Page MenuHome GnuPG
Feed Advanced Search

Apr 12 2023

werner added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

Actually Linux already returns ENOSYS on older kernels where there is no getrandom libc call. Thus returning ENOSYS if we don't have the libc version of that syscall (i.e. getrandom) in FIPS mode seems to be the Right Thing to do. My whole comment was about fips mode - it does not make much sense to enable FIPS mode if the system is not appropriate for it.

Apr 12 2023, 8:58 AM · MacOS, libgcrypt, Bug Report
werner triaged T6447: Kleopatra: "imported certificates" tab inconsistencies as Normal priority.
Apr 12 2023, 8:44 AM · vsd33 (vsd-3.3.0), Restricted Project, Bug Report, kleopatra
debohman added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

I see, your issue is with the use of getrandom for FIPS. I understand now.

Apr 12 2023, 3:32 AM · MacOS, libgcrypt, Bug Report
gniibe added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

ENOSYS is POSIX. My point is that: getrandom was introduced in Linux kernel with flags for particular purpose (differentiate use of /dev/random and /dev/urandom), but that feature has gone.
But, for FIPS behavior, RHEL and related OS use (possibly, some would say misuse) getrandom with GRND_RANDOM. This use is RHEL specific (not for other GNU/Linux). Use of getrandom is non-POSIX.

Apr 12 2023, 3:22 AM · MacOS, libgcrypt, Bug Report
debohman added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

Returning ENOSYS is too strict, in my opinion; It doesn't work for machines other than CentOS/Fedora/RHEL.

Apr 12 2023, 2:41 AM · MacOS, libgcrypt, Bug Report
gniibe added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

Returning ENOSYS is too strict, in my opinion; Because the code in question doesn't work for machines other than CentOS/Fedora/RHEL. For other machines, it would be natural to just rely on getentropy (rather standard call).

Apr 12 2023, 2:27 AM · MacOS, libgcrypt, Bug Report

Apr 11 2023

ikloecker added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

What Werner wrote was also my thought. If getrandom is mandatory for FIPS, then it must not be possible to disable it silently.

Apr 11 2023, 9:16 AM · MacOS, libgcrypt, Bug Report
werner added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

What about

Apr 11 2023, 8:19 AM · MacOS, libgcrypt, Bug Report

Apr 10 2023

gniibe closed T6315: libgpg-error: argparse: empty header doesn't work well as Resolved.

Fixed in 1.47.

Apr 10 2023, 7:21 AM · Bug Report, gpgrt
gniibe changed the status of T6442: libgcrypt-1.10.2: getrandom() is not available everywhere from Open to Testing.
Apr 10 2023, 7:19 AM · MacOS, libgcrypt, Bug Report
gniibe claimed T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.
Apr 10 2023, 7:18 AM · MacOS, libgcrypt, Bug Report
gniibe closed T6288: Document gpgrt-config in detail or improve it to support simple invocation as Resolved.

Fixed in libgpg-error 1.47.

Apr 10 2023, 6:41 AM · gpgrt, Bug Report
debohman added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

Tested. I applied the above diff to libgcrypt-1.10.2, and it builds and runs.

Apr 10 2023, 5:05 AM · MacOS, libgcrypt, Bug Report
gniibe added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

Thank you for the report.

Apr 10 2023, 4:54 AM · MacOS, libgcrypt, Bug Report
debohman added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

Here is the git diff that I used:

Apr 10 2023, 4:41 AM · MacOS, libgcrypt, Bug Report

Apr 8 2023

debohman added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

I just ran into this, too, on macOS.

Apr 8 2023, 6:45 PM · MacOS, libgcrypt, Bug Report

Apr 7 2023

werner triaged T6442: libgcrypt-1.10.2: getrandom() is not available everywhere as High priority.
Apr 7 2023, 10:02 PM · MacOS, libgcrypt, Bug Report
Marius_Schamschula added a comment to T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.

