golang: bump github.com/ProtonMail/gopenpgp/v2 from 2.5.2 to 2.7.5

[dependabot[bot]]

Bumps github.com/ProtonMail/gopenpgp/v2 from 2.5.2 to 2.7.5.

Release notes

Sourced from github.com/ProtonMail/gopenpgp/v2's releases.

Release v2.7.5

Added

• API to get signature key IDs for mobile:

  func (msg *PGPMessage) GetHexSignatureKeyIDsJson() []byte
  

• API to get encryption key IDs for mobile:

  func (msg *PGPMessage) GetHexEncryptionKeyIDsJson() []byte
  

• API to get the number of key packets in a PGP message:

  func (msg *PGPSplitMessage) GetNumberOfKeyPackets() (int, error)
  

• API in package helper to encrypt a PGP message to an additional key:

  func EncryptPGPMessageToAdditionalKey(messageToModify *crypto.PGPSplitMessage, keyRing *crypto.KeyRing, additionalKey *crypto.KeyRing) error
  

Release v2.7.5-proton

This release is 2.7.5 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.

Release v2.7.4

Fixed

• Ensure that (SessionKey).Decrypt functions return an error if no integrity protection is present in the encrypted input. To protect SEIPDv1 encrypted messages, SED packets must not be allowed in decryption.

Release 2.7.4-proton

This release is 2.7.4 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.

Release v2.7.3

Added

• Add helper.QuickCheckDecrypt function to the helper package. The function allows to check with high probability if a session key can decrypt a SEIPDv1 data packet given its 24-byte prefix.

Release 2.7.3-proton

This release is 2.7.3 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.

Release v2.7.2

Update the underlying crypto library

Release 2.7.2-proton

This release is 2.7.2 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.

Release v2.7.1

Added

• Add mobile helpers for signature verification with contexts.

Release v2.7.1-proton

... (truncated)

Changelog

Sourced from github.com/ProtonMail/gopenpgp/v2's changelog.

[2.7.5] 2023-31-01

Added

• API to get signature key IDs for mobile:

  func (msg *PGPMessage) GetHexSignatureKeyIDsJson() []byte
  

• API to get encryption key IDs for mobile:

  func (msg *PGPMessage) GetHexEncryptionKeyIDsJson() []byte
  

• API to get the number of key packets in a PGP message:

  func (msg *PGPSplitMessage) GetNumberOfKeyPackets() (int, error)
  

• API in package helper to encrypt a PGP message to an additional key:

  func EncryptPGPMessageToAdditionalKey(messageToModify *crypto.PGPSplitMessage, keyRing *crypto.KeyRing, additionalKey *crypto.KeyRing) error
  

[2.7.4] 2023-10-27

Fixed

• Ensure that (SessionKey).Decrypt functions return an error if no integrity protection is present in the encrypted input. To protect SEIPDv1 encrypted messages, SED packets must not be allowed in decryption.

[2.7.3] 2023-08-28

Added

• Add helper.QuickCheckDecrypt function to the helper package. The function allows to check with high probability if a session key can decrypt a SEIPDv1 data packet given its 24-byte prefix.

[2.7.2] 2023-07-17

Changed

• Updated underlying crypto library

Fixed

• Ensure DecryptSessionKey returns an error for a missing key packet

[2.7.1] 2023-04-21

Added

• Add mobile helpers for signature verification with contexts.

[2.7.0] 2023-04-14

Changed

• The SignatureVerificationError struct now has a Cause error field, which is returned by the the Unwrap function. The cause is also included in the error message. NB: If the caller was relying on the exact message of the error, it might break the flow.
• When a signature fails verification because of the signature context, it returns a SignatureVerificationError with status constants.SIGNATURE_BAD_CONTEXT instead of constants.SIGNATURE_FAILED.

Added

• Add api for signature context on streams SignDetachedStreamWithContext.
• Add API for signature context on embedded signatures.

... (truncated)

Commits

• c6a3058 Prepare release 2.7.5 with packet API (#269)
• 02a4599 Prepare release 2.7.4 (#256)
• da4cecf Update session key decryption to not allow SED packets (#255)
• 0eace54 Release version 2.7.3 (#252)
• 987923f Add quick check for session key decryption (#249)
• b97d994 Release version 2.7.2 (#247)
• ca02a21 Ensure DecryptSessionKey returns an error for a missing key packet (#245)
• cf8b8d4 Update go-crypto
• d37f4eb Merge pull request #237 from ProtonMail/feat/signature-context-mobile-helpers
• 2cf7a8c Add mobile helpers to verify signature contexts.
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.