1## Changelog
2
3### 0.16.0 [2022-01-20]
4
5#### General
6
7* Added support for OpenSSL cryptography backend so RNP may be built and used on systems without the Botan installed.
8* Added compile-time switches to disable certain features (AEAD, Brainpool curves, SM2/SM3/SM4 algorithms, Twofish)
9* Fixed possible incompatibility with GnuPG on x25519 secret key export from RNP to GnuPG.
10* Fixed building if Git is not available.
11* Fixed export of non-FFI symbols from the rnp.so/rnp.dylib.
12* Fixed support for Gnu/Hurd (absence of PATH_MAX).
13* Added support for `None` compression algorithm.
14* Added support for the dumping of notation data signature subpackets.
15* Fixed key expiration time calculation in the case with newer non-primary self-certification.
16* Improved performance of key import (no key material checks)
17
18#### Security
19
20* Added initial support for customizable security profiles.
21* Mark SHA1 signatures produced later than 2019-01-19, as invalid.
22* Mark MD5 signatures produced later than 2012-01-01, as invalid.
23* Remove SHA1 and 3DES from the default key preferences.
24* Use SHA1 collision detection code when using SHA1.
25* Mark signatures with unknown critical notation as invalid.
26* Do not prematurely mark secret keys as valid.
27* Validate secret key material before the first operation.
28* Limit the number of possible message recipients/signatures to a reasonable value (16k).
29* Limit the number of signature subpackets during parsing.
30
31#### FFI
32
33* Added functions `rnp_backend_string()` and `rnp_backend_version()`.
34* Added functions `rnp_key_25519_bits_tweaked()` and `rnp_key_25519_bits_tweak()` to check and fix x25519 secret key bits.
35* Added security profile manipulation functions: `rnp_add_security_rule()`, `rnp_get_security_rule()`, `rnp_remove_security_rule()`.
36* Added function `rnp_signature_get_expiration()`.
37* Deprecate functions `rnp_enable_debug()`/`rnp_disable_debug()`.
38
39#### CLI
40
41* Write new detailed help messages for `rnp` and `rnpkeys`.
42* Added `-` (stdin) and `env:VAR_NAME` input specifiers, as well as `-` (stdout) output specifier.
43* Do not fail with empty keyrings if those are not needed for the operation.
44* Added algorithm aliases for better usability (i.e. `SHA-256`, `SHA256`, etc.).
45* Added option `--notty` to print everything to stdout instead of TTY.
46* Added command `--edit-key` with subcommands `--check-cv25519-bits` and `--fix-cv25519-bits`.
47* Remove support for `-o someoption=somevalue`, which is unused.
48* Remove no longer used support for additional debug dumping via `--debug source.c`.
49
50### 0.15.2 [2021-07-20]
51
52#### General
53
54* Be less strict in userid validation: allow to use userids with self-signature, which has key expiration in the past.
55* Do not mark signature as invalid if key which produced it is expired now, but was valid during signing.
56* Fix incorrect key expiration calculation in some cases.
57* Fix incorrect version number in the `version.txt`.
58
59#### FFI
60
61* Add function `rnp_key_get_default_key()` to pick the default key/subkey for the specific operation.
62* Allow to pass NULL hash parameter to `rnp_key_add_uid()` to pick the default one.
63* Use the same approach as in `rnp_op_encrypt_add_recipient()` for encryption subkey selection in `rnp_key_export_autocrypt()`.
64
65#### CLI
66
67* `rnp`: Show error message if encryption failed.
68* `rnpkeys` : Add `--expiration` option to specify expiration time during key generation.
69
70### 0.15.1 [2021-05-28]
71
72#### General
73
74* Make man pages building optional.
75* Fixed updating of expiration time for a key with multiple user ids.
76* Fixed key expiry check for keys valid after the year 2038.
77* Pick up key expiration time from direct-key signature or primary userid certification if available.
78
79#### FFI
80
81* Added function `rnp_key_valid_till64()` to correctly handle keys which expire after the year 2038.
82* Added `RNP_FEATURE_*` defines to be used instead of raw strings.
83
84#### Security
85
86* Fixed issue with cleartext key data after the `rnp_key_unprotect()`/`rnp_key_protect()` calls (CVE-2021-33589).
