1## Changelog 2 3### 0.16.0 [2022-01-20] 4 5#### General 6 7* Added support for OpenSSL cryptography backend so RNP may be built and used on systems without the Botan installed. 8* Added compile-time switches to disable certain features (AEAD, Brainpool curves, SM2/SM3/SM4 algorithms, Twofish) 9* Fixed possible incompatibility with GnuPG on x25519 secret key export from RNP to GnuPG. 10* Fixed building if Git is not available. 11* Fixed export of non-FFI symbols from the rnp.so/rnp.dylib. 12* Fixed support for Gnu/Hurd (absence of PATH_MAX). 13* Added support for `None` compression algorithm. 14* Added support for the dumping of notation data signature subpackets. 15* Fixed key expiration time calculation in the case with newer non-primary self-certification. 16* Improved performance of key import (no key material checks) 17 18#### Security 19 20* Added initial support for customizable security profiles. 21* Mark SHA1 signatures produced later than 2019-01-19, as invalid. 22* Mark MD5 signatures produced later than 2012-01-01, as invalid. 23* Remove SHA1 and 3DES from the default key preferences. 24* Use SHA1 collision detection code when using SHA1. 25* Mark signatures with unknown critical notation as invalid. 26* Do not prematurely mark secret keys as valid. 27* Validate secret key material before the first operation. 28* Limit the number of possible message recipients/signatures to a reasonable value (16k). 29* Limit the number of signature subpackets during parsing. 30 31#### FFI 32 33* Added functions `rnp_backend_string()` and `rnp_backend_version()`. 34* Added functions `rnp_key_25519_bits_tweaked()` and `rnp_key_25519_bits_tweak()` to check and fix x25519 secret key bits. 35* Added security profile manipulation functions: `rnp_add_security_rule()`, `rnp_get_security_rule()`, `rnp_remove_security_rule()`. 36* Added function `rnp_signature_get_expiration()`. 37* Deprecate functions `rnp_enable_debug()`/`rnp_disable_debug()`. 38 39#### CLI 40 41* Write new detailed help messages for `rnp` and `rnpkeys`. 42* Added `-` (stdin) and `env:VAR_NAME` input specifiers, as well as `-` (stdout) output specifier. 43* Do not fail with empty keyrings if those are not needed for the operation. 44* Added algorithm aliases for better usability (i.e. `SHA-256`, `SHA256`, etc.). 45* Added option `--notty` to print everything to stdout instead of TTY. 46* Added command `--edit-key` with subcommands `--check-cv25519-bits` and `--fix-cv25519-bits`. 47* Remove support for `-o someoption=somevalue`, which is unused. 48* Remove no longer used support for additional debug dumping via `--debug source.c`. 49 50### 0.15.2 [2021-07-20] 51 52#### General 53 54* Be less strict in userid validation: allow to use userids with self-signature, which has key expiration in the past. 55* Do not mark signature as invalid if key which produced it is expired now, but was valid during signing. 56* Fix incorrect key expiration calculation in some cases. 57* Fix incorrect version number in the `version.txt`. 58 59#### FFI 60 61* Add function `rnp_key_get_default_key()` to pick the default key/subkey for the specific operation. 62* Allow to pass NULL hash parameter to `rnp_key_add_uid()` to pick the default one. 63* Use the same approach as in `rnp_op_encrypt_add_recipient()` for encryption subkey selection in `rnp_key_export_autocrypt()`. 64 65#### CLI 66 67* `rnp`: Show error message if encryption failed. 68* `rnpkeys` : Add `--expiration` option to specify expiration time during key generation. 69 70### 0.15.1 [2021-05-28] 71 72#### General 73 74* Make man pages building optional. 75* Fixed updating of expiration time for a key with multiple user ids. 76* Fixed key expiry check for keys valid after the year 2038. 77* Pick up key expiration time from direct-key signature or primary userid certification if available. 78 79#### FFI 80 81* Added function `rnp_key_valid_till64()` to correctly handle keys which expire after the year 2038. 82* Added `RNP_FEATURE_*` defines to be used instead of raw strings. 