I just ran into this issue while attempting to update the MacPorts Portfile to version 1.10.2.

Apr 7 2023, 12:44 PM · MacOS, libgcrypt, Bug Report
moubctez created T6442: libgcrypt-1.10.2: getrandom() is not available everywhere.
Apr 7 2023, 11:12 AM · MacOS, libgcrypt, Bug Report
gniibe closed T6388: libgcrypt: gpgrt-config not found in $PREFIX if there are no less-preferred options found via $CC as Resolved.

Fixed in 1.10.2.

Apr 7 2023, 2:16 AM · gpgrt, patch, libgcrypt, Bug Report

Apr 6 2023

acollier added a comment to T6388: libgcrypt: gpgrt-config not found in $PREFIX if there are no less-preferred options found via $CC .

Thank you for the bug report.

I see your problem. We need to improve the patch, as we cannot use Bash-only feature in configure.
[...]
That is, prefer possible_libdir1 when not used. Please test this.

Apr 6 2023, 5:45 PM · gpgrt, patch, libgcrypt, Bug Report
Saturneric created T6440: GpgME also need to find gpgconf under "/opt/homebrew/bin" by default.
Apr 6 2023, 5:51 AM · MacOS, Feature Request, gpgme
gniibe changed the status of T6322: The warning "lower 3 bits of the secret key are not cleared" keeps showing even cv25519 key was generated by GnuPG from Open to Testing.
Apr 6 2023, 4:35 AM · gnupg24, Bug Report
gniibe claimed T6322: The warning "lower 3 bits of the secret key are not cleared" keeps showing even cv25519 key was generated by GnuPG.

Sorry, it took time (for me) to understand the issue, as this is not 100%-reproducible bug. And it was not clear (for me) that how passphrase were offered in the interaction, so, I was not possible to see if it's encrypted or not.

Apr 6 2023, 4:32 AM · gnupg24, Bug Report

Apr 5 2023

ebo moved T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 3:13 PM · backport, gnupg (gpg22), Bug Report, Restricted Project
ebo moved T5745: Kleopatra: Card holder name is not correctly decoded from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 2:58 PM · Restricted Project, kleopatra, Bug Report
ebo moved T5850: Kleopatra: "Show not certified certificates" button shows any not fully valid certificates from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 2:55 PM · Restricted Project, kleopatra, Bug Report
ebo moved T6086: Kleopatra: Filtering keys doesn't work anymore from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 1:52 PM · Restricted Project, kleopatra, Bug Report
ebo moved T6308: Kleopatra: UiServer Connectivity self-test fails on Windows from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 5 2023, 12:50 PM · gpg4win, libassuan, Restricted Project, kleopatra, Bug Report
ikloecker added a comment to T6439: Kleopatra: Decrypting an encrypted archive fails on Windows.

Problem 2 comes from the fact, that gpg4win packages gpg 2.4.0, but the new archive code needs gpg 2.4.1.

Apr 5 2023, 12:08 PM · gnupg24 (gnupg-2.4.1), Restricted Project, Windows, gpg4win, kleopatra, Bug Report
ikloecker created T6439: Kleopatra: Decrypting an encrypted archive fails on Windows.
Apr 5 2023, 11:20 AM · gnupg24 (gnupg-2.4.1), Restricted Project, Windows, gpg4win, kleopatra, Bug Report

Apr 4 2023

ikloecker added a comment to T6438: Manual of gpgrt is missing on gnupg.org.

The reason may be the following text/comment I found in gpgrt.texi:

This manual documents the Libgpg-error library application programming
interface (API). The goal is to that all functions and data types
provided by the library are explained. However, for now this is only
a stub and not very useful.

Apr 4 2023, 11:25 AM · Documentation, Feature Request, gpgrt
ikloecker created T6438: Manual of gpgrt is missing on gnupg.org.
Apr 4 2023, 11:22 AM · Documentation, Feature Request, gpgrt
werner moved T6378: keytocard: invalid value from QA to gnupg-2.2.42 on the gnupg22 board.
Apr 4 2023, 10:18 AM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
ikloecker closed T6434: Kleopatra - A translation error in Chinese language as Invalid.