87
88### 0.15.0 [2021-04-04]
89
90#### General
91
92* Added CMake options to allow offline builds, i.e. without Googletest/ruby-rnp downloads.
93* Removed major library version from the library name (librnp-0.so/dll -> librnp.so/dll).
94* Improved handling of cleartext signatures, when empty line between headers and contents contains some whitespace characters.
95* Relaxed requirements for the armored messages CRC (allow absence of the CRC, and issue warning instead of complete failure).
96* Updated build instructions for MSVC.
97* Improved support of 32-bit platforms (year 2038 problem).
98
99#### CLI
100
101* Added up-to-date manual pages for `rnp` and `rnpkeys`.
102* rnpkeys: added `--remove-key` command.
103
104#### FFI
105
106* Added up-to-date manual page for `librnp`.
107* Added function `rnp_signature_remove`
108* Added function `rnp_uid_remove`
109* Added function `rnp_key_remove_signatures` for batch signature removal and filtering.
110
111### 0.14.0 [2021-01-15]
112
113#### General
114
115* Improved key validation: require to have at least one valid, non-expiring self signature.
116* Added support for 'stripped' keys without userids and certifications but with valid subkey binding signature.
117* Added support for Windows via MinGW/MSYS2.
118* Added support for Windows via MSVC.
119* Fixed secret key locking when it is updated with new signatures/subkeys.
120* Fixed key expiry/flags calculation (take in account only the latest valid self-signature/subkey binding).
121* Fixed MDC reading if it appears on 8k boundary.
122* Disabled logging by default in release builds and added support for environment variable `RNP_LOG_CONSOLE` to enable it back.
123* Fixed leading zeroes for secp521r1 b & n field constants.
124* Allowed keys and signatures with invalid MPI bit count.
125* Added support for private/experimental signature subpackets, used by GnuPG and other implementations.
126* Added support for reserved/placeholder signatures.
127* Added support for zero-size userid/attr packet.
128* Relaxed packet dumping, ignoring invalid packets and allowing to find wrong packet easier.
129* Improved logging of errored keys/subkeys information for easier debugging.
130* Fixed support for old RSA sign-only/encrypt-only and ElGamal encrypt-and-sign keys.
131* Fixed support for ElGamal keys larger then 3072 bits.
132* Fixed symbol visibility so only FFI functions are exposed outside of the library.
133* Added support for unwrapping of raw literal packets.
134* Fixed crash with non-detached signature input, fed into the `rnp_op_verify_detached_create()`.
135* Significantly reduced memory usage for the keys large number of signatures.
136* Fixed long armor header lines processing.
137* Added basic support for GnuPG's offline primary keys (`gnupg --export-secret-subkeys`) and secret keys, stored on card.
138* Fixed primary key binding signature validation when hash algorithm differs from the one used in the subkey binding signature.
139* Fixed multiple memory leaks related to invalid algorithms/versions/etc.
140* Fixed possible crashes during processing of malformed armored input.
141* Limited allowed nesting levels for OpenPGP packets.
142* Fixed support for text-mode signatures.
143* Replaced strcpy calls with std::string and memcpy where applicable.
144* Removed usage of mktemp, replacing it with mkstemp.
145* Replaced usage of deprecated `botan_pbkdf()` with `botan_pwdhash()`.
146* Added support for the marker packet, issued by some implementations.
147* Added support for unknown experimental s2ks.
148* Fixed armored message contents detection (so armored revocation signature is not more reported as the public key).
149* Changed behaviour to use latest encryption subkey by default.
150* Fixed support for widechar parameters/file names on Windows.
151* Implemented userid validity checks so only certified/non-expired/non-revoked userid may be searched.
152* Fixed GnuPG compatibility issues with CR (`\r`) characters in text-mode and cleartext-signed documents.
153* Improved performance of the key/uid signatures access.
154* Migrated tests to the Python 3.
155* Migrated most of the internal code to C++.
156
157#### CLI
158
159* Do not load keyring when it is not required, avoiding extra `keyring not found` output.
160* Input/output data via the tty, if available, instead of stdin/stdout.
161* Fixed possible crash when HOME variable is not set.
162* rnpkeys: Added `--import-sigs` and changed behavior of `--import` to check whether input is key or signature.
