GnuPG 2.2.21 および Libgcrypt 1.8.6 がリリースされた

• gpg: Improve symmetric decryption speed by about 25%. See commit 144b95cc9d.
• gpg: Support decryption of AEAD encrypted data packets.
• gpg: Add option --no-include-key-block. [#4856]
• gpg: Allow for extra padding in ECDH. [#4908]
• gpg: Only a single pinentry is shown for symmetric encryption if the pinentry supports this. [#4971]
• gpg: Print a note if no keys are given to --delete-key. [#4959]
• gpg,gpgsm: The ridiculous passphrase quality bar is not anymore shown. [#2103]
• gpgsm: Certificates without a CRL distribution point are now considered valid without looking up a CRL. The new option --enable-issuer-based-crl-check can be used to revert to the former behaviour.
• gpgsm: Support rsaPSS signature verification. [#4538]
• gpgsm: Unless CRL checking is disabled lookup a missing issuer certificate using the certificate’s authorityInfoAccess. [#4898]
• gpgsm: Print the certificate’s serial number also in decimal notation.
• gpgsm: Fix possible NULL-deref in messages of --gen-key. [#4895]
• scd: Support the CardOS 5 based D-Trust Card 3.1.
• dirmngr: Allow http URLs with “LOOKUP --url”.
• wkd: Take name of sendmail from configure. Fixes an OpenBSD specific bug. [#4886]

Release-info: https://dev.gnupg.org/T4897

• Bug fixes:
  • Fix build problems on OpenIndiana et al. [#4818]
  • Fix GCM bug on arm64 which troubles for example OMEMO. [#4986]
  • Fix wrong code execution in Poly1305 ARM/NEON implementation. [#4833]
  • Detect a div-by-zero in a debug helper tool. [#4868]
  • Use a constant time mpi_inv in some cases and change the order mpi_invm is called. [#4869]
  • Fix mpi_copy to correctly handle flags of opaque MPIs.
  • Fix mpi_cmp to consider +0 and -0 the same.
• Other features:
  • Add OIDs from RFC-8410 as aliases for Ed25519 and Curve25519.

Release-info: https://dev.gnupg.org/T4985