83 84#### Security 85 86* Fixed issue with cleartext key data after the `rnp_key_unprotect()`/`rnp_key_protect()` calls (CVE-2021-33589). 87 88### 0.15.0 [2021-04-04] 89 90#### General 91 92* Added CMake options to allow offline builds, i.e. without Googletest/ruby-rnp downloads. 93* Removed major library version from the library name (librnp-0.so/dll -> librnp.so/dll). 94* Improved handling of cleartext signatures, when empty line between headers and contents contains some whitespace characters. 95* Relaxed requirements for the armored messages CRC (allow absence of the CRC, and issue warning instead of complete failure). 96* Updated build instructions for MSVC. 97* Improved support of 32-bit platforms (year 2038 problem). 98 99#### CLI 100 101* Added up-to-date manual pages for `rnp` and `rnpkeys`. 102* rnpkeys: added `--remove-key` command. 103 104#### FFI 105 106* Added up-to-date manual page for `librnp`. 107* Added function `rnp_signature_remove` 108* Added function `rnp_uid_remove` 109* Added function `rnp_key_remove_signatures` for batch signature removal and filtering. 110 111### 0.14.0 [2021-01-15] 112 113#### General 114 115* Improved key validation: require to have at least one valid, non-expiring self signature. 116* Added support for 'stripped' keys without userids and certifications but with valid subkey binding signature. 117* Added support for Windows via MinGW/MSYS2. 118* Added support for Windows via MSVC. 119* Fixed secret key locking when it is updated with new signatures/subkeys. 120* Fixed key expiry/flags calculation (take in account only the latest valid self-signature/subkey binding). 121* Fixed MDC reading if it appears on 8k boundary. 122* Disabled logging by default in release builds and added support for environment variable `RNP_LOG_CONSOLE` to enable it back. 123* Fixed leading zeroes for secp521r1 b & n field constants. 124* Allowed keys and signatures with invalid MPI bit count. 125* Added support for private/experimental signature subpackets, used by GnuPG and other implementations. 126* Added support for reserved/placeholder signatures. 127* Added support for zero-size userid/attr packet. 128* Relaxed packet dumping, ignoring invalid packets and allowing to find wrong packet easier. 129* Improved logging of errored keys/subkeys information for easier debugging. 130* Fixed support for old RSA sign-only/encrypt-only and ElGamal encrypt-and-sign keys. 131* Fixed support for ElGamal keys larger then 3072 bits. 132* Fixed symbol visibility so only FFI functions are exposed outside of the library. 133* Added support for unwrapping of raw literal packets. 134* Fixed crash with non-detached signature input, fed into the `rnp_op_verify_detached_create()`. 135* Significantly reduced memory usage for the keys large number of signatures. 136* Fixed long armor header lines processing. 137* Added basic support for GnuPG's offline primary keys (`gnupg --export-secret-subkeys`) and secret keys, stored on card. 138* Fixed primary key binding signature validation when hash algorithm differs from the one used in the subkey binding signature. 139* Fixed multiple memory leaks related to invalid algorithms/versions/etc. 140* Fixed possible crashes during processing of malformed armored input. 141* Limited allowed nesting levels for OpenPGP packets. 142* Fixed support for text-mode signatures. 143* Replaced strcpy calls with std::string and memcpy where applicable. 144* Removed usage of mktemp, replacing it with mkstemp. 145* Replaced usage of deprecated `botan_pbkdf()` with `botan_pwdhash()`. 146* Added support for the marker packet, issued by some implementations. 147* Added support for unknown experimental s2ks. 148* Fixed armored message contents detection (so armored revocation signature is not more reported as the public key). 149* Changed behaviour to use latest encryption subkey by default. 150* Fixed support for widechar parameters/file names on Windows. 151* Implemented userid validity checks so only certified/non-expired/non-revoked userid may be searched. 152* Fixed GnuPG compatibility issues with CR (`\r`) characters in text-mode and cleartext-signed documents. 