KDECompilerSettings now sets -DQT_NO_CAST_FROM_ASCII (and others) also on Windows because we increased the required KF5 version to 5.104.

The data is indeed corrupt. Check with the sender of that key.
IF you look at the data you will soon notice that one line is longer than the others.

Not really, the GnuPG System configuration settings are generated from gpgconf output and there is no tooltip mechanism for that.

Yes I agree, that might be nice to have.

Yes I think that can be safely backported to gpg4win/23.07

Yes I think that can be safely backported to gpg4win/23.07

we could include the "better explanation" part, though. The options in "GnuPG system (technical)" do not have a tooltip, we could add one there, at least.

This won't go into the next release it is too invasive and needs to be very thought through and announced to users. This also needs to be deployed in a Gpg4win first to get user feedback. GpgOL is pretty much done for the summer release of GnuPG VS-Desktop.

I caught gpg-agent.exe hanging again and managed to attach WinDbg for live kernel debugging. Alas, the result is underwhelming, but I can now confirm with certainty, that the WOW64 loader lock and the fast PEB lock are not being held:

Please ask on the gnupg mailing list for support. In case that turns out to be a real bug, please re-open this bug.

Here is an example from my QES cert:

That does not mean that this is a good idea. And well, I heard that Poppler does not have a stable API.

Thank you. that worked. A pitty gpgv can't read from fd using process substitution

7b7e16ae923d:/data/loglib# gpgv --keyring <(gpg -o - --dearmor ../ecs.keys) jul-ecs-formatter-1.5.0.jar.as
c jul-ecs-formatter-1.5.0.jar
gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'
gpgv: Signature made Sun Aug 21 07:52:24 2022 UTC
gpgv:                using RSA key 46095ACC8548582C1A2699A9D27D666CD88E42B4
gpgv: Can't check signature: No public key

But I had two steps even before, so this could work.

7b7e16ae923d:/data/loglib# gpgv --keyring ../ecs.keys.gpg jul-ecs-formatter-1.5.0.jar.asc jul-ecs-formatte
r-1.5.0.jar
gpgv: Signature made Sun Aug 21 07:52:24 2022 UTC
gpgv:                using RSA key 46095ACC8548582C1A2699A9D27D666CD88E42B4
gpgv: Good signature from "Elasticsearch (Elasticsearch Signing Key) <dev_ops@elasticsearch.org>"

gpgv might not support ASCII armored key files. Try with a binary key file.

The poppler api exposes it. Has done it since more or less the incarnation of pdf signing in poppler I think.

Don't do that. The key usage extensions rarely useful. This is the usual X.509 DbC (design by commitee) mess. See for example https://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt . Let's not try to follow this path.

Hi, thanks for prompt response. I have just bunch of public keys I want to verify against. They have form of
-----BEGIN PGP PUBLIC KEY BLOCK-----. If I try using the key file as a keyring I get error.

I think you should simply use gpgv for verifying signatures. gpgv exists for exactly this use case. You don't even have to import anything because you can directly pass a keyring to gpgv.

Sorry, I haven't been able to get any more information so far. I'll try to read up on the code a bit during my upcoming vacation, perhaps I can identify something. While I couldn't confirm that it's about the loader lock, but also couldn't rule it out.

I have the website repo now filtered and ready to be pushed but the write access to repos only hosted on phabricator does not work. We probably need repos on playfair.gnupg.org and only then mirror them here. Since werner is currently busy and I need him for that I will do that tomorrow or wednesday. As tomorrow I am on the road.

I have created the repo now. https://dev.gnupg.org/source/gpg4win-compendium/

That was not me. I would much prefer to have the website in its own repo with its own contributors and so on. Maybe we could also do this then.

I am not sure what autoconf -o does though?

Ok cool, I think then you can mostly use git-filter-repo to filter out the history of the manual subfolder into a new git empty repo. Just give the word and I can create one here on dev.gnupg.org where you can then push to.
I am not sure what autoconf -o does though? How are the replacements handled which were defined in confiugure.ac etc?

What I tried so far (after checking out de40f2fe3336c63e5f73cce93402a73029779fd3, the commit before you removed the compendium):

I am reopening this at least for testing as we have reports that another client is facing the issue with recent versions and also with verified mails .

I spent my afternoon with git-filter-repo and while that worked nicely I failed to come up with a new build system for the compendium that worked, I tried to do the full autotools shebang but in the evening I realized that a simple static Makefile would probably be better like with the website branch. But I leave that to someone else. I will now tag gpg4win-4.2.0 as "the-last-compendium" and include the pdfs from that version from now on and just remove the compendium from master.

@aheinecke Backport to gpg4win/23.07?

@aheinecke Backport to gpg4win/23.07?

Works for me.

The poppler API exposes key usage extensions, and I'm trying to reconstruct them from the canX flags, which of course is highly inaccurate.