Please contact the translation team for the Chinese language. They are responsible for the translation of Kleopatra. See https://community.kde.org/KDE_Localization/zh-cn

Apr 4 2023, 10:16 AM · kleopatra, Bug Report
gniibe changed the status of T6384: libgcrypt link error if cipher chacha20 is not included from Open to Testing.

Fixed in master and 1.10 branch.

Apr 4 2023, 9:08 AM · patch, libgcrypt, Bug Report
werner triaged T6433: SHA-1 digest is not considered weak as Low priority.

No, it would break the verification of too many signatures.

Apr 4 2023, 8:53 AM · Bug Report
gniibe triaged T6434: Kleopatra - A translation error in Chinese language as Normal priority.

Probably, this change should work:

diff --git a/po/zh_CN/kleopatra.po b/po/zh_CN/kleopatra.po
index 56b06e04..f34112a9 100644
--- a/po/zh_CN/kleopatra.po
+++ b/po/zh_CN/kleopatra.po
@@ -4680,7 +4680,7 @@ msgstr "发件人"
 #: src/crypto/gui/resultitemwidget.cpp:132
 #, kde-format
 msgid "Force decryption"
-msgstr "强制加密"
+msgstr "强制解密"
Apr 4 2023, 8:23 AM · kleopatra, Bug Report
gniibe changed the status of T6432: libgcrypt - flag munging does not account for -Oz from Open to Testing.

After testing the builds of master for several distributions/gcc/clang, applied to 1.10 branch too.

Apr 4 2023, 6:29 AM · Bug Report

Apr 3 2023

ebo closed T2069: Passphrase prompts for each subkey, but not clear which dialog belongs to which subkey as Resolved.

closed, as the remaining subtask is found at T6436

Apr 3 2023, 3:20 PM · gnupg24, Bug Report
ebo edited projects for T2069: Passphrase prompts for each subkey, but not clear which dialog belongs to which subkey, added: gnupg24; removed gnupg.
Apr 3 2023, 2:53 PM · gnupg24, Bug Report
ebo added a comment to T2069: Passphrase prompts for each subkey, but not clear which dialog belongs to which subkey.

On gpg4win 4.1.0 (and GnuPG VSD 3.1.26) there are no longer password prompts for the subkeys when exporting (or making a backup from) secret keys.

Apr 3 2023, 2:52 PM · gnupg24, Bug Report
ebo moved T6338: kleo: Japanese Translation from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 3 2023, 2:01 PM · Restricted Project, kleopatra, Bug Report
werner lowered the priority of T5555: Cannot add existing ECDSA key as a signing subkey from High to Normal.
Apr 3 2023, 1:46 PM · gnupg24, Bug Report
werner removed a project from T5555: Cannot add existing ECDSA key as a signing subkey: gnupg (gpg23).
Apr 3 2023, 1:43 PM · gnupg24, Bug Report
Wolff17 added a comment to T6435: libgcrypt | gcry_mpi_ec_mul return a truncated point coordinate.

Your quick support solve my problem, I am thanking you :)
Bye bye

Apr 3 2023, 10:25 AM · Debian, libgcrypt, Bug Report
werner closed T6435: libgcrypt | gcry_mpi_ec_mul return a truncated point coordinate as Resolved.

I added a remark to the print function. Thanks for the suggestion.

Apr 3 2023, 10:22 AM · Debian, libgcrypt, Bug Report
Wolff17 added a comment to T6435: libgcrypt | gcry_mpi_ec_mul return a truncated point coordinate.

You are right, w.y should be "00039E2C9AEC146C5799651C42691A3E35E291B6BC45FF079DDA3E70E709BF33".

Apr 3 2023, 9:39 AM · Debian, libgcrypt, Bug Report
werner added a comment to T6435: libgcrypt | gcry_mpi_ec_mul return a truncated point coordinate.

