C/C++ API for GnuPG
Jason Harris
jharris at widomaker.com
Fri Apr 18 22:50:01 CEST 2003
On Fri, Apr 18, 2003 at 08:59:58AM -0700, Tony_Mione at peoplesoft.com wrote:
> |---------+---------------------------->
> | | "Werner Koch" |
> | | <wk at gnupg.org> |
> | | Sent by: |
> | | gnupg-devel-admin|
> | | @gnupg.org |
^^^ Gah! ^^^
[deleted stuff about GPG in library form]
libgcrypt doesn't have the right stuff? (keyring handling?)
> Ok, if I wanted to, I could write a password to a temp file, open that
> file and pass the fd, correct? Then, of course, we remove the file after
> the passphrase is read. Some of the things we are trying to
> do need to be automated and I am looking for ways to do this SAFELY.
Writing the passphrase to disk isn't safe. Open a pipe to the process
(GPG) before you fork() and exec() it and write the passphrase to the pipe.
> One more thing: is there a way to store a secret key blob in a database
> field?
> It looks like, if I try this, I would have to move the keyring packets from
> the
> DB into a temporary secret keyring file and set the appropriate options to
> tell gpgme/gpg where to find the public and secret keyriings. Is that
> correct.
--secret-keyring[-pipe]-fd, anyone? :) Don't seek() on it and it will
work.
Also, have you looked at cryptlib?
> got Crypto?
Definitely!
Got mutt[.org]?
--
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris at widomaker.com | web: http://jharris.cjb.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : /pipermail/attachments/20030418/cee08a99/attachment.bin
More information about the Gnupg-devel
mailing list