mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
266 lines
9.2 KiB
Plaintext
266 lines
9.2 KiB
Plaintext
Noteworthy changes in version 0.2.18
|
|
------------------------------------
|
|
|
|
* Splitted cipher/random.c, add new option "--disable-dev-random"
|
|
to configure to support the development of a random source for
|
|
other systems. Prepared sourcefiles rand-unix.c, rand-w32.c
|
|
and rand-dummy.c (which is used to allow compilation on systems
|
|
without a random source).
|
|
|
|
* Fixed a small bug in the key generation (it was possible that 48 bits
|
|
of a key were not taken from the random pool)
|
|
|
|
* Add key generation for DSA and v4 signatures.
|
|
|
|
* Add a function trap_unaligned(), so that a SIGBUS is issued on
|
|
Alphas and not the slow emulation code is used. And success: rmd160
|
|
raised a SIGBUS.
|
|
|
|
* Enhanced the formatting facility of argparse and changed the use of
|
|
\r,\v to @ because gettext does not like it.
|
|
|
|
* New option "--compress-algo 1" to allow the creation of compressed
|
|
messages which are readable by PGP and "--print-md" (gpgm) to make
|
|
speed measurement easier.
|
|
|
|
|
|
Noteworthy changes in version 0.2.17
|
|
------------------------------------
|
|
|
|
* Comment packets are now of private type 61.
|
|
|
|
* Passphrase code still used a 160 bit blowfish key, added a
|
|
silly workaround. Please change your passphrase again - sorry.
|
|
|
|
* Conventional encryption now uses a type 3 packet to describe the
|
|
used algorithms.
|
|
|
|
* The new algorithm number for Blowfish is 20, 16 is still used for
|
|
encryption only; for signing it is only used when it is in a v3 packet,
|
|
so that GNUPG keys are still valid.
|
|
|
|
|
|
Noteworthy changes in version 0.2.16
|
|
------------------------------------
|
|
|
|
* Add experimental support for the TIGER/192 message diigest algorithm.
|
|
(But there is only a dummy ASN OID).
|
|
|
|
* Standard cipher is now Blowfish with 128 bit key in OpenPGP's CFB
|
|
mode. I renamed the old cipher to Blowfish160. Because the OpenPGP
|
|
group refused to assign me a number for Blowfish160, I have to
|
|
drop support for this in the future. You should use
|
|
"--change-passphrase" to recode your current passphrase with 128
|
|
bit Blowfish.
|
|
|
|
|
|
Noteworthy changes in version 0.2.15
|
|
------------------------------------
|
|
|
|
* Fixed a bug with the old checksum calculation for secret keys.
|
|
If you run the program without --batch, a warning does inform
|
|
you if your secret key needs to be converted; simply use
|
|
--change-passphrase to recalculate the checksum. Please do this
|
|
soon, as the compatible mode will be removed sometime in the future.
|
|
|
|
* CAST5 works (using the PGP's special CFB mode).
|
|
|
|
* Again somewhat more PGP 5 compatible.
|
|
|
|
* Some new test cases
|
|
|
|
Noteworthy changes in version 0.2.14
|
|
------------------------------------
|
|
|
|
* Changed the internal handling of keyrings.
|
|
|
|
* Add support to list PGP 5 keyrings with supkeys
|
|
|
|
* Timestamps of signatures are now verified.
|
|
|
|
* A expiration time can now be specified during key generation.
|
|
|
|
* Some speedups for Blowfish and SHA-1, rewrote SHA-1 transform.
|
|
Reduced the amount of random bytes needed for key generation in
|
|
some cases.
|
|
|
|
|
|
Noteworthy changes in version 0.2.13
|
|
------------------------------------
|
|
|
|
* Verify of DSA signatures works.
|
|
|
|
* Re-implemented the slower random number generator.
|
|
|
|
|
|
Noteworthy changes in version 0.2.12
|
|
------------------------------------
|
|
|
|
* --delete-key checks that there is no secret key. The new
|
|
option --delete-secret-key maybe used to delete a secret key.
|
|
|
|
* "-kv" now works as expected. Options "--list-{keys,sigs]"
|
|
and "--check-sigs" are now working.
|
|
|
|
* New options "--verify" and "--decrypt" to better support integration
|
|
into MUAs (partly done for Mutt).
|
|
|
|
* New option "--with-colons" to make parsing of key lists easier.
|
|
|
|
Noteworthy changes in version 0.2.11
|
|
------------------------------------
|
|
|
|
* GPG now asks for a recipient's name if option "-r" is not used.
|
|
|
|
* If there is no good trust path, the program asks whether to use
|
|
the public keys anyway.
|
|
|
|
* "--delete-key" works for public keys. What semantics shall I use
|
|
when there is a secret key too? Delete the secret key or leave him
|
|
and auto-regenerate the public key, netxt time the secret key is used?
|
|
|
|
Noteworthy changes in version 0.2.10
|
|
------------------------------------
|
|
|
|
* Code for the alpha is much faster (about 20 times); the data
|
|
was misaligned and the kernel traps this, so nearly all time
|
|
was used by system to trap the misalignments and to write
|
|
syslog messages. Shame on me and thanks to Ralph for
|
|
pointing me at this while drinking some beer yesterday.