153* Improved performance of the key/uid signatures access. 154* Migrated tests to the Python 3. 155* Migrated most of the internal code to C++. 156 157#### CLI 158 159* Do not load keyring when it is not required, avoiding extra `keyring not found` output. 160* Input/output data via the tty, if available, instead of stdin/stdout. 161* Fixed possible crash when HOME variable is not set. 162* rnpkeys: Added `--import-sigs` and changed behavior of `--import` to check whether input is key or signature. 163* rnpkeys: Added `--export-rev` command to export key's revocation, parameters `--rev-type`, `--rev-reason`. 164* rnpkeys: Added `--revoke-key` command. 165* rnpkeys: Added `--permissive` parameter to `--import-keys` command. 166* rnpkeys: Added `--password` options, allowing to specify password and/or generate unprotected key. 167 168#### FFI 169 170* Added keystore type constants `RNP_KEYSTORE_*`. 171* Added `rnp_import_signatures`. 172* Added `rnp_key_export_revocation`. 173* Added `rnp_key_revoke`. 174* Added `rnp_request_password`. 175* Added `rnp_key_set_expiration` to update key's/subkey's expiration time. 176* Added flag `RNP_LOAD_SAVE_PERMISSIVE` to `rnp_import_keys`, allowing to skip erroneous packets. 177* Added flag `RNP_LOAD_SAVE_SINGLE`, allowing to import keys one-by-one. 178* Added `rnp_op_verify_get_protection_info` to check mode and cipher used to encrypt message. 179* Added functions to retrieve recipients information (`rnp_op_verify_get_recipient_count`, `rnp_op_verify_get_symenc_count`, etc.). 180* Added flag `RNP_KEY_REMOVE_SUBKEYS` to `rnp_key_remove` function. 181* Added function `rnp_output_pipe` allowing to write data from input to the output. 182* Added function `rnp_output_armor_set_line_length` allowing to change base64 encoding line length. 183* Added function `rnp_key_export_autocrypt` to export public key in autocrypt-compatible format. 184* Added functions to retrieve information about the secret key's protection (`rnp_key_get_protection_type`, etc.). 185* Added functions `rnp_uid_get_type`, `rnp_uid_get_data`, `rnp_uid_is_primary`. 186* Added function `rnp_uid_is_valid`. 187* Added functions `rnp_key_get_revocation_signature` and `rnp_uid_get_revocation_signature`. 188* Added function `rnp_signature_get_type`. 189* Added function `rnp_signature_is_valid`. 190* Added functions `rnp_key_is_valid` and `rnp_key_valid_till`. 191* Added exception guard to FFI boundary. 192* Fixed documentation for the `rnp_unload_keys` function. 193 194#### Security 195 196* Removed version header from armored messages (see https://mailarchive.ietf.org/arch/msg/openpgp/KikdJaxvdulxIRX_yxU2_i3lQ7A/ ). 197* Enabled fuzzing via oss-fuzz and fixed reported issues. 198* Fixed a bunch of issues reported by static analyzer. 199* Require at least Botan 2.14.0. 200 201### 0.13.1 [2020-01-15] 202#### Security 203 204* rnpkeys: Fix issue #1030 where rnpkeys would generate unprotected secret keys. 205 206### 0.13.0 [2019-12-31] 207#### General 208 209* Fixed a double-free on invalid armor headers. 210* Fixed broken versioning when used as a git submodule. 211* Fixed an infinite loop on parsing truncated armored keys. 212* Fixed armored stream parsing to be more flexible and allow blank lines before trailer. 213* Fixed the armor header for detached signatures (previously MESSAGE, now SIGNATURE). 214* Improved setting of default qbits for DSA. 215* Fixed a crash when retrieving signature revocation reason. 216* Stop using expensive tests for key material validation. 217 218#### CLI 219 220* rnpkeys: Removed a few redundant commands (--get-key, --print-sigs, --trusted-keys, ...). 221* rnpkeys: Added --secret option. 222* rnpkeys: Display 'ssb' for secret subkeys. 223* rnp: Added `--list-packets` parameters (`--json`, etc.). 224* rnp: Removed `--show-keys`. 225 226#### FFI 227 228* Added `rnp_version_commit_timestamp` to retrieve the commit timestamp 229 (for non-release builds). 230* Added a new (non-JSON) key generation API (`rnp_op_generate_create` etc.). 