163* rnpkeys: Added `--export-rev` command to export key's revocation, parameters `--rev-type`, `--rev-reason`.
164* rnpkeys: Added `--revoke-key` command.
165* rnpkeys: Added `--permissive` parameter to `--import-keys` command.
166* rnpkeys: Added `--password` options, allowing to specify password and/or generate unprotected key.
167
168#### FFI
169
170* Added keystore type constants `RNP_KEYSTORE_*`.
171* Added `rnp_import_signatures`.
172* Added `rnp_key_export_revocation`.
173* Added `rnp_key_revoke`.
174* Added `rnp_request_password`.
175* Added `rnp_key_set_expiration` to update key's/subkey's expiration time.
176* Added flag `RNP_LOAD_SAVE_PERMISSIVE` to `rnp_import_keys`, allowing to skip erroneous packets.
177* Added flag `RNP_LOAD_SAVE_SINGLE`, allowing to import keys one-by-one.
178* Added `rnp_op_verify_get_protection_info` to check mode and cipher used to encrypt message.
179* Added functions to retrieve recipients information (`rnp_op_verify_get_recipient_count`, `rnp_op_verify_get_symenc_count`, etc.).
180* Added flag `RNP_KEY_REMOVE_SUBKEYS` to `rnp_key_remove` function.
181* Added function `rnp_output_pipe` allowing to write data from input to the output.
182* Added function `rnp_output_armor_set_line_length` allowing to change base64 encoding line length.
183* Added function `rnp_key_export_autocrypt` to export public key in autocrypt-compatible format.
184* Added functions to retrieve information about the secret key's protection (`rnp_key_get_protection_type`, etc.).
185* Added functions `rnp_uid_get_type`, `rnp_uid_get_data`, `rnp_uid_is_primary`.
186* Added function `rnp_uid_is_valid`.
187* Added functions `rnp_key_get_revocation_signature` and `rnp_uid_get_revocation_signature`.
188* Added function `rnp_signature_get_type`.
189* Added function `rnp_signature_is_valid`.
190* Added functions `rnp_key_is_valid` and `rnp_key_valid_till`.
191* Added exception guard to FFI boundary.
192* Fixed documentation for the `rnp_unload_keys` function.
193
194#### Security
195
196* Removed version header from armored messages (see https://mailarchive.ietf.org/arch/msg/openpgp/KikdJaxvdulxIRX_yxU2_i3lQ7A/ ).
197* Enabled fuzzing via oss-fuzz and fixed reported issues.
198* Fixed a bunch of issues reported by static analyzer.
199* Require at least Botan 2.14.0.
200
201### 0.13.1 [2020-01-15]
202#### Security
203
204* rnpkeys: Fix issue #1030 where rnpkeys would generate unprotected secret keys.
205
206### 0.13.0 [2019-12-31]
207#### General
208
209* Fixed a double-free on invalid armor headers.
210* Fixed broken versioning when used as a git submodule.
211* Fixed an infinite loop on parsing truncated armored keys.
212* Fixed armored stream parsing to be more flexible and allow blank lines before trailer.
213* Fixed the armor header for detached signatures (previously MESSAGE, now SIGNATURE).
214* Improved setting of default qbits for DSA.
215* Fixed a crash when retrieving signature revocation reason.
216* Stop using expensive tests for key material validation.
217
218#### CLI
219
220* rnpkeys: Removed a few redundant commands (--get-key, --print-sigs, --trusted-keys, ...).
221* rnpkeys: Added --secret option.
222* rnpkeys: Display 'ssb' for secret subkeys.
223* rnp: Added `--list-packets` parameters (`--json`, etc.).
224* rnp: Removed `--show-keys`.
225
226#### FFI
227
228* Added `rnp_version_commit_timestamp` to retrieve the commit timestamp
229  (for non-release builds).
230* Added a new (non-JSON) key generation API (`rnp_op_generate_create` etc.).
231* Added `rnp_unload_keys` function to unload all keys.
232* Added `rnp_key_remove` to unload a single key.
233* Expanded bit length support for JSON key generation.
234* Added `rnp_key_get_subkey_count`/`rnp_key_get_subkey_at`.
