-
Notifications
You must be signed in to change notification settings - Fork 3
/
ChangeLog
221 lines (219 loc) · 15.8 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
Copyright (C) 2017, 2018, 2019, 2020, 2021,
2022 Heiko Stamer <[email protected]>
Permission is granted to copy, distribute and/or modify this document under
the terms of the GNU Free Documentation License, Version 1.3 or any later
version published by the Free Software Foundation; with no Invariant Sections,
no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included
in the sources of this package and additionally can be obtained from Internet
<https://www.gnu.org/licenses>.
* [2022-02-13] dkg-sop: fixed bug #62012 (AEAD still contain the MDC packet)
* [2021-03-21] dkg-sop: use subkey, if primary is not capable of signing data
* [2021-03-20] tools: added check for binding time of subkeys
* [2021-03-02] dkg-attest: fixed bug #60154 (hash calc first-party attestations)
* [2020-10-16] tools: fixed bug #59223 (finish the SOP implementation)
* [2020-08-17] tests: fixed bug #58772 (tests cannot be run in parallel)
* [2020-08-06] dkg-decrypt: fixed bug #58906 (removed obsolete zlib header fake)
* [2020-01-09] dkg-decrypt: added option "-B" (allow broken hash algorithms)
* [2020-01-09] dkg-timestamp-verify: added option "-B" (allow broken hash algos)
* [2020-01-09] dkg-verify: added option "-B" (allow broken hash algorithms)
* [2019-12-21] dkg-generate: added option "-n" (disable RFC 4880bis features)
* [2019-12-18] dkg-adduid,dkg-revuid: added check for valid UTF-8 encoding
* [2019-12-17] dkg-generate: added check for valid UTF-8 encoding (user ID)
* [2019-12-04] added program dkg-sop (Stateless OpenPGP Command Line Interface)
* [2019-11-16] auto-detect format of input files (only for options -i and -k)
* [2019-11-16] dkg-decrypt: removed option "-b" in favor of auto-detect format
* [2019-11-04] dkg-ecrypt: fixed bug #57098 (auto-detect format of input files)
* [2019-10-30] dkg-encrypt: fixed bug #57131 (use of non-prefered AEAD mode)
* [2019-10-28] dkg-sign: fixed bug #57134 (spurious newline on STDOUT)
* [2019-10-26] dkg-encrypt: fixed bug #57098 (accept non-armored keyring)
* [2019-10-25] dkg-generate: fixed bug #57111 (allow more than one user ID)
* [2019-10-22] dkg-encrypt: fixed bug #57099 (spurious newline on option "-i")
* [2019-09-15] dkg-timestamp: added option "-t" (use provided target hash value)
* [2019-09-15] raised requirements of libgmp, libgcrypt, and libgpg-error
* [2019-09-10] added program dkg-attest for creating 3rd-party cert attestations
* [2019-09-10] dkg-keycheck: added option "-a" (print attested 3rd-party certs)
* [2019-09-01] dkg-decrypt: added check for Intended Recipient Fingerprint
* [2019-08-30] dkg-decrypt: added option "-S" (decrypt by provided session key)
* [2019-08-29] dkg-revoke: changed semantics and added options "-i", "-o", "-s"
* [2019-08-07] dkg-gnunet-common: fixed CADET interfaces changed by GNUnet crew
* [2019-07-18] dkg-tcpip-common: added EPIPE handling and fixed a minor bug
* [2019-07-16] dkg-tcpip-common: don't allow TCP ports < 1024
* [2019-07-16] dkg-tcpip-common: changed signal handling and quit procedure
* [2019-07-14] release 1.1.3 of Distributed Privacy Guard (DKGPG)
* [2019-07-09] dkg-io: fixed get_passphrase() due to possible EOF on STDIN
* [2019-07-02] dkg-common: changed agree_time() w.r.t. deliver of self-messages
* [2019-06-30] dkg-tcpip-common: added SO_REUSEADDR inside tcpip_bindports()
* [2019-06-30] dkg-tcpip-common: added DKGPG_TCPIP_BIND_TIMEOUT for EADDRINUSE
* [2019-06-30] dkg-tcpip-common: added missing pipes for sending data from peer
to itself
* [2019-06-16] dkg-generate: added direct-key signature (0x1f) by default for
generated keys and bump internal protocol version to 1.1
* [2019-06-16] dkg-sign: added option "-5" (generate v5 signature format)
* [2019-06-15] dkg-decrypt: simplified CLI for symmetric-key decryption mode
* [2019-06-04] configure.ac: fixed unwanted modification of variable CPPFLAGS