231* Added `rnp_unload_keys` function to unload all keys. 232* Added `rnp_key_remove` to unload a single key. 233* Expanded bit length support for JSON key generation. 234* Added `rnp_key_get_subkey_count`/`rnp_key_get_subkey_at`. 235* Added various key property accessors (`rnp_key_get_bits`, `rnp_key_get_curve`). 236* Added `rnp_op_generate_set_protection_password`. 237* Added `rnp_key_packets_to_json`/`rnp_dump_packets_to_json`. 238* Added `rnp_key_get_creation`, `rnp_key_get_expiration`. 239* Added `rnp_key_get_uid_handle_at`, `rnp_uid_is_revoked`, etc. 240* Added `rnp_key_is_revoked` and related functions to check for revocation. 241* Added `rnp_output_to_path` and `rnp_output_finish`. 242* Added `rnp_import_keys`. 243* Added `rnp_calculate_iterations`. 244* Added `rnp_supports_feature`/`rnp_supported_features`. 245* Added `rnp_enable_debug`/`rnp_disable_debug`. 246* Added `rnp_key_get_primary_grip`. 247* Added `rnp_output_to_armor`. 248* Added `rnp_op_generate_set_request_password`. 249* Added `rnp_dump_packets_to_output`. 250* Added `rnp_output_write`. 251* Added `rnp_guess_contents`. 252* Implemented `rnp_op_set_file_name`/`rnp_op_set_file_mtime`. 253* Added `rnp_op_encrypt_set_aead_bits`. 254* Added `rnp_op_verify_signature_get_handle`. 255* Added `rnp_signature_packet_to_json`. 256 257#### Packaging 258 259* RPM: Split packages into librnp0, librnp0-devel, and rnp0. 260 261### 0.12.0 [2019-01-13] 262#### General 263 264* We now require Botan 2.8+. 265* Fixed key grip calculations for various key types. 266* Fixed SM2 signatures hashing the hash of the message. See comment in issue #436. 267* Added support for G10 ECC keys. 268* Fixed dumping of partial-length packets. 269* Added support for extra ECC curves: 270 * Brainpool p256, p384, p512 ECDSA/ECDH 271 * secp256k1 ECDSA/ECDH 272 * x25519 273* Fixed AEAD with newer versions of Botan. 274* Removed a lot of legacy code. 275 276#### CLI 277 278* rnp: Added -f/--keyfile option to load keys directly from a file. 279* rnp: Fixed issue with selecting G10 secret keys via userid. 280* rnpkeys: Added support for SM2 with arbitrary hashes. 281* redumper: Added -g option to dump fingerprints and grips. 282* redumper: Display key id/fingerprint/grip in packet listings. 283 284#### FFI 285 286* Added FFI examples. 287* Fixed a regression with loading subkeys directly. 288* Implemented support for per-signature hash and creation/expiration time. 289* Added AEAD support. 290 291### 0.11.0 [2018-09-16] 292#### General 293 294* Remove some old SSH key support. 295* Add support for dynamically calculating the S2K iterations. 296* Add support for extracting the public key from the secret key. 297* Add support for merging information between keys. 298 299#### CLI 300 301* Add options for custom S2K iterations/times (dynamic by default). 302 303### 0.10.0 [2018-08-20] 304#### General 305 306* Fixed some compiler warnings. 307* Switched armoring to use PRIVATE KEY instead of SECRET KEY. 308 309#### ECDSA 310 311* Use the matching hash to be used for the deterministic nonce generation. 312* Check that the input is of the expected length. 313* Removed the code to truncate the ECDSA input since this is now handled by Botan. 314 315#### FFI 316 317* Added enarmor and dearmor support. 318* Added library version retrieval. 319* Removed rnp_export_public_key, added rnp_key_export. 320 321 322### 0.9.2 [2018-08-13] 323#### General 324 325* Support for generation and verification of embedded signature subpacket for signing subkeys 326* Verification of public key signatures and key material 327* Improved performance of asymmetric operations (key material is now validated on load) 328 329#### FFI 330 331* Fixed `rnp_op_add_signature` for G10 keys 332 333 334### 0.9.1 [2018-07-12] 335#### General 336 337* Added issuer fingerprint to certifications and subkey bindings. 338 339#### CLI 340 341* Added support for keyid/fpr usage with (some) spaces and 0x prefix in 342 operations (`--sign`, etc). 343 344#### FFI 345 346* Fixed key search by fingerprint. 347 348 349### 0.9.0 [2018-06-27] 350* First official release. 351