|
|
|
|
* Changed some configure options and add an option
|
|
--disable-m-guard to remove the memory checking code
|
|
and to compile everthing with optimization on.
|
|
|
|
* New environment variable GNUPGHOME, which can be used to set
|
|
another homedir than ~/.gnupg. Changed default homedir for
|
|
Windoze version to c:/gnupg.
|
|
|
|
* Fixed detached signatures; detached PGP signatures caused a SEGV.
|
|
|
|
* The Windoze version works (as usual w/o a strong RNG).
|
|
|
|
|
|
Noteworthy changes in version 0.2.9
|
|
-----------------------------------
|
|
|
|
* Fixed FreeBSD bug.
|
|
|
|
* Added a simple man page.
|
|
|
|
* Switched to automake1.2f and a newer gettext.
|
|
|
|
Noteworthy changes in version 0.2.8
|
|
-----------------------------------
|
|
|
|
* Changed the name to GNUPG, the binaries are called gpg and gpgm.
|
|
You must rename rename the directory "~/.g10" to ~/.gnupg/, rename
|
|
{pub,sec}ring.g10 to {pub,sec}ring.gpg, trustdb.g10 to trustdb.gpg
|
|
and g10.sig to gnupg.sig.
|
|
|
|
* New or changed passphrases are now salted.
|
|
|
|
|
|
Noteworthy changes in version 0.2.7
|
|
-----------------------------------
|
|
|
|
* New command "gen-revoke" to create a key revocation certificate.
|
|
|
|
* New option "homedir" to set the homedir (which defaults to "~/.g10").
|
|
This directory is created if it does not exists (only the last
|
|
part of the name and not the complete hierarchy)
|
|
|
|
* Command "import" works. (Try: "finger gcrypt@ftp.guug.de|g10 --import")
|
|
|
|
* New commands "dearmor/enarmor" for g10maint. These are mainly
|
|
used for internal test purposes.
|
|
|
|
* Option --version now conforming to the GNU standards and lists
|
|
the available ciphers, message digests and public key algorithms.
|
|
|
|
* Assembler code for m68k (not tested).
|
|
|
|
* "make check" works.
|
|
|
|
Noteworthy changes in version 0.2.6
|
|
-----------------------------------
|
|
|
|
* Option "--export" works.
|
|
|
|
|
|
Noteworthy changes in version 0.2.5
|
|
-----------------------------------
|
|
|
|
* Added zlib for systems which don't have it.
|
|
Use "./configure --with-zlib" to link with the static version.
|
|
|
|
* Generalized some more functions and rewrote the encoding of
|
|
message digests into MPIs.
|
|
|
|
* Enhanced the checkit script
|
|
|
|
|
|
Noteworthy changes in version 0.2.4
|
|
-----------------------------------
|
|
|
|
* nearly doubled the speed of the ElGamal signature verification.
|
|
|
|
* backup copies of keyrings are created.
|
|
|
|
* assembler stuff for Pentium; gives about 15% better perfomance.
|
|
|
|
* fixed a lot of bugs.
|
|
|
|
|
|
Noteworthy changes in version 0.2.3
|
|
-----------------------------------
|
|
|
|
* Found a bug in the calculation of ELG fingerprints. This is now
|
|
fixed, but all existing fingerprints and keyids for ELG keys
|
|
are not any more valid.
|
|
|
|
* armor should now work; including clear signed text.
|
|
|
|
* moved some options to the new program g10maint
|
|
|
|
* It's now 64 bit clean and runs fine on an alpha--linux.
|
|
|
|
* Key generation is much faster now. I fixed this by using not
|
|
so strong random number for the primes (this was a bug because the
|
|
ElGamal primes are public parameters and it does not make sense
|
|
to generate them from strong random). The real secret is the x value
|
|
which is still generated from strong (okay: /dev/random) random bits.
|
|
|
|
* added option "--status-fd": see g10/OPTIONS
|
|
|
|
* We have secure memeory on systems which support mlock().
|
|
It is not complete yet, because we do not have signal handler
|
|
which does a cleanup in very case.
|
|
We should also check the ulimit for the user in the case
|
|
that the admin does not have set a limit on locked pages.
|
|
|
|
* started with internationalization support.
|
|
|
|
* The logic to handle the web of trust is now implemented. It is
|
|
has some bugs; but I'm going to change the algorithm anyway.
|
|
It works by calculating the trustlevel on the fly. It may ask
|
|
you to provide trust parameters if the calculated trust probability
|
|
is too low. I will write a paper which discusses this new approach.
|
|
|
|
* a couple of changes to the configure script.
|
|
|
|
* New option "--quick-random" which uses a much quicker random
|
|
number generator. Keys generated while this option is in effect
|
|
are flags with "INSECURE!" in the user-id. This is a development
|
|
only option.
|
|
|
|
* Read support for new version packets (OpenPGP).
|
|
|
|
* Comment packets are now of correct OpenPGP type 16. Old comment
|
|
packets written by G10 are detected because they always start with
|
|
a hash which is an invalid version byte.
|
|
|
|
* The string "(INSECURE!)" is appended to a new user-id if this
|
|
is generated on a system without a good random number generator.
|
|
|