The debug/workaround option works: When the option is checked, opening the msg file will not change its date.

With VS-Desktop-3.1.90.246-Beta I can not import the secret part of the edward.tester@demo.gnupg.com.p12 Testkey (ECC brainpool).
I do not see any error message.

Thanks, what should I look out for? I don't think I can provide the .p12 directly because it is from a production provider that I do not have full access. I can provide the log and x509 public certificate again using the firefox generated one.

Funny error description from macOS. Looks that there is no device - your PC/SC test programs confirms this. Thus I don't think this is a bug in scdaemon.

Recent Mozilla again changed some things. Please see T6752. Can you please provide a sample in case this is not the same problem as in T6752?

Some time ago, I have checked and hopefully fixed all usage of time_t in Kleopatra and GpgME to make sure we always use unsigned 32-bit integer arithmetic. Dates entered by the users are capped to some date in 2106 (a few days before the overflow date).

The error message in Kleo is now (with VS-Desktop-3.1.90.246-Beta) "Broken pipe". But in the linked error protocol you can find the gpg error message "no space left on device". So I would find this message acceptable.

115.3.1esr

Yes, there is clearly a problem with the handling of NDEF. I have a fix for that but there are other oddities in that pkcs12 object. Do you have the Firefox version you used to create this?

I am wondering a bit about the gpg: DBG: chan_3 <- ERR 100696144 Operation not supported by device <SCD> which is not the string I expected for this error:

Applied to 2.4, too.

works. In current VSD-testing-Beta.

Okay, I found and fixed the import problem in 2.4 and will backport this to 2.2

OK. I pushed: rG227b3b14f4be: tests:tpm2dtests: Modify tests with SWTPM and relax the condition.
... which doesn't require swtpm_ioctl and tssstartup any more.

The tag of the last displayed user ID that has a tag is chosen. And that's tag tagC1 in the above scenario.

Works, the expected behavior from the description is shown.

I pushed rG321f9c0a3f28: tests:tpm2dtests: Fix tests with TPM2D. and rG98dd6f7af6aa: tests:tpm2dtests: Fix tests with SWTPM. (and other small changes).
Now, it works with two cases:

• tpm_server
• swtpm, swtpm_ioctl, and tssstartup

Do you have any hint how I can test this? I installed Chinese-Simplified (zh_CN) but I fear switching the display Language. Maybe I should just use _wasctime and convert to utf8

I guess we should add an extended API to set the filter.

Under Kleopatra -> Settings -> Configure Kleopatra -> GnuPG System -> In the Tab Secret Keys -> Is there either "Delete unused Passwords after N Seconds or Delete Passwords after N Seconds set to zero or the option "Do not use the password cache for signing" set? In this case this would be normal and expected behavior because it turns of the caching.

Thanks for the report and the helpful suggestion. I was anyway about to change the time format but your suggestion is better.

I am not sure whether we need to fix things in kleo but at some places gpg uses atoi() to parse the seconds since epoch. This should be fixed because that is the way gpgme provides the expiry time. I will also look into the ISO date string parser.

Maybe it's due to the fact that I used a non-admin installation? Actually I'm also surprised that it worked that way. What kind of debug logs could I supply?

works as described

For me with Gpg4win 4.2.0 it works as expected, that is all UIDs which have a checkmark are certified in one go, entry of password only once. Used the key given in description for the test.

After the fix everything after the Signature block is now silently discarded

Changing debug options unfortunately didn't change much.

Lot's of things changed in the meantime.

Lot's of changes since 2.4.

Eva and me tested this using our 2.2.42 release candidate on Linux and
on Windows and were not able to replicate your problem.

Eva can you please try to reproduce this? I can't really imagine that this is true since we have soooo many users with yubikeys and do a lot of internal testing on them. To be fair please try with your standard devuan GnuPG and not just with an up to date version.

Instead of all the debug options, please use

I think there is a timing issue between the termination of a job and the retrieval of gpg's output, so that gpg's output is sometimes truncated or even completely empty. This is a general problem and not specific for this ticket.

works with VS-Desktop-3.2.0.0-beta214, too.
You are now informed that you do not have permissions to write there.

Kleopatra now shows:

works in 22, too (tested with VS-Desktop-3.2.0.0-beta214)

Re-open to add auto-detection.

Relevant lines from Arch's qconfig.pri:

QT.global.enabled_features = shared pkg-config rpath reduce_relocations signaling_nan zstd thread future concurrent dbus openssl-linked opensslv30 shared shared rpath reduce_exports no_direct_extern_access reduce_relocations openssl
QT.global.disabled_features = static cross_compile debug_and_release separate_debug_info appstore-compliant simulator_and_device force_asserts framework c++20 c++2a c++2b c++2b wasm-simd128 wasm-exceptions opensslv11
QT.global.disabled_features += release build_all
QT_CONFIG += shared rpath reduce_exports no_direct_extern_access reduce_relocations openssl release
CONFIG +=  shared plugin_manifest

Per IRC discussion, this could be autodetected in qt6.m4 by querying Qt6Platform.pc for mkspecsdir and grepping ${mkspecsdir}/qconfig.pri for QT_CONFIG.*no_direct_extern_access.

No need for QA on build issues.

The Qt 6 bindings will now be compiled with the -mno-direct-extern-access flag if --enable-no-direct-extern-access is passed to configure.

Fixed by ingo