235* Added various key property accessors (`rnp_key_get_bits`, `rnp_key_get_curve`).
236* Added `rnp_op_generate_set_protection_password`.
237* Added `rnp_key_packets_to_json`/`rnp_dump_packets_to_json`.
238* Added `rnp_key_get_creation`, `rnp_key_get_expiration`.
239* Added `rnp_key_get_uid_handle_at`, `rnp_uid_is_revoked`, etc.
240* Added `rnp_key_is_revoked` and related functions to check for revocation.
241* Added `rnp_output_to_path` and `rnp_output_finish`.
242* Added `rnp_import_keys`.
243* Added `rnp_calculate_iterations`.
244* Added `rnp_supports_feature`/`rnp_supported_features`.
245* Added `rnp_enable_debug`/`rnp_disable_debug`.
246* Added `rnp_key_get_primary_grip`.
247* Added `rnp_output_to_armor`.
248* Added `rnp_op_generate_set_request_password`.
249* Added `rnp_dump_packets_to_output`.
250* Added `rnp_output_write`.
251* Added `rnp_guess_contents`.
252* Implemented `rnp_op_set_file_name`/`rnp_op_set_file_mtime`.
253* Added `rnp_op_encrypt_set_aead_bits`.
254* Added `rnp_op_verify_signature_get_handle`.
255* Added `rnp_signature_packet_to_json`.
256
257#### Packaging
258
259* RPM: Split packages into librnp0, librnp0-devel, and rnp0.
260
261### 0.12.0 [2019-01-13]
262#### General
263
264* We now require Botan 2.8+.
265* Fixed key grip calculations for various key types.
266* Fixed SM2 signatures hashing the hash of the message. See comment in issue #436.
267* Added support for G10 ECC keys.
268* Fixed dumping of partial-length packets.
269* Added support for extra ECC curves:
270  * Brainpool p256, p384, p512 ECDSA/ECDH
271  * secp256k1 ECDSA/ECDH
272  * x25519
273* Fixed AEAD with newer versions of Botan.
274* Removed a lot of legacy code.
275
276#### CLI
277
278* rnp: Added -f/--keyfile option to load keys directly from a file.
279* rnp: Fixed issue with selecting G10 secret keys via userid.
280* rnpkeys: Added support for SM2 with arbitrary hashes.
281* redumper: Added -g option to dump fingerprints and grips.
282* redumper: Display key id/fingerprint/grip in packet listings.
283
284#### FFI
285
286* Added FFI examples.
287* Fixed a regression with loading subkeys directly.
288* Implemented support for per-signature hash and creation/expiration time.
289* Added AEAD support.
290
291### 0.11.0 [2018-09-16]
292#### General
293
294* Remove some old SSH key support.
295* Add support for dynamically calculating the S2K iterations.
296* Add support for extracting the public key from the secret key.
297* Add support for merging information between keys.
298
299#### CLI
300
301* Add options for custom S2K iterations/times (dynamic by default).
302
303### 0.10.0 [2018-08-20]
304#### General
305
306* Fixed some compiler warnings.
307* Switched armoring to use PRIVATE KEY instead of SECRET KEY.
308
309#### ECDSA
310
311* Use the matching hash to be used for the deterministic nonce generation.
312* Check that the input is of the expected length.
313* Removed the code to truncate the ECDSA input since this is now handled by Botan.
314
315#### FFI
316
317* Added enarmor and dearmor support.
318* Added library version retrieval.
319* Removed rnp_export_public_key, added rnp_key_export.
320
321
322### 0.9.2 [2018-08-13]
323#### General
324
325* Support for generation and verification of embedded signature subpacket for signing subkeys
326* Verification of public key signatures and key material
327* Improved performance of asymmetric operations (key material is now validated on load)
328
329#### FFI
330
331* Fixed `rnp_op_add_signature` for G10 keys
332
333
334### 0.9.1 [2018-07-12]
335#### General
336
337* Added issuer fingerprint to certifications and subkey bindings.
338
339#### CLI
340
341* Added support for keyid/fpr usage with (some) spaces and 0x prefix in
342  operations (`--sign`, etc).
343
344#### FFI
345
346* Fixed key search by fingerprint.
347
348
349### 0.9.0 [2018-06-27]
350* First official release.
351