@werner That is not helpful. I tried 4 or 5 different readers. And the Reiner SCT cyberjack is the one that works best out of all of them on both Windows and Linux.

Your item "2. Allow exporting multiple groups at the same time." is not really important. If you want to do that, please make sure that each group is exported to a separate file.

Please see T5696.

No autoreconf etc. Use only our method to cross build. That is $src/libgcrypt/autogen.sh --build-w32.

cross-compilation settings:

The cross-compilation settings:

{ # 2019.12.13 # https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=summary
	#'repo_type' : 'archive',
	'#url' : 'https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.43.tar.bz2',
	#
	'repo_type' : 'git',
	'recursive_git' : True,
	'url' : 'git://git.gnupg.org/libgpg-error.git', # https://git.gnupg.org/ # https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=summary
	##'url' : 'https://dev.gnupg.org/source/libgpg-error.git', # https://git.gnupg.org/ # https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=summary
	#
	'configure_options': '--host={target_host} --prefix={target_prefix} --disable-shared --enable-static --disable-rpath --disable-doc --disable-tests --with-libiconv-prefix={target_prefix}', # --with-libintl=no --with-libpth=no',
	'custom_cflag' : ' ', # 2019.12.13 it fails to build with anything other than this, eg it crashes with -O3 and -fstack-protector-all -D_FORTIFY_SOURCE=2 
	'run_post_regexreplace' : (
		'autoreconf -fiv',
		'./autogen.sh --build-w64 ', 								 
	),
	'depends_on' : (
		'iconv', 
	),
}

Importing exported certificate group files from the file manager now also works, at least on XDG-compatible systems. I have also made sure that the application-certificate icon is used for those files in the Breeze icon theme.

Ready for testing

Here are the two test certificates mentioned in the commit log:

Pushed to master.

Pinentry: pinentry-curses (pinentry) 1.2.0
OS: macOS 12.0
Terminal: xterm-256color (via zsh in the default Terminal.app)

Additionally, poly1305-s390x.S is being compiled despite running/targeting a PC system:

We could use a new mode #define GCRY_GET_CONFIG_FIPS 1 with gcry_get_config:

What is your Pinentry version, which OS is that, and which terminal type?

With just implicit indicators, we would have to block all non-approved cipher modes and kdfs including the OCB mode and skcrypt, which would probably make gnupg2 unusable in FIPS mode, which is not our intention.

In the documentation, I found:

It would be the grey background text and no forced template, just as an input hint. And it would override the automatic detection of name / e-mail so that no wrong values are prefilled. This should help avoid unattentive users from creating a slightly wrong user id if their ad domain address does not match the e-mail.

Can you given a example on how this would look like. In particulr are placeholders some kind of forced template or just a grey background text?

Please also refer to https://github.com/microsoft/vcpkg/discussions/20755 where we discuss on how to approach GnuPG libraries for a native Windows compilation.

Also, and I should maybe have opened with it, the issues vcpkg has with your build system are currently tracked here, while my effort to build gpg-error natively (i.e. without relying on ShiftMediaProject fork) on all platforms is here.

In T5687#151853, @werner wrote:

FWIW, the gnupg installer comes with dll, header and import files. You may use them.

In T5365#151844, @gniibe wrote:

Let me clarify the use case of gpg-error.m4.

gpg-error.m4 is for GnuPG and its friends, where we cannot assume availability of pkg-config. Its capability is limited, and we don't pursue 100% compatibility of pkg-config.

No, our admin left us and took all scripts and docs with him. We need to set it up again. You better use this system anyway, patches etc on GitHib are not used.

GnuPG requires a Unix system to build. We do not support building natively on Windows. Sorry.

Adding the check on host side, I pushed the change: rGa575b0aba542: scd:openpgp: Support longer data for INTERNAL_AUTHENTICATE.

Let me clarify the use case of gpg-error.m4.

Or, we can use memcmp to avoid arguing semantics of strncmp, and make it a bit cleaner to avoid calling strlen multple times by put_membuf_str.

diff --git a/g10/export.c b/g10/export.c
index 98c4623cf..c7cfcfaa4 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -2133,14 +2133,15 @@ key_to_sshblob (membuf_t *mb, const char *identifier, ...)
   size_t buflen;
   gcry_mpi_t a;