* [2019-06-01] release 1.1.2 of Distributed Privacy Guard (DKGPG)
* [2019-05-26] dkg-keysign: added option "-a" (require confirmation from STDIN)
* [2019-05-25] dkg-keysign: added options "-K" and "-f" (read public key for
certification from a keyring)
* [2019-05-23] dkg-encrypt: changed encrypt_session_key() to handle v5 keys in
ECDH encryption as required by [draft RFC 4880bis]
* [2019-05-22] added non-installing program dkg-fuzzer (generate fuzzy samples)
* [2019-05-18] dkg-decrypt: fixed "ZLIB ERROR: -3 invalid block type"
* [2019-05-17] dkg-decrypt: fixed SKESK V4 decryption by adding decrypt_kek()
* [2019-05-17] dkg-encrypt: added symmetric-key encrypted session key (SKESK)
* [2019-05-04] dkg-decrypt: added option "-s" (allow signed-only message)
* [2019-05-02] dkg-addrevoker,dkg-keysign,dkg-sign,dkg-revoke,dkg-timestamp:
avoid fingerprint recomputation w.r.t. recently changed format
* [2019-05-01] dkg-encrypt,dkg-keyinfo,dkg-keycheck,dkg-keysign: simplified
fingerprint/key ID handling (avoids double computation)
* [2019-04-29] dkg-sign,dkg-keysign,dkg-timestamp,dkg-timestamp-verify,
dkg-decrypt,dkg-encrypt: decrease verbosity of keyring parsing
* [2019-04-27] release 1.1.1 of Distributed Privacy Guard (DKGPG)
* [2019-04-27] dkg-keycheck,dkg-verify: decrease verbosity of keyring parsing
* [2019-04-27] dkg-common: added wait_instance() and fork, if option "-y" given
* [2019-04-16] dkg-decrypt: added auto-detection for "end of message" in input
* [2019-03-18] dkg-decrypt: changed input ending for STDIN (because ^D fails)
* [2019-03-18] dkg-tcpip-common: added missing sanity check for FD_SET
* [2019-03-17] dkg-encrypt: fixes check for encryption-capable primary keys
* [2019-02-07] dkg-tcpip-common: setting ai_family to AF_UNSPEC (fix resolving)
* [2019-01-16] configure.ac: added compiler option "-Wextra"
* [2019-01-12] dkg-generate: added option "--no-passphrase" (disable protection)
* [2019-01-12] dkg-generate: added option "-u" (provide user ID by cmdline)
* [2019-01-05] dkg-keycheck: increased number of small primes (B = 80000)
* [2018-12-16] dkg-gencrs,dkg-generate,dkg-encrypt,dkg-keycheck: fixes too late
initialization of LibTMCG resp. libgcrypt during some test cases
* [2018-12-15] changed syncronization time for the final rounds of RBC protocol
* [2018-12-14] changed some test cases with key usage flag for timestamping
* [2018-12-14] dkg-timestamp: allow only keys with dedicated usage flag
* [2018-12-14] dkg-timestamp-verify: allow only keys with dedicated usage flag
* [2018-12-14] dkg-keyinfo: added output of key usage flag for timestamping
* [2018-12-08] release 1.1.0 of Distributed Privacy Guard (DKGPG)
* [2018-12-03] dkg-encrypt: added option "-a" (enforce use of AEAD algorithm)
* [2018-11-24] dkg-gencrs: added option "-r" (domain parameters from RFC 7919)
* [2018-11-23] dkg-generate: added option "--timestamping" (set key usage flag)
* [2018-11-19] dkg-decrypt,dkg-encrypt: added AEAD support [draft RFC 4880bis]
* [2018-11-11] release 1.0.9 of Distributed Privacy Guard (DKGPG)
* [2018-11-10] added program dkg-addrevoke to specify an external revoker
* [2018-11-05] added program dkg-revuid to revoke an existing user ID
* [2018-11-03] dkg-revoke: added option "-R" (human-readable reason)
* [2018-11-03] dkg-revoke: added output of updated public key to STDOUT
* [2018-11-03] dkg-revoke: added error handling for some bad revocation codes
* [2018-10-31] added program dkg-adduid for creating additional user IDs
* [2018-10-30] dkg-decrypt: extended option "-k" (verify included signatures)
* [2018-10-29] updated some manual pages (dkg-encrypt and dkg-decrypt)
* [2018-10-28] dkg-decrypt: verify MDC before parsing of any decrypted content
* [2018-10-20] dkg-generate,dkg-decrypt: fixes some non-string inputs of myID
* [2018-09-12] release 1.0.8 of Distributed Privacy Guard (DKGPG)
* [2018-09-09] added protocol version to interactive programs by RBC->setID()
* [2018-09-01] dkg-keycheck: added option "-o" (export reduced public key)
* [2018-08-31] dkg-keycheck,dkg-keysign,dkg-sign: added support for EdDSA
