I'm pleased to announce the release of version 1.14.0 of sequoia-openpgp, our low-level OpenPGP library.
I have published sequoia-openpgp on crates.io:
You can also fetch version 1.14.0 using the openpgp/v1.14.0 tag:
which I signed:
$ git verify-tag openpgp/v1.14.0 gpg: Signature made Thu Mar 23 15:43:58 2023 +01:00 gpg: using RSA key C03FA6411B03AE12576461187223B56678E02528 gpg: Good signature from "Neal H. Walfield email@example.com" [ultimate] gpg: "Neal H. Walfield firstname.lastname@example.org" gpg: "Neal H. Walfield email@example.com" gpg: "Neal H. Walfield firstname.lastname@example.org" gpg: "Neal H. Walfield email@example.com"
A notable change in this release is support for Botan, a new cryptographic backend:
sequoia-openpgp now supports five cryptographic backends:
- Nettle - OpenSSL - Botan - Windows CNG (Windows only) - Rust Crypto
We also audited our protected memory mechanism, and found that there are several cases where secrets were not cleared when the memory was freed. We created a tool to partially automate searching for these types of leaks. We've fixed the cases that we found. For those interested in the details, please refer to these MRs:
This release includes several minor performance improvements.
In addition, the following functionality was added:
- crypto::mem::Protected::new - crypto::mpi::SecretKeyMaterial::from_bytes - crypto::mpi::SecretKeyMaterial::from_bytes_with_checksum - fmt::hex::Dumper::with_offset - parse::buffered_reader re-export - policy::AsymmetricAlgorithm::BrainpoolP384 - RawCert implements Parse
And, the following functions were deprecated:
- crypto::mpi::SecretKeyMaterial::parse - crypto::mpi::SecretKeyMaterial::parse_with_checksum
Neal on behalf of the whole Sequoia PGP team