So, regarding the minor version change: the change of order seems not critical (as there was no settings file before), but the introduction of the settings file might be.

I verified, that both in vsd 3.3.2 and vsd 3.3.3 beta90.29 the current implementation is

And we shouldn't change the precedence in a minor release, I believe.

The configuration readout order still needs to be specified/fixed.

Looks good to me on vsd-3.3.3-beta90.29 @ win11

So we need to find out what gpg-card url --clear does to avoid the card error for the ZeitControl cards.

An new suggestion for the wording without prior reading of the above texts to get a fresh view.
But in German ...

In gpg4win-4.4.1 it works too.

Note: In the current vsd beta (29) it works (pinentry for the next key is opened):

@werner Proposed patch for gpg:

diff --git a/g10/export.c b/g10/export.c
index 5dcb9c665..908a6b6a0 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -1961,7 +1961,9 @@ do_export_one_keyblock (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
           if (strchr (hexgrip, ','))
             {
               log_error ("exporting a secret dual key is not yet supported\n");
-              return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+              err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+              write_status_error ("export_keys.secret", err);
+              return err;
             }

Note: It works with gpg-card url --clear.

Move Notepad and Smartcards from View to Tools (entries are additionally still in view)

I could reproduce this with a ZeitControl OpenPGP v3.4 card, but (as Tobias) not with an (old) Yubikey. Looks like a bug in the card firmware.

Backported for VSD 3.4 and VSD 3.3.

Thanks for the quick response. I can confirm the patch works in my setup.

Thank you for your report.

Note that:
If we consider backporting this to 1.10/1.11 branch, we also need to apply: rCdef1d4ea8f66: random:jent: Fix build with address sanitizer.

@jukivili
Thanks for your feedback.

There's GCRYPT_IN_ASAN_TEST environment variable check in tests/t-secmen.c and tests/t-sexp.c. Are those check needed after this change? Could they be removed?

I couldn't reproduce the problem because I had apparently told Kleopatra in the past "Do not ask again". :/

I think this problem just occurs because the secret key of the ADSK is available. Otherwise, Kleopatra wouldn't know whether the ADSK is stored on a smart card and therefore wouldn't erroneously take a non-card key for a card key.

Well, in the audit log the output of gpg is shown, nothing Kleo can do there, I believe.
But we need to talk about what still needs to be( can be implemented on the Kleo side.

The API documentation of gpgme has been improved. And Kleopatra no longer tries to read the private key files of subkeys using combined algorithms (like Kyber+some curve) because (as of now) such keys are not stored on any smart cards (that are supported by GnuPG).

New ticket for the remaining issue.

gpgme log for key creation and export with warning for VSD-Beta29

This is also the case in the latest VSD-Beta29

I could reproduce it with the same version (on WIN10).

Right, gpg CLI output depends on it, too.

Does that mean that it is not possible to close the message automatically if changes are made in a) the text field or b) the encryption settings in the right pane?

Please attach the output of gpg -K --with-colons

For the open issue I have created T7890: Kleopatra: Icon sidebar in configuration dialog is missing an accessible name because it needs to be fixed upstream (in KDE Frameworks).

Correct, the fix is not included in beta395.

For the initial attempt, I push: rCfe06287003a1: secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN.
This is better than nothing.

Notes to self:

• On Windows, libgpg-error's gettext replacement uses the value of LC_ALL, LC_MESSAGE, or LANG (in this order) if set. Otherwise, it uses Windows's GetThreadLocale. (gnupg should probably use the MUI API instead.)
• We should probably force Qt's/KDE's language on gnupg by setting LANG.