Problem with C++ wrapper and gpgme

Yenot yenot at sec.to
Mon May 26 20:30:02 CEST 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 26 May 2003 04:08 am, Robert J. Hansen wrote:
>
> Surprisingly, though, I found that it was faster and easier to do a
> gpg --list-keys --fingerprint --with-colons, grab the output, and
> parse that to create the key database than it was to use the GPGME
> key-iteration functions.

Even that solution can be problematic.  Let's say your application
is a keymanager written in C++. Your goal is to take the information 
from *all* keys on a keyring and display them in a pretty GUI.

For this, your best bet is parse the raw binary output of
"gpg --list-keys".  If you don't parse the raw binary output, this is 
what will happen:

GnuPG will first do lots of expensive string parsing and memory 
management operations to force all the data into an unnecessary [for 
your application] "colon format".  Then GPGME will do lots of 
expensive string parsing and memory management operations to parse 
the colon format and put it into its own data structures.  Then 
you'll call lots of GPGME functions to put the data into the straight 
forward vector<key> that you wanted in the first place. Finally, 
you'll hand off the data to the windowing libraries for display to 
the user.

Then you'll figure out that this takes way too much time for an 
interactive application, and GPGME doesn't provide access to the full 
key information that you needed to display anyway (example: key 
preferences). You'll realize that parsing the raw binary output of 
"gpg --list-keys" requires lots of painful RFC reading, but you'll 
also find out that it's *lightning* fast.

Disclaimer:
Some of the above is speculation. I have written tools that parse 
OpenPGP data, but I didn't try writing my own key manager. For 
applications that are less intensive than a keymanager, GPGME might 
be the best thing since sliced bread. /shrug

 - Yenot
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+0k57P247TY29IxARAhztAJ0Wtk3ZZv5ybZJYfP846ILXgYamUwCffZKN
LTs/2zaorr+BJQArpIGUusM=
=Q728
-----END PGP SIGNATURE-----

More information about the Gnupg-devel mailing list