By Justus | August 21, 2020
We have just released version 0.19.0 of Sequoia. The release includes
the low-level crate sequoia-openpgp
, a program to verify detached
signatures geared towards software distribution systems called
sqv
, and a commandline frontend for Sequoia implementing the
Stateless OpenPGP Command Line Interface called sqop
.
If you use Sequoia, please port your code to the latest version and report any problems you encounter. Thank you.
Notable changes
The big new feature is that Sequoia can now be built to use the Windows Cryptography API: Next Generation (CNG) as cryptographic backend on Windows. This makes it easier to build and distribute Sequoia for Windows, as building Nettle requires a POSIXly environment. Furthermore, using CNG reduces your trusted computing base, and will allow us to use cryptographic key stores like HSMs in the future.
To select the CNG backend, use default-features = false
, and
explicitly include the crypto-cng
feature. Currently, the CNG
backend requires at least Windows 10.
We are in the process of stabilizing the API of the low-level
sequoia-openpgp
crate. To that end, we’re going over our
documentation, writing more documentation and examples, and slightly
amending the API to make it more consistent and easier to use.