Hi everyone,
I'm pleased to announce the release of version 1.14.0 of sequoia-openpgp, our low-level OpenPGP library.
I have published sequoia-openpgp on crates.io:
https://crates.io/crates/sequoia-openpgp
You can also fetch version 1.14.0 using the openpgp/v1.14.0 tag:
https://gitlab.com/sequoia-pgp/sequoia/-/tags/openpgp/v1.14.0
which I signed:
$ git verify-tag openpgp/v1.14.0 gpg: Signature made Thu Mar 23 15:43:58 2023 +01:00 gpg: using RSA key C03FA6411B03AE12576461187223B56678E02528 gpg: Good signature from "Neal H. Walfield neal@walfield.org" [ultimate] gpg: "Neal H. Walfield neal@gnupg.org" gpg: "Neal H. Walfield neal@pep-project.org" gpg: "Neal H. Walfield neal@pep.foundation" gpg: "Neal H. Walfield neal@sequoia-pgp.org"
A notable change in this release is support for Botan, a new cryptographic backend:
sequoia-openpgp now supports five cryptographic backends:
- Nettle - OpenSSL - Botan - Windows CNG (Windows only) - Rust Crypto
We also audited our protected memory mechanism, and found that there are several cases where secrets were not cleared when the memory was freed. We created a tool to partially automate searching for these types of leaks. We've fixed the cases that we found. For those interested in the details, please refer to these MRs:
https://gitlab.com/sequoia-pgp/sequoia/-/merge_requests/1436/commits https://gitlab.com/sequoia-pgp/sequoia/-/merge_requests/1440/commits
This release includes several minor performance improvements.
In addition, the following functionality was added:
- crypto::mem::Protected::new - crypto::mpi::SecretKeyMaterial::from_bytes - crypto::mpi::SecretKeyMaterial::from_bytes_with_checksum - fmt::hex::Dumper::with_offset - parse::buffered_reader re-export - policy::AsymmetricAlgorithm::BrainpoolP384 - RawCert implements Parse
And, the following functions were deprecated:
- crypto::mpi::SecretKeyMaterial::parse - crypto::mpi::SecretKeyMaterial::parse_with_checksum
Neal on behalf of the whole Sequoia PGP team