v0.4.0

features

• Added support for hybrid recipients / identities as well as WrapWithLabels, which sets the "postquantum" label if at least one pq-resistant method in the policy tree must be used in every possible paths to recover the secret. Thanks @yorickvP 🎉

v0.3.1

fixes

• when using --inspect, limit the search of the regular expression for finding relevant stanzas to the header instead of the entire ciphertext

dependencies

• update to age@1.3.1

v0.3.0

features

• use new plugin api

fixes

• do not try combining shares if threshold unmet (shamir implementation might not fail, but return garbage in this case)
• fix typo in --help docs

chore

• replace deprecated ioutil
• update dependencies
• added Makefile

v0.2.5

fixes

• enable decrypting x25519 stanzas with plugin identities, as well
• add two special cases for plugins with (unexpected) stanza identifier "piv-p256" (yubikey and se)

chore

• improve the --help summary text and formatting
• add alias -x for --decode

v0.2.4

fixes

• Release binaries were all using linux/amd64 as os/arch. Now they should be built properly.

chore

• Release binaries are now built with CGO_ENABLED=0

docs

• Improved installation instructions in README

v0.2.3

chore

• split plugin protocol handler in separate module (to reuse it elsewhere) and import it from there

v0.2.2

dependencies

• bump golang.org/x/crypto from 0.15.0 to 0.21.0
• bump hashicorp/vault from v1.15.4 to v1.15.5

v0.2.1

fixes

• fixed stalling if a body line sent to controller is exactly 48 bytes long (a631d20)

v0.2.0

features

• added support for ssh recipients / identities (#1)

fixes

• fixed issue with using t=1 in the top-level of a policy

v0.1.0

Initial release tag of plugin.

Warning: No guarantee of backwards-compatibility in v0.x versions!