* [2018-08-30] dkg-timestamp: added option "-a" (include accuracy of timestamp)
* [2018-08-24] added program dkg-timestamp-verify for checking these signatures
* [2018-08-24] added program dkg-timestamp for creating timestamp signatures
* [2018-08-22] dkg-sign,dkg-generate,dkg-keysign,dkg-revoke: Issuer Fingerprint
* [2018-08-18] dkg-keycheck: added option "-y" (yet-another-openpgp-tool)
* [2018-08-17] used the improved secure memory capability of LibTMCG
* [2018-08-15] dkg-encrypt,dkg-decrypt: added support for ECDH [RFC 6637]
* [2018-08-13] dkg-decrypt: added support for symmetric-key decryption (SKESK)
* [2018-08-11] dkg-sign: added option "-C" (cleartext signature framework)
* [2018-08-11] dkg-sign,dkg-decrypt: added option "-E" (enable passphrase echo)
* [2018-08-11] dkg-verify: added support for verifying text document signatures
* [2018-08-10] dkg-encrypt: added option "-r" (select recipients by fingerprint)
* [2018-08-09] dkg-verify: look for issuer's key in keyring, if KEYFILE omitted
* [2018-08-09] dkg-verify: added option "-s" (reading signature from file)
* [2018-08-08] dkg-decrypt: added bzip2 support for compressed messages
* [2018-08-08] dkg-encrypt: added fingerprint support for option "-s"
* [2018-08-08] dkg-decrypt: added support for more than one admissible PKESK
* [2018-08-06] dkg-decrypt: refined selecting of the decryption subkey
* [2018-08-05] dkg-decrypt: added zlib support for compressed messages
* [2018-08-04] added another test suite for testing programs with option "-y"
* [2018-08-03] dkg-generate: added option "-y" (yet-another-openpgp-tool)
* [2018-08-03] dkg-decrypt: added option "-y" (yet-another-openpgp-tool)
* [2018-07-22] dkg-keysign: added option "-y" (yet-another-openpgp-tool)
* [2018-07-21] dkg-sign: added option "-y" (yet-another-openpgp-tool)
* [2018-07-15] dkg-verify: added ECC algorithm 19 (ECDSA) from RFC 6637
* [2018-06-26] release 1.0.7 of Distributed Privacy Guard (DKGPG)
* [2018-06-21] dkg-sign: added option "-t" (cleartext signature framework)
* [2018-06-18] dkg-keycheck,dkg-keyinfo,dkg-keysign: sanitized output of user ID
* [2018-06-02] fell the requirement of libgcrypt version to >= 1.6.0
* [2018-05-27] dkg-refresh: replace OpenPGP parsing by functions from LibTMCG
* [2018-05-27] dkg-refresh: added option "-k" (keyring with external keys)
* [2018-05-27] dkg-revoke: replace OpenPGP parsing by functions from LibTMCG
* [2018-05-27] dkg-revoke: added option "-k" (keyring with external keys)
* [2018-05-26] dkg-keysign: replace OpenPGP parsing by functions from LibTMCG
* [2018-05-26] dkg-sign: added option "-k" (keyring with external keys)
* [2018-05-26] dkg-sign: replace OpenPGP parsing by functions from LibTMCG
* [2018-05-26] dkg-decrypt: added option "-k" (keyring with external keys)
* [2018-05-26] dkg-decrypt: replace OpenPGP parsing by functions from LibTMCG
* [2018-05-25] dkg-keyinfo: added option "-k" (keyring with external keys)
* [2018-05-25] dkg-keyinfo: replace OpenPGP parsing by functions from LibTMCG
* [2018-05-19] dkg-decrypt: replace OpenPGP parsing by functions from LibTMCG
* [2018-05-13] dkg-keycheck: added option "-p" (read from private key block)
* [2018-04-25] dkg-keycheck: include signatures from user attributes
* [2018-04-25] raised requirement for LibTMCG to version 1.3.13
* [2018-03-20] release 1.0.6 of Distributed Privacy Guard (DKGPG)
* [2018-03-19] dkg-keysign: added option "-k" (keyring with external keys)
* [2018-03-19] dkg-encrypt: added option "-k" (keyring with external keys)
* [2018-03-19] dkg-verify: added option "-k" (keyring with external keys)
* [2018-03-19] dkg-keycheck: added option "-k" (keyring with external keys)
* [2018-03-16] dkg-keycheck: added output of allowed external revocation keys
* [2018-03-14] dkg-encrypt: added option "-s" to select appropriate subkey
* [2018-03-14] dkg-encrypt: renamed option "-z" to "-t" for convenience
* [2018-03-14] dkg-keysign: include only exportable signatures to output
* [2018-03-14] check and set strict permissions (0600) for private key file
