Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: devel

sendings passwords with gpg-agent? (was Re: gnupg1 still needed?)

  

 
GnuPG devel RSS feed   Index | Next | Previous | View Threaded


adam at adammil

Jul 18, 2008, 11:11 AM

Post #1 of 5 (278 views)
Permalink
sendings passwords with gpg-agent? (was Re: gnupg1 still needed?)
Klaus Singvogel wrote:
> Please note either
> that SUSE Linux dropped the support for gpg1 since 10.3 (Oct 2007),
> and is shipping gpg2 only now.
Well, this makes me wonder, then.

gpg1 allows programs to send passwords using --command-fd. gpg2 always
uses gpg-agent, and never asks for passwords on the --command-fd. Is
there a way to get something equivalent on gpg2, though? i.e., can a
program hook into the gpg-agent in such a way as to provide its own UI
for password entry?

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


marcus.brinkmann at ruhr-uni-bochum

Jul 21, 2008, 2:05 AM

Post #2 of 5 (252 views)
Permalink
Re: sendings passwords with gpg-agent? (was Re: gnupg1 still needed?) [In reply to]
At Fri, 18 Jul 2008 11:11:19 -0700,
Adam Milazzo <adam[at]adammil.net> wrote:
>
> Klaus Singvogel wrote:
> > Please note either
> > that SUSE Linux dropped the support for gpg1 since 10.3 (Oct 2007),
> > and is shipping gpg2 only now.
> Well, this makes me wonder, then.
>
> gpg1 allows programs to send passwords using --command-fd. gpg2 always
> uses gpg-agent, and never asks for passwords on the --command-fd. Is
> there a way to get something equivalent on gpg2, though? i.e., can a
> program hook into the gpg-agent in such a way as to provide its own UI
> for password entry?

I am not aware of such an option with gpg2, but note that you will
never get it in all circumstances. Consider smart cards used on a
terminal with a number pad. In this case, you really do not want the
pin number to go through the application.

It is best to consider gpg2 with this use case in mind. Just forget
about secret key handling and passphrases and such. They are not the
business of applications any more with gpg2.

Now, in case you really want this, you can replace the pinentry
program. There is currently no easy way to do this (you need to set
up your own gnupghome for it). But conceptually, the pinentry program
is the component you want to replace if you want to change its GUI.
Yes, this is harder to integrate into the application. This is on
purpose, see above.

Thanks,
Marcus




_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


adam at adammil

Jul 21, 2008, 3:03 AM

Post #3 of 5 (252 views)
Permalink
Re: sendings passwords with gpg-agent? (was Re: gnupg1 still needed?) [In reply to]
[Whoops. Adding list.]

> Consider smart cards used on a
> terminal with a number pad. In this case, you really do not want the
> pin number to go through the application.
Yes, I agree.

> It is best to consider gpg2 with this use case in mind. Just forget
> about secret key handling and passphrases and such. They are not the
> business of applications any more with gpg2.
The main problem I have is that the gpg-agent UI sucks. For instance,
with symmetric decryption, it just says "Enter password", which leaves
the user wondering "which password??". They'll probably enter their
secret key password, which won't work. And they won't know why it didn't
work...

Second, there's no obvious way to cache the passwords, so the user would
think he has to to type them in for every file in a multi-file
operation, for instance.

And finally, unit tests for libraries that script GPG behind the scenes
can't be run automatically. The gpg-agent dialog pops up a hundred times
during the tests.

This would be a moot point if there was a GPG library, but the official
answer seems to be to script the GPG text-mode executable, which is made
harder by gpg-agent.


_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


wk at gnupg

Jul 21, 2008, 8:24 AM

Post #4 of 5 (251 views)
Permalink
Re: sendings passwords with gpg-agent? [In reply to]
On Mon, 21 Jul 2008 12:03, adam[at]adammil.net said:

> The main problem I have is that the gpg-agent UI sucks. For instance,
> with symmetric decryption, it just says "Enter password", which leaves
> the user wondering "which password??". They'll probably enter their

This is for sure not good. However there is no other information
available. Symmetric only encryption is usually only used in unattended
settings and thus there is no need for a pinentry (Use --passphrase-fd).

Please suggest a wording for the prompt uside with symmteric encryption.

> Second, there's no obvious way to cache the passwords, so the user would
> think he has to to type them in for every file in a multi-file

Well these are one-off passphrases and it does not make sense to cache
them - use public-key encryption instead. To allow for passphrase
caching we would need to implement a key management for symmetric
encryption; i.e. to use a random key protected by a passphrase. This is
quite some work becuase you need to have all the code to distribute such
protected symmetric passphrases.

> And finally, unit tests for libraries that script GPG behind the scenes
> can't be run automatically. The gpg-agent dialog pops up a hundred times
> during the tests.

Hmmm, gpg2 uses quite some regression tests without any problems. On my
todo list is a loopback-pinentry which would allow to test the entire
gpg-agent/gpg[sm] passphrase system. But well, regression tests are a
lot of work and a work most people don't won't to pay for and finding
volunteers is evene harder. Yes, there should be far more regresseion
tests.

> This would be a moot point if there was a GPG library, but the official

There is one: gpgme. gpgme even has a lot rof regression tests.


Salam-Shalom,

Werner

--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.


_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


marcus.brinkmann at ruhr-uni-bochum

Jul 21, 2008, 4:21 PM

Post #5 of 5 (249 views)
Permalink
Re: sendings passwords with gpg-agent? (was Re: gnupg1 still needed?) [In reply to]
At Mon, 21 Jul 2008 12:43:25 -0400 (EDT),
mskala[at]ansuz.sooke.bc.ca wrote:
>
> On Mon, 21 Jul 2008, Marcus Brinkmann wrote:
> > I am not aware of such an option with gpg2, but note that you will
> > never get it in all circumstances. Consider smart cards used on a
> > terminal with a number pad. In this case, you really do not want the
> > pin number to go through the application.
>
> Being able to decrypt and sign in scripts is pretty important. If gpg2
> can't do that, people will use gpg1 whether you approve or not.

gpg2 can do that. Off the cuff, I can think of about 3-5 ways to do
it. The best method depends on your environment and security needs.
Just to give you a hint, check out the various passphrase related
command line options, the GPGME test suite in SVN, and the
gpg-preset-passphrase tool.

There is nothing wrong with using gpg1. We approve fully.

Thanks,
Marcus




_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

GnuPG devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.