Issue GNUPG 2.4.0

After the five years of development presented The release of tools gnupg 2.4.0 (gnu Privacy Guard), compatible with the standards of Openpgp ( RFC-4880 ) both S/MIME, and providing utilities for encrypting data, working with electronic signatures, key management and access to public storage facilities.

gnupg 2.4.0 is positioned as the first release of a new stable branch, which incorporated the changes accumulated in the preparation of issues of 2.3.X. The branch 2.2 is transferred to the category of an old stable branch, which will be maintained until the end of 2024. The GNUPG 1.4 branch continues to be accompanied by a classic series that consumes minimal resources suitable for built -in systems and compatible with obsolete encryption algorithms.

Key changes in GNUPG 2.4 compared to the last stable branch 2.2:

  • A background process has been added with the implementation of the keys database using the SQLite DBMS and demonstrating a significantly faster keys. To include a new storage, it is necessary to activate the Use-KeyBoxd option in Common.conf.
  • Added a background process tpm2d , which allows the use of tpm 2.0 chips to protect closed keys and performing encryption or creating digital signatures on the side of the TPM module.
  • A new GPG-Card utility has been added, which can be used as a flexible interface for all supported types of Smartkart.
  • Added a new GPG-round utility for authentication.
  • Added a new general configuration file Common.conf, which is involved in the background process of KeyBoxd without separate adding settings in gpg.conf and gpgsm.conf.
  • Support for the fifth version of the keys and digital signatures, which uses the Sha256 algorithm instead of Sha1.
  • As the default algorithms for open keys are involved ED25519 and CV25519.
  • Added support for the AEAD mode of the OCB and Eax block encryption.
  • Added support for elliptical curves x448 (Ed448, CV448).
  • allowed the use of groups in the lists of keys.
  • in GPG, GPGSM, GPGCONF, GPG-Card and GPG-Connect-Agent added the “-Chuid” option “to change the user identifier.
  • Windows platform implemented full support for Unicode on the command line.
  • Added assembly option “–with-TSS” to select TSS TSS TSS.
  • The basic support of ECC and the possibility of creating EDDSA certificates have been added to the GPGSM. Added support for decoding data encrypted using a password. Added support for decryption AES-GCM. Added new options “—ldapserver” and “–show-crts”.
/Media reports cited above.