RNP 0.13.0 released

Nickolay Olshevsky on 03 Jan 2020

RNP 0.13.0 brings substantial improvements to the Foreign Function Interface (FFI) and command-line tools, while also addressing important stability and security issues. This release focuses on providing developers with more powerful and flexible APIs while improving the overall robustness of the library.

Introduction

This release represents a significant step forward in RNP’s evolution as a developer-friendly OpenPGP implementation. The extensive FFI enhancements provide developers with more granular control over cryptographic operations, while stability improvements ensure reliable operation in various scenarios.

Key highlights:

• New key generation API for improved programmatic control

• Enhanced armor handling with better stability and security

• Comprehensive key management functions in FFI

Other highlights:

• Streamlined CLI interface with better organization

• Improved RPM package structure

• Enhanced debugging capabilities

• Better version control integration

• Optimized key validation process

• New output handling functions

• Improved feature detection system

Command-line interface updates

rnp

• Added --list-packets parameters (--json, etc.)

• Removed --show-keys

rnpkey

• Removed a few redundant commands (--get-key, --print-sigs, --trusted-keys, …​)

• Added --secret option

• Display 'ssb' for secret subkeys

Foreign Function Interface (FFI) enhancements

Key generation and management

New functions:

• A new (non-JSON) key generation API (rnp_op_generate_create etc.)

• rnp_unload_keys function to unload all keys

• rnp_key_remove to unload a single key

• rnp_key_get_subkey_count/rnp_key_get_subkey_at

• Various key property accessors (rnp_key_get_bits, rnp_key_get_curve)

• rnp_op_generate_set_protection_password

• rnp_key_get_creation, rnp_key_get_expiration

• rnp_key_get_uid_handle_at, rnp_uid_is_revoked, etc.

• rnp_key_is_revoked and related functions to check for revocation

• rnp_key_get_primary_grip

• rnp_op_generate_set_request_password

• rnp_import_keys

Modified function:

• Expanded bit length support for JSON key generation

Output and data handling

New functions:

• rnp_output_to_path and rnp_output_finish

• rnp_output_to_armor

• rnp_dump_packets_to_output

• rnp_output_write

• rnp_guess_contents

• rnp_key_packets_to_json/rnp_dump_packets_to_json

• rnp_signature_packet_to_json

• rnp_op_set_file_name/rnp_op_set_file_mtime

• rnp_op_encrypt_set_aead_bits

• rnp_op_verify_signature_get_handle

System and debugging

New functions:

• rnp_version_commit_timestamp to retrieve the commit timestamp (for non-release builds)

• rnp_calculate_iterations

• rnp_supports_feature/rnp_supported_features

• rnp_enable_debug/rnp_disable_debug

Package management

• RPM: Split packages into librnp0, librnp0-devel, and rnp0

General stability fixes

• Fixed a double-free on invalid armor headers

• Fixed broken versioning when used as a git submodule

• Fixed an infinite loop on parsing truncated armored keys

• Fixed armored stream parsing to be more flexible and allow blank lines before trailer

• Fixed the armor header for detached signatures (previously MESSAGE, now SIGNATURE)

• Improved setting of default qbits for DSA

• Fixed a crash when retrieving signature revocation reason

• Stopped using expensive tests for key material validation

Looking ahead

RNP 0.13.0 establishes a stronger foundation for developers through:

• More comprehensive FFI capabilities

• Better stability and security

• Improved packaging

• Enhanced usability

These improvements demonstrate RNP’s commitment to providing a robust and developer-friendly OpenPGP implementation.

For detailed technical information and the complete list of changes, please visit the release page.