sending interactive passwords
Adam M.
adamm at san.rr.com
Mon Jun 30 01:45:50 CEST 2008
Adam M. wrote:
> It seems to me that it is impossible to send multiple passwords to GPG
> without direct user interaction on a TTY...
It's even worse with decryption, because I don't know beforehand which
key's password to ask for, or whether a key will be used at all (the
data might have been symmetrically encrypted).
I suppose the thing to do is run GPG first, let it fail, try to figure
out which password to ask for, and then run it again. But then I can't
support arbitrary data streams (for instance network streams) because
they can't necessarily be read, rewound, and read again. I could write
them to a temp file on disk, but I prefer not to leave bits on the hard
drive unnecessarily.
I think it would really complete the GPG interface to have interactive
password querying. It already issues NEED_PASSPHRASE* messages on the
status-fd stream, so we just need a way to answer those prompts...
Am I missing some obvious downside? Should I code this and send a patch?
Is this something that the developers don't want in GPG?
Thanks,
-- Adam
More information about the Gnupg-devel
mailing list