* [2018-03-13] dkg-sign: added option "-U" (policy URI) and improved manpage
* [2018-03-12] dkg-refresh: support generic verification and public key parsing
* [2018-03-11] dkg-keysign: added options "-1" through "-3" (validation level)
* [2018-03-09] dkg-keysign: added option "-u" (select user IDs) for CLT18
* [2018-03-04] dkg-keysign: support generic verification and public key parsing
* [2018-03-03] dkg-verify: support generic verification and public key parsing
* [2018-03-03] dkg-encrypt: support generic encryption and public key parsing
* [2018-02-27] dkg-generate: added no-modify key server preferences (0x80)
* [2018-02-24] improved error handling for unrecognized OpenPGP (sub)packets
* [2018-02-24] dkg-keycheck: changed semantics of option "-r" (reduce subkeys)
* [2018-02-24] dkg-keycheck: uses new public-key block parser from LibTMCG
* [2018-02-10] new default domain parameter set (CRS) due to LibTMCG changes
* [2018-02-10] raised the requirement of libgcrypt version to >= 1.7.0
* [2018-02-08] release 1.0.5 of Distributed Privacy Guard (DKGPG)
* [2018-02-05] added secure memory allocation from libgcrypt for some parts
* [2018-01-28] dkg-verify: added options "-f" and "-t" for a validity period
* [2018-01-27] added simple initalization procedure for memory locking
* [2018-01-27] added basic check on signature strength in parse_signature()
* [2018-01-27] added some basic checks on key strength in parse_public_key()
* [2018-01-21] added check for revocation signatures in parse_public_key()
* [2018-01-20] dkg-encrypt: added option "-z" for improved privacy (zero key ID)
* [2018-01-19] dkg-verify: added validity checks on key and signature
* [2018-01-17] dkg-keycheck: added ROCA vulnerability detector (Infineon RSALib)
* [2018-01-12] added option "-U" for dkg-keysign (policy URI)
* [2018-01-12] added option "-r" for dkg-keysign (revocation signature)
* [2018-01-10] added option "-r" for dkg-keycheck (support for RSA keys)
* [2018-01-08] added program dkg-keysign for creating certification signatures
* [2018-01-07] dkg-decrypt: removed support for not integrity protected messages
* [2018-01-06] dkg-keycheck: added test for small/same k in DSA signatures
* [2017-12-24] dkg-refresh: added cache for very strong randomness
* [2017-12-23] release 1.0.4 of Distributed Privacy Guard (DKGPG)
* [2017-12-14] fixes too strict checks for unexpected OpenPGP packets
* [2017-12-10] release 1.0.3 of Distributed Privacy Guard (DKGPG)
* [2017-12-06] improved error handling for unrecognized OpenPGP packets
* [2017-12-03] dkg-keyinfo: increased verbosity (displaying C_ik's)
* [2017-12-02] release 1.0.2 of Distributed Privacy Guard (DKGPG)
* [2017-12-01] adjusted flags of shared DSA keys due to RFC 4880 requirement
* [2017-11-26] added support for binary input with option "-b"
* [2017-11-25] added support for verification of some V3 signatures
* [2017-11-24] fixes subkey binding signature ordering for verification
* [2017-11-21] added program dkg-keycheck for analyzing public DSA/ElGamal keys
* [2017-11-21] dkg-keyinfo: added some basic checks on p, q, g, h, and y
* [2017-11-19] removes requirement of ElGamal subkey for dkg-verify
* [2017-11-19] release 1.0.1 of Distributed Privacy Guard (DKGPG)
* [2017-11-16] fixes further memory leaks found by valgrind
* [2017-11-16] fixes small memory leak in parsing OpenPGP packets
* [2017-11-15] added option "-W" for dkg-decrypt (interactive) and dkg-refresh
* [2017-11-12] added option "-m" (migration of a peer identity) for dkg-keyinfo
* [2017-11-12] removed echo of characters when reading passphrase from STDIN
* [2017-11-11] initial release 1.0.0 of Distributed Privacy Guard (DKGPG)
* [2017-11-08] introduce new private key type 107 to fix dkg-refresh
* [2017-11-06] bugfix: release memory and containers, if private key is read
again due to a required S2K passphrase
* [2017-11-05] added test suite and some basic test cases
* [2017-11-03] added option "-W" for dkg-sign and dkg-revoke
* [2017-11-02] added option "-W" (aiou message timeout) for dkg-generate