From 89c1d455e500e26d234a41a40a4c8a4ac99bcf07 Mon Sep 17 00:00:00 2001 From: Paul Miller Date: Sat, 27 Aug 2022 21:21:12 +0000 Subject: [PATCH] Release 0.2.3. --- README.md | 7 +++---- package.json | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index eb44d0d..eaf10dc 100644 --- a/README.md +++ b/README.md @@ -64,11 +64,11 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHsjMxxbMNsYAIkU+a3yENkZ50fpbXDRIa5jVS36giXF Creates keys compatible with GPG. GPG is a commonly known utility that supports PGP protocol. Quirks: 1. Generated private and public keys would have different representation, -however, **their fingerprints would be the same**. This is because AES encryption is used to -hide the keys, and AES requires different IV / salt. + however, **their fingerprints would be the same**. This is because AES encryption is used to + hide the keys, and AES requires different IV / salt. 2. The function is slow (~725ms on Apple M1), because it uses S2K to derive keys. 3. "warning: lower 3 bits of the secret key are not cleared" - happens even for keys generated with GnuPG 2.3.6, because check looks at item as Opaque MPI, when it is just MPI: see [bugtracker URL](https://dev.gnupg.org/rGdbfb7f809b89cfe05bdacafdb91a2d485b9fe2e0). + happens even for keys generated with GnuPG 2.3.6, because check looks at item as Opaque MPI, when it is just MPI: see [bugtracker URL](https://dev.gnupg.org/rGdbfb7f809b89cfe05bdacafdb91a2d485b9fe2e0). ```js import * as pgp from 'ed25519-keygen/pgp'; @@ -151,4 +151,3 @@ rx724x3oambzxr46pkbdckdqyut5x5lhsneru3uditf4nuyuf4uou6qd.onion ## License MIT (c) Paul Miller [(https://paulmillr.com)](https://paulmillr.com), see LICENSE file. - diff --git a/package.json b/package.json index 8ed6415..579bbc1 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "ed25519-keygen", - "version": "0.2.2", + "version": "0.2.3", "description": "Generate ed25519 keys deterministically for SSH, PGP (GPG) and TOR", "type": "module", "main": "index.js",