Mitigations are in place for quite some time now; see T4755.

Fix will be in 2.2.22. Thanks for the report.

It was actually moved to noninstall in 2006. The reason or this is a conflict between the version of gpgsplit in GnuPG 1.4 and 2.0. Back then it seemed easier to keep on using the gpgpslit from 1.4 because that version was installed anyway. At that time gpg was called gpg2 we changed this much later and probably forgot to switch also to the gpgsplit from GnuPG 2.

Kleopatra now queries scdaemon for the manufacturer. The (outdated) mapping of serial numbers to manufacturers is kept as fallback for GnuPG < 2.2.21.

Further analysis shows that this only happens when async crypt is enabled.

The expiry of the subkeys (and that of the primary key) can now be changed via a context menu action in the subkeyswidget.

Thanks. Added to 2.2.

You used --personal-digest-preferences to force the use of SHA-512, right?

OpenPGP (RFC-4880) requires support for 3DES and SHA-1 thus you can't disable them. However, they are not used in practice because the key preference guarantee the use of more modern algorithms,

Do you mean you want to copy a backup key created while generating the keys for the card onto a new card?

We currently already ship:

The problem appears to be the test framework is not setting a LD_LIBRARY_PATH (or DYNLD_LIBRARY_PATH on OS X).

As far as I know, the environment is set correctly. PKG_CONFIG_PATH, --prefix and --libdir are set. And runpaths are also set.

I meant:

If you can point me to a commit, I can patch the package and retest it.

If there is no other problem (than the issues of additional slash and double slash), I'll close this bug report.

We won't do that for 2.2.

Solved in master (1.9). We won't do it in 1.8.

Use

gpgconf --kill dirmngr

to stop it.

No more info was provided.

ı dont understand can you explain me more specific? which file name ? when ı select the Tor installer gpg cant decrypt it not signature file

Download the corresponding tor signature file. Then enter that file name.

Thank you, Andre. Just updated here, problem fixed.

Thanks Andre,

This has been shipped with Gpg4win-3.1.12

Applied and pushed.

No, it didn't work, but we need more change:

diff --git a/g10/tdbio.c b/g10/tdbio.c
index bfeede991..9f01667b4 100644
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@@ -1909,12 +1909,9 @@ tdbio_search_trust_byfpr (ctrl_t ctrl, const byte *fingerprint, TRUSTREC *rec)
 gpg_error_t
 tdbio_search_trust_bypk (ctrl_t ctrl, PKT_public_key *pk, TRUSTREC *rec)
 {
-  byte fingerprint[MAX_FINGERPRINT_LEN];
-  size_t fingerlen;
+  byte fingerprint[20];

I don't mind if this is marked as resolved. As long as I use my script, the agent works flawlessly with my Nitrokey. The agent startup is very fast. The script also resolves the effect that the agent won't work after the system is waked from sleeping state.

Thanks for providing your workaround.