Works. Tested with VS-Desktop-3.2.94.474-Beta and Gpg4win 4.4 by moving only the signature key to a smartcard and then changing the password of the certificate via the context menu.

This was now added as disableAutoPreview (the option was renamed after 26c2fc196bb73d9bd96c91ea7cc12679d925b376 )

Since codesigning for all dlls was added this is fully resolved.

(ignore the last commit, I assigned the wrong task to it)

Here are changes for gcry_md_open and its friends.

My idea in https://dev.gnupg.org/T7338#195529 doesn't work well when a function call is done multiple times.
Assuming SUCCESS, and marking all non-compliant places in the code works, and it would be good because libgcrypt so far maintains non-compliant path with rejection.

Or maybe not. I just did 0.11.0 (T7449) and will do more releases if there is demand for it or we have collected enough patches.

Pushed the change for adding hash tests in rC7faf542f1573: fips,tests: Add t-digest.

Gpg4win 4.4:

It seems that the internal API is not enough.
Now, we have _gcry_md_hash_buffer function with the new FIPS service indicator.
It's used for public key crypto, too.
The compliance for hash function is a part of public key crypto, but not all.

A change for gcry_md_hash_* functions are pushed by rC3478caac62c7: fips,md: Implement new FIPS service indicator for gcry_md_hash_*..
It doesn't have tests with FIPS service indicator yet.

Better a new ticket for the rest, see T7441

A workaround exists with the new option --ignore-crl-extensions.

New external API is by GCRYCTL_FIPS_SERVICE_INDICATOR and/or the new macro gcry_get_fips_service_indicator.
This change is pushed by rCf51f4e98930e: fips: Introduce GCRYCTL_FIPS_SERVICE_INDICATOR and the macro.

New internal API is introduced with T7340 by the commit rCe1cf31232825: fips: Introduce an internal API for FIPS service indicator.

Change is pushed by rCe1cf31232825: fips: Introduce an internal API for FIPS service indicator.

Looks like there's something not correct in the completion model. Or we use different criteria for showing the blue "i" (as "information") which doesn't make it better. Reopen?

Tested Gpg4win 4.4:
Interesting, when you search for the UID, it looks as before, with the green check mark:

I think this is resolved. In the Sign/Encrypt dialog we now offer the individual user IDs instead of the certificates, i.e. the two user IDs of the Udo certificate are both offered and one should be listed as certified and the other one as not certified (if one is certified and the other one isn't; for me both user IDs are ultimately trusted).

Closing this as duplicate of T7405. That ticket has the better task description as it was made after discussing offline how it could best be done.

closing this as duplicate for the improvement part, the support part is solved, anyway.

Interesting. Just a few days ago I noticed that Kleopatra creates a new tab with the imported certificates except when the import is done via the notepad (or via the clipboard). I guess we could add an option to open a tab with the imported certificates to the import result window.

Done for 2.5.0.

Done in 2.5.0.

Fixed in 2.5.0.

Fixed in 2.5.0.

Gpg4win-Beta-94: ok