Can you please share the expected result with us? Note that Libgcrypt strips leading zeroes except when it is required to keep the value positive.

Apr 3 2023, 9:30 AM · Debian, libgcrypt, Bug Report
Wolff17 created T6435: libgcrypt | gcry_mpi_ec_mul return a truncated point coordinate.
Apr 3 2023, 9:24 AM · Debian, libgcrypt, Bug Report
jeffcliff added a comment to T6432: libgcrypt - flag munging does not account for -Oz.

if your'e asking me, i'd suggest just let it be fixed going forward unless someone else complains

Apr 3 2023, 7:04 AM · Bug Report
gniibe claimed T6432: libgcrypt - flag munging does not account for -Oz.

Thank you for the report.
Fixed in master. Let us consider if it will be backported to 1.10 (or not).

Apr 3 2023, 7:02 AM · Bug Report

Mar 31 2023

jensenpeng renamed T6434: Kleopatra - A translation error in Chinese language from A translation error in Chinese language to Kleopatra - A translation error in Chinese language.
Mar 31 2023, 7:51 AM · kleopatra, Bug Report
jensenpeng changed Version from Kleopatra to Kleopatra Gpg4win-4.1.0 on T6434: Kleopatra - A translation error in Chinese language.
Mar 31 2023, 7:49 AM · kleopatra, Bug Report
jensenpeng created T6434: Kleopatra - A translation error in Chinese language.
Mar 31 2023, 7:47 AM · kleopatra, Bug Report

Mar 30 2023

Jakuje created T6433: SHA-1 digest is not considered weak.
Mar 30 2023, 12:00 PM · Bug Report

Mar 29 2023

jeffcliff created T6432: libgcrypt - flag munging does not account for -Oz.
Mar 29 2023, 3:31 PM · Bug Report
ebo added a comment to T6378: keytocard: invalid value.

works in 3.1.27.0-beta44

Mar 29 2023, 10:43 AM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
werner closed T1971: LDAP: --refresh-keys is not implemented as Resolved.

This has been solved loooong ago.

Mar 29 2023, 9:18 AM · Bug Report, gnupg, dirmngr

Mar 28 2023

werner triaged T6425: improve pinentry behavior and texts in smart card context as Low priority.
Mar 28 2023, 5:11 PM · gnupg24 (gnupg-2.4.5), scd, Bug Report, Restricted Project
werner triaged T6423: Kleopatra: Tooltip for "Lookup on server" wrong in case of GnuPG VSD as Low priority.
Mar 28 2023, 5:09 PM · Restricted Project, Bug Report, kleopatra
werner renamed T6400: Improve Pinentry error message for a bad $TERM from Key generation on freebsd fails with message about screen size to Improve Pinentry error message for a bad $TERM.
Mar 28 2023, 5:02 PM · FreeBSD, Documentation, pinentry, Bug Report
werner triaged T6400: Improve Pinentry error message for a bad $TERM as Normal priority.

Actually this is about improving an error message.

Mar 28 2023, 5:01 PM · FreeBSD, Documentation, pinentry, Bug Report
werner triaged T6374: EML files: Body is empty as Low priority.
Mar 28 2023, 4:58 PM · gpgol, Bug Report
werner triaged T6419: Signing leads to broken HTML in body as Low priority.
Mar 28 2023, 4:45 PM · gpgol, Bug Report

Mar 27 2023

ebo changed the status of T6093: gpg: Continues export of secret key if first passphrase dialog was canceled from Testing to Open.
Mar 27 2023, 9:43 AM · gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.1), Bug Report, Restricted Project
werner added a project to T6093: gpg: Continues export of secret key if first passphrase dialog was canceled: gnupg22.
Mar 27 2023, 9:15 AM · gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.1), Bug Report, Restricted Project

Mar 25 2023

gniibe added a comment to T6388: libgcrypt: gpgrt-config not found in $PREFIX if there are no less-preferred options found via $CC .

