Sounds like the animation causes/relies on a deferred destruction. Do we/KF6 delete the popup manually?

Version 4.0.0.250370 (Gpg4win-5.0.0-beta125):

Works as described with Version 4.0.0.250370 (Gpg4win-5.0.0-beta125):

Making some progress on understanding this:

rG25d48663f9 seems to fix this for me. However in my test cases I got a hang in dirmngr simply by running several gpgsm instances to get the details of an X.509 key. I had different logging options enabled, though.

Please use "unbreak now" only for *released* software with a criticial bug.

I had this again yesterday. I don't think that scdaemon is involved. gpg-agent.log has this

2025-03-05 15:54:29 gpg-agent[1248] socket file removed - retrying binding
2025-03-05 15:54:29 gpg-agent[1248] Der Socket kann nicht an `C:\\Users\\g10code\\AppData\\Local\\gnupg\\S.gpg-agent' gebunden werden: Unknown error
2025-03-05 15:54:29 gpg-agent[1248] system error code: 0 (0x0)
2025-03-05 15:54:29 gpg-agent[1248] secmem usage: 0/32768 bytes in 0 blocks
2025-03-05 15:55:17 gpg-agent[2088] socket file removed - retrying binding
2025-03-05 15:55:17 gpg-agent[2088] Es wird auf Socket `C:\\Users\\g10code\\AppData\\Local\\gnupg\\S.gpg-agent' gehört
2025-03-05 15:55:17 gpg-agent[2088] socket file removed - retrying binding
2025-03-05 15:55:17 gpg-agent[2088] Es wird auf Socket `C:\\Users\\g10code\\AppData\\Local\\gnupg\\S.gpg-agent.extra' gehört
2025-03-05 15:55:17 gpg-agent[2088] socket file removed - retrying binding
2025-03-05 15:55:17 gpg-agent[2088] Es wird auf Socket `C:\\Users\\g10code\\AppData\\Local\\gnupg\\S.gpg-agent.browser' gehört
2025-03-05 15:55:17 gpg-agent[2088] socket file removed - retrying binding
2025-03-05 15:55:17 gpg-agent[2088] Es wird auf Socket `C:\\Users\\g10code\\AppData\\Local\\gnupg\\S.gpg-agent.ssh' gehört
2025-03-05 15:55:17 gpg-agent[2088] gpg-agent (GnuPG) 2.5.5-beta11 started

and scdaemon logged

2025-03-05 15:55:19 scdaemon[4100] Es wird auf Socket `C:\\Users\\g10code\\AppData\\Local\\gnupg\\S.scdaemon' gehört
2025-03-05 15:55:19 scdaemon[4100] Handhabungsroutine für fd -1 gestartet
2025-03-05 15:55:19 scdaemon[4100] DBG: chan_0x00000000000002d0 -> OK GNU Privacy Guard's Smartcard server ready, process 4100

i.e. there wasn't any scdaemon running before the second gpg-agent started successfully.

Thanks for the report! That's indeed a regression introduced by the changes for T7527: Keyring/keybox denial of service. Commenting/Removing line https://dev.gnupg.org/source/gnupg/browse/master/g10/getkey.c$343 seems to fix the regression, but (very likely) this would reintroduce the issues reported in T7527: Keyring/keybox denial of service.

We should only enable least leak implementation for 64-bit, as it's not as fast on 32-bit architecture.

We should only enable least leak implementation for 64-bit, as it's not as fast on 32-bit architecture.

When opening the notepad in Kleopatra, open it in a new (non modal) window.
This has the advantage that you can to open several notepads.
Kleopatra has currently only two views for the main window: "Certificates" and "Notepad". Using a separate window for the notepad removes necessity for the the "Certificate" button in the icon bar, as well as the corresponding entry in the "View" menu.
That would also make Kleopatra more homogeneous and cleaner.

whether you use --pinentry-mode=loopback or --pinentry-mode=cancel or --pinentry-mode=error, if gpg-agent has cached the password already, the decryption will work; otherwise, it will fail with an error like that describe above.

here's an example of no prompting at all using --pinentry-mode=loopback:

Point 1 from the list in the descryption seems to be covered.
Regarding point 2: Is there some visual feedback possible like in web forms when you type a not valid value?
And point 3 from the list: Ingo suggested to do the same as we do for the mail field when adding a UID or creating a key.

It is KF6.9.0 in Gpg4win-5.0.0-beta125

The formatted display of the symmetric passphrase is configurable: gpg-agent.conf option pinentry-formatted-passphrase

Ok, the behavior is different depending on if

Oh, then I mistakenly assumed that this behavior is the same in Gpg4win and GnuPG-VSD…
Then this seems to be by design although it does not make sense IMHO to handle this aspect differently between 4win und VSD.

I can find no difference between e.g. gpg4win-4.3.0 and 5.0-beta here:

• The window gets smaller when entering a password in both versions
• there is no whitespace between characters in the old version either

master is development and you can't expect that it always build on all platforms.

Here is a patch against master which normalizes line-endings when verifying text signatures over binary literal data packets

Not reproducible on Linux (with KF 6.11): When clicking the drop down triangle the popup briefly flashes (opens and immediately closes) before the error window is shown. Maybe the bug was fixed in the meantime. Needs to be checked.

In the spirit of making the UI less cluttered, I'd be in favor of removing this line entirely.

a) and b) are both entirely gpg's responsibility. I'm using --status-fd 2 --command-fd 2 to see which messages would be passed to/parsed by gpgme.

$ gpg --version
gpg (GnuPG) 2.4.8-beta10

Tobias: Maybe add the patch versioned for kwidgetsaddons-6.9.0 for now so that it can be evaluated early.

As of KF6.112, the datepicker will indicate invalid dates and not allow selecting them. We should update to that version, once it's out, or patch in c3f643639164914238dd8f19f03ea49298408293 of kwidgetsaddons

The point here is that I tried to reset with the resetting code, not with the Admin PIN.
As you said we do have an error code for the wrong reset code. Which does not come up.

We do not have an error code for Admin PINs. The Admin PIN is also an OpenPGP card specific termm and other cards use different terms. For example a NKS has no Admin PIN at all but an alternative PIN.

Ok, with VSD 3.3.0 and 4win 4.4.0 both I see

--import-options only-pubkeys

in a gpgme log when importing a key from WKD.