Change Details

(prev: T5386)

Noteworthy changes in version 2.3.2 (2021-08-24) * gpg: Allow fingerprint based lookup with --locate-external-key. [rGec36eca08c] * gpg: Allow decryption w/o public key but with correct card inserted. [rG50293ec2eb] * gpg: Auto import keys specified with --trusted-keys. [rG100037ac0f] * gpg: Do not use import-clean for LDAP keyserver imports. [T5387] * gpg: Fix mailbox based search via AKL keyserver method. [rG4fcfac6feb] * gpg: Fix memory corruption with --clearsign introduced with 2.3.1. [T5430] * gpg: Use a more descriptive prompt for symmetric decryption. [rG6dfae2f402] * gpg: Improve speed of secret key listing. [rG40da61b89b] * gpg: Support keygrip search with traditional keyring. [T5469] * gpg: Let --fetch-key return an exit code on failure. [T5376] * gpg: Emit the NO_SECKEY status again for decryption. [T5562] * gpgsm: Support decryption of password based encryption (pwri). [rGeeb65d3bbd] * gpgsm: Support AES-GCM decryption. [rG4980fb3c6d] * gpgsm: Let --dump-cert --show-cert also print an OpenPGP fingerprint. [rG52bbdc731f] * gpgsm: Fix finding of issuer in use-keyboxd mode. [rG6b76693ff5] * gpgsm: New option --ldapserver as an alias for --keyserver. [rG89df86157e] * agent: Use SHA-256 for SSH fingerprint by default. [T5434] * agent: Fix calling handle_pincache_put. [T5436] * agent: Fix importing protected secret key. [T5122] * agent: Fix a regression in agent_get_shadow_info_type. [T5393] * agent: Add translatable text for Caps Lock hint. [T4950] * agent: New option --pinentry-formatted-passphrase. [T5517] * agent: Add checkpin inquiry for pinentry. [T5517,#5532] * agent: New option --check-sym-passphrase-pattern. [T5517] * agent: Use the sysconfdir for a pattern file. * agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry. [rG1305baf099] * dirmngr: LDAP search by a mailbox now ignores revoked keys. [rG1406f551f1] * dirmngr: For KS_SEARCH return the fingerprint also with LDAP. [T5441] * dirmngr: Allow for non-URL specified ldap keyservers. [T5405,#5452] * dirmngr: New option --ldapserver. [rG52cf32ce2f] * dirmngr: Fix regression in KS_GET for mail address pattern. [T5497] * card: New option --shadow for the list command. [rG2fce99d73a] * tests: Make sure the built keyboxd is used. [T5406] * scd: Fix computing shared secrets for 512 bit curves. [rG9e24f2a45c] * scd: Fix unblock PIN by a Reset Code with KDF. [T5413] * scd: Fix PC/SC removed card problem. [rG8d81fd7c01] * scd: Recover the partial match for PORTSTR for PC/SC. [rG53bdc6288f] * scd: Make sure to release the PC/SC context. [T5416] * scd: Fix zero-byte handling in ECC. [T5163] * scd: Fix serial number detection for Yubikey 5. [T5442] * scd: Add basic support for AET JCOP cards. [rG544ec7872a] * scd: Detect external interference when --pcsc-shared is in use. [T5484] * scd: Fix access to the list of cards. [T5524] * gpgconf: Do not list a disabled tpm2d. [T5408] * gpgconf: Make runtime changes with different homedir work. [rG31c0aa2ff3] * keyboxd: Fix searching for exact mail adddress. [rGf79e9540ca] * keyboxd: Fix searching with multiple patterns. [rG101ba4f18a] * gpgtar: Fix file size computation under Windows. [rG14e36bdbe1] * tools: Extend gpg-check-pattern. [rG73c03e0232] * wkd: Fix client issue with leading or trailing spaces in user-ids. [rGb4345f7521] * Under Windows add a fallback in case the console can't cope with Unicode. [T5491] * Under Windows use LOCAL_APPDATA for the socket directory. [T5537] * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. [T3659] * Change the default keyserver to keyserver.ubuntu.com. This is a temporary change due to the shutdown of the SKS keyserver pools. [rG55b5928099] (prev: T5386 next: T5565)