@tlaurion Thank you for the report, but your particular problem is irrelevant to this ticket.
I lightly looked the log and noticed that the cross build would have some confusions for pkg-config, however, that's not our problem but yours.
For the particular failures in your build, the issues look like a problem of musl linker. It seems that it requires all dependency of libraries to be used, even if an executable doesn't use a library directly.
If it is the case, we need a patch... something like:

Mar 25 2023, 2:59 AM · gpgrt, patch, libgcrypt, Bug Report

Mar 24 2023

tlaurion added a comment to T6388: libgcrypt: gpgrt-config not found in $PREFIX if there are no less-preferred options found via $CC .

@gniibe
Trying to crosscompile newer 2.4 gpg toolstack from Heads OSF under PR https://github.com/osresearch/heads/pull/1350

Mar 24 2023, 9:24 PM · gpgrt, patch, libgcrypt, Bug Report
hunterthompson added a comment to T3469: gpg: decryption failed: No secret key <= after debian upgrade from Jessie to Stretch.
Mar 24 2023, 10:15 AM · Support, Documentation
cklassen removed External Link on T6422: --rfc4880 not working in Gpg4win 4.1.0?.
Mar 24 2023, 8:59 AM · OpenPGP, Support, gnupg
cklassen created T6422: --rfc4880 not working in Gpg4win 4.1.0?.
Mar 24 2023, 8:58 AM · OpenPGP, Support, gnupg

Mar 23 2023

cklassen created T6419: Signing leads to broken HTML in body.
Mar 23 2023, 10:15 AM · gpgol, Bug Report
gniibe changed the status of T6388: libgcrypt: gpgrt-config not found in $PREFIX if there are no less-preferred options found via $CC from Open to Testing.

Fixed in master (of libgpg-error).
Pushed the change to libgcrypt (master and 1.10 branch).

Mar 23 2023, 6:51 AM · gpgrt, patch, libgcrypt, Bug Report

Mar 22 2023

ebo added a comment to T6093: gpg: Continues export of secret key if first passphrase dialog was canceled.

works in gnupg24.

Mar 22 2023, 3:27 PM · gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.1), Bug Report, Restricted Project
ebo added a comment to T6093: gpg: Continues export of secret key if first passphrase dialog was canceled.

I'd say yes.

Mar 22 2023, 11:23 AM · gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.1), Bug Report, Restricted Project
gniibe added a comment to T6388: libgcrypt: gpgrt-config not found in $PREFIX if there are no less-preferred options found via $CC .

Thank you for the bug report.

Mar 22 2023, 4:20 AM · gpgrt, patch, libgcrypt, Bug Report

Mar 21 2023

werner triaged T6388: libgcrypt: gpgrt-config not found in $PREFIX if there are no less-preferred options found via $CC as Normal priority.
Mar 21 2023, 3:25 PM · gpgrt, patch, libgcrypt, Bug Report
werner assigned T6388: libgcrypt: gpgrt-config not found in $PREFIX if there are no less-preferred options found via $CC to gniibe.

@gniibe: Would you mind to look at this?

Mar 21 2023, 3:24 PM · gpgrt, patch, libgcrypt, Bug Report
werner closed T6313: 2.4.0 does not support in-source-tree builds as Resolved.

README and INSTALL now suggest to to use a build directory.

Mar 21 2023, 9:16 AM · gnupg24, workaround, Bug Report
werner closed T3753: Bad self-signatures and missing subkey usage flags when creating ECDSA/Ed25519 keys in batch mode as Wontfix.

Error checking of the parameter file is usually enhanced when adding new features. Keeping this task open for this specific request does not make sense,

Mar 21 2023, 8:58 AM · gnupg24, Bug Report

Mar 17 2023

ikloecker changed the status of T6415: Kleopatra clipboard does not remember selected signing and --encrypt-to key. from Open to Testing.

Fixed.

