One of the worst UI ever

The problem that leads many cryptography libraries to use C, even in modern times, is that C gives you tooling to write constant-time code -- no runtime, obscene pointer semantics that make it possible to prevent compiler assumptions about pointer access ordering or aliasing (and extensions for explicit fences and the like); the ability to write zero-heap-allocation code; low-level debuggers and dissemblers; and of course, inline assembler.

C is arguably awful at each individual thing I listed, but it has them all, and to the extent that some of them are a black art, there exist people with decades of experience working with popular compilers to achieve them.

Now, maybe gnupg could've written its core secret-data-handling crypto algorithms in C (or assembler) and used FFI bindings to use a nicer language for everything else. But then you'd need a language and toolchain that can mix well with C.