Vault Gpg Plugin Versions Save

Changelog

• Fix path of the binary checksum file, reported in #314 (#316)
• Build with Go 1.21 (#317)
• golang.org/x/net: 0.14.0 -> 0.17.0, includes the fix for CVE-2023-39325 (#312)
• github.com/sigstore/rekor: 1.2.2 -> 1.3.2 (#313)

v0.6.1

• e214860 Fix release pipeline

v0.6.0

• Vault plugin multiplexing has been enabled #289
• github.com/ProtonMail/go-crypto has been updated to v0.0.0-20230528122434-6f98819771a1 #285 #294 (Thanks @niranjan94)
• Release process has been reworked and release content is now signed using Cosign #293

• Signatures can be published to a Rekor transparency log (#117, #119)

It is now possible to upload the signatures made via the endpoint gpg/:name/sign to a Rekor instance.

You can choose to upload information into the transparency when your create a new key, you only need to choose a value for the parameter transparency_log_address (e.g. the public instance https://rekor.sigstore.dev/). For existing keys you can update the parameter transparency_log_address with the new configuration update endpoint.

You can find more details about Rekor in the Rekor's documentation.

• Built with Go 1.17
• Builds are deterministic
• github.com/ProtonMail/go-crypto/openpgp instead of the now deprecated golang.org/x/crypto/openpgp

• The endpoint POST /gpg/keys/:name now prevents overwriting existing keys – thanks @trishankatdatadog (#51)
• Split HTTP API into separate doc – thanks @trishankatdatadog (#50)

• Prebuilt binaries work with Alpine amd64 (#28)
• Built with Go 1.14

• Tested and built against HashiCorp Vault 1.2.2
• Built with Go 1.13

Tested and built against HashiCorp Vault 1.0.0

• Tested and built against HashiCorp Vault 0.11.1
• Built with Go 1.11

• New API endpoint show-session-key to decrypt the session key of one message. This can be useful to decrypt large message without having to transmit the whole message to Vault.