Mar 17 2023, 3:00 PM · Restricted Project, Bug Report, kleopatra
werner triaged T6415: Kleopatra clipboard does not remember selected signing and --encrypt-to key. as Normal priority.
Mar 17 2023, 1:25 PM · Restricted Project, Bug Report, kleopatra

Mar 16 2023

werner closed T6385: Regarding "gpg: can't connect to the agent - trying fall back " as Invalid.
Mar 16 2023, 2:54 PM · No Response, Bug Report

Mar 15 2023

werner added a comment to T6375: gpg-agent race-condition with parallel clients.

FYI: Quite some more days than a few passed by. I still did not found the time for this, sorry.

Mar 15 2023, 4:10 PM · gnupg24, gpgagent, Bug Report
werner placed T6378: keytocard: invalid value up for grabs.
Mar 15 2023, 11:43 AM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
Tuyen added a comment to T6402: [gnupg] configure: --with-libksba-prefix overrided by --with-ksba-prefix.

Hi @werner,
I understand we should use --with-libksba-prefix, but it doesn't work:

Mar 15 2023, 10:42 AM · Not A Bug, Bug Report
werner closed T6402: [gnupg] configure: --with-libksba-prefix overrided by --with-ksba-prefix as Resolved.

That is not a bug but required for backward compatibility. See me/ksba.m4:

Mar 15 2023, 9:55 AM · Not A Bug, Bug Report
werner moved T6378: keytocard: invalid value from Backlog to QA on the gnupg24 board.
Mar 15 2023, 9:43 AM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
cklassen added a comment to T6374: EML files: Body is empty.

Hint: When the user disabled GpgOL -> Automation -> Automatically secure messages in the configuration of GpgOL he could see the email body again.

Mar 15 2023, 9:24 AM · gpgol, Bug Report
ikloecker added a comment to T6411: Signing Other PGP Keys Fails when Using a SmartCard.

This isn't a support forum. You'd better ask on the gnupg-users mailing list before assuming that you found a bug.

Mar 15 2023, 8:13 AM · Support
qtc created T6411: Signing Other PGP Keys Fails when Using a SmartCard.
Mar 15 2023, 8:04 AM · Support

Mar 14 2023

werner closed T6382: keytocard fails to import a nistp384 ECDSA key, a subtask of T6378: keytocard: invalid value, as Resolved.
Mar 14 2023, 4:20 PM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
werner closed T6382: keytocard fails to import a nistp384 ECDSA key as Resolved.

Closing this one - see T6378

Mar 14 2023, 4:20 PM · yubikey, scd, Bug Report
werner moved T6378: keytocard: invalid value from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Mar 14 2023, 4:18 PM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
werner changed the status of T6378: keytocard: invalid value from Open to Testing.

Fixed in 2.2 need to check 2.4

Mar 14 2023, 4:18 PM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
werner added a comment to T6378: keytocard: invalid value.

Ooops. We do not have the automatic chnage of key type in the WRITEKEY command of scdaemon. This is only done when generating a key.

Mar 14 2023, 11:47 AM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project
werner added a comment to T6382: keytocard fails to import a nistp384 ECDSA key.

There is actually a regression wit Yubikeys. The fix for 2.2 is in T5100: rG08cc34911470 - for 2.4 I need to check

Mar 14 2023, 11:35 AM · yubikey, scd, Bug Report
ikloecker added a comment to T6386: gpg-agent 2.2: Command "READKEY --card --no-data -- OPENPGP.1" overwrites protected-private-key with shadowed-private-key.

I agree. Something called READ... shouldn't change existing data. (Updating existing data to a new format that doesn't alter the semantics of the existing data is okay.)

Mar 14 2023, 10:59 AM · gnupg22 (gnupg-2.2.42), Bug Report
werner claimed T6378: keytocard: invalid value.
Mar 14 2023, 10:53 AM · gnupg24 (gnupg-2.4.1), gnupg22 (gnupg-2.2.42), Bug Report, Restricted Project