Noteworthy changes in version 2.3.2 (2021-08-24) * gpg: Allow fingerprint based lookup with --locate-external-key. (prev: T5386 [rGec36eca08c] * gpg: Allow decryption w/o public key but with correct card inserted. [rG50293ec2eb] * gpg: Auto import keys specified with --trusted-keys. [rG100037ac0f] * gpg: Do not use import-clean for LDAP keyserver imports. [T5387] * gpg: Fix mailbox based search via AKL keyserver method. [rG4fcfac6feb] * gpg: Fix memory corruption with --clearsign introduced with 2.3.1. [T5430] * gpg: Use a more descriptive prompt for symmetric decryption. [rG6dfae2f402] * gpg: Improve speed of secret key listing. [rG40da61b89b] * gpg: Support keygrip search with traditional keyring. [T5469] * gpg: Let --fetch-key return an exit code on failure. [T5376] * gpg: Emit the NO_SECKEY status again for decryption. [T5562] * gpgsm: Support decryption of password based encryption (pwri). [rGeeb65d3bbd] * gpgsm: Support AES-GCM decryption. [rG4980fb3c6d] * gpgsm: Let --dump-cert --show-cert also print an OpenPGP fingerprint. [rG52bbdc731f] * gpgsm: Fix finding of issuer in use-keyboxd mode. [rG6b76693ff5] * gpgsm: New option --ldapserver as an alias for --keyserver. [rG89df86157e] * agent: Use SHA-256 for SSH fingerprint by default. [T5434] * agent: Fix calling handle_pincache_put. [T5436] * agent: Fix importing protected secret key. [T5122] * agent: Fix a regression in agent_get_shadow_info_type. [T5393] * agent: Add translatable text for Caps Lock hint. [T4950] * agent: New option --pinentry-formatted-passphrase. [T5517] * agent: Add checkpin inquiry for pinentry. [T5517,#5532] * agent: New option --check-sym-passphrase-pattern. [T5517] * agent: Use the sysconfdir for a pattern file. * agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry. [rG1305baf099] * dirmngr: LDAP search by a mailbox now ignores revoked keys. [rG1406f551f1] * dirmngr: For KS_SEARCH return the fingerprint also with LDAP. [T5441] * dirmngr: Allow for non-URL specified ldap keyservers. [T5405,#5452] * dirmngr: New option --ldapserver. [rG52cf32ce2f] * dirmngr: Fix regression in KS_GET for mail address pattern. [T5497] * card: New option --shadow for the list command. [rG2fce99d73a] * tests: Make sure the built keyboxd is used. [T5406] * scd: Fix computing shared secrets for 512 bit curves. [rG9e24f2a45c] * scd: Fix unblock PIN by a Reset Code with KDF. [T5413] * scd: Fix PC/SC removed card problem. [rG8d81fd7c01] * scd: Recover the partial match for PORTSTR for PC/SC. [rG53bdc6288f] * scd: Make sure to release the PC/SC context. [T5416] * scd: Fix zero-byte handling in ECC. [T5163] * scd: Fix serial number detection for Yubikey 5. [T5442] * scd: Add basic support for AET JCOP cards. [rG544ec7872a] * scd: Detect external interference when --pcsc-shared is in use. [T5484] * scd: Fix access to the list of cards. [T5524] * gpgconf: Do not list a disabled tpm2d. [T5408] * gpgconf: Make runtime changes with different homedir work. [rG31c0aa2ff3] * keyboxd: Fix searching for exact mail adddress. [rGf79e9540ca] * keyboxd: Fix searching with multiple patterns. [rG101ba4f18a] * gpgtar: Fix file size computation under Windows. [rG14e36bdbe1] * tools: Extend gpg-check-pattern. [rG73c03e0232] * wkd: Fix client issue with leading or trailing spaces in user-ids. [rGb4345f7521] * Under Windows add a fallback in case the console can't cope with Unicode. [T5491] * Under Windows use LOCAL_APPDATA for the socket directory. [T5537] * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. [T3659] * Change the default keyserver to keyserver.ubuntu.com. This is a temporary change due to the shutdown of the SKS keyserver pools. [rG55b5928099] (prev: T5386 next: T5565)