a few GPGME issues

Wichert Akkerman wichert at wiggy.net
Sun Apr 21 15:26:01 CEST 2002

I've been looking at GPGME to see if I can use it to implement a tool
to easily create detached signatures for a large number of files. It
seems to be able to do this but I ran into a few issues that would need
to be resolved before I can get things working

* I need to be able to copy the data buffer with the generated signature
  (and modify it, the buffer does not seem to be zero-terminated which is
  somewhat unpractical considering it is a string). Since it seems to
  be impossible to get the size of the data in a buffer this is impossible.

* In order to conveniently sign a large number of files I have to store the
  passphrase in memory. GPGME makes that very hard to do: it tells the
  passphrase callback to cleanup after each usage of the passphrase by setting
  DESC to NULL, both for succesful and unsuccesful usages. This means I can not
  use that to decide to store the passphrase or not. The trick I currently
  use is look at the first word in DESC; if that is ENTER I simply feed
  GPGME the last used passphrase, and otherwise I (re)prompt the user.

* The GPGME manual does not indicate how the passphrase that the callback
  returns is used. Can I be sure that GPGME will never copy it and directly
  write it a a passphrase filedescriptor?

* I wanted to use the HOOK data for the passphrase callback to store some
  data associated with the callback I am using. However GPGME only has a
  function to set the callback and HOOK data but none to retrieve their
  current values. This means I need to keep track of that data in another
  place as well and create another abstraction layer around GPGME. Can
  a function to retrieve that data please be added? This hold for both
  passphrase and progess meter callbacks.

* according to the documentation the DESC parameter of the passphrase callback
  contains a text `usable to be displayed to the user of the application'.
  I fail to see how a combination of numbers and strings without any
  documentation what they mean is something you ever want to show to a user.
  It woud be useful to be able to get the information contained in DESC
  in a simple struct so we can use it in the callback without having
  to parse the text.


 /wichert at wiggy.net         This space intentionally left occupied \
| wichert at deephackmode.org            http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

More information about the Gnupg-devel mailing list