, and replaceCleartextMessage.fromText
withcreateCleartextMessage
- Fetch Streams ponyfill on demand in lightweight build
- Internally use ArrayStreams instead of real streams when not streaming
- Use consistent name casing (#1268)
- Use PascalCase for classes (with uppercase acronyms)
- Use camelCase for function and variables (first word/acronym is always lowercase, otherwise acronyms are uppercase)
- Make the packet classes'
tag
propertiesstatic
- Add
config.rejectPublicKeyAlgorithms
(#1264)- Default to disallowing the use of ElGamal and DSA for verifying and signing or encrypting new messages
- When verifying a message, if the verification key is not found or too weak, the corresponding
signature
will havesignature.valid=false
(instead ofsignature.valid=null
);signature.error
will explain whether the key was missing/too weak/etc
- Take
config.minRsaBits
into account when signing, verifying and encrypting messages, not just on key generation - Drop support for verification of detached cleartext signatures (#1265)
- Add
key.write()
and update type definitions (#1267) - Simplify algorithm preference selection and normalize config names (#1262)
- Rename
config.compression
toconfig.preferredCompressionAlgorithm
- Rename
config.encryptionCipher
toconfig.preferredSymmetricAlgorithm
- Rename
config.preferHashAlgorithm
toconfig.preferredHashAlgorithm
- Rename
config.aeadMode
toconfig.preferredAeadAlgorithm
- When encrypting to public keys, the compression/aead/symmetric algorithm is selected by:
- taking the preferred algorithm specified in config, if it is supported by all recipients
- otherwise, taking the "MUST implement" algorithm specified by rfc4880bis
- When encrypting to passphrases only (no public keys), the preferred algorithms from
config
are always used - EdDSA signing with a hash algorithm weaker than sha256 is explicitly disallowed (https://tools.ietf.org/id/draft-ietf-openpgp-rfc4880bis-10.html#section-15-7.2)
- Rename