pinentry for Android questions

Abel Luck abel at guardianproject.info
Wed Sep 19 18:30:00 CEST 2012 

Hans-Christoph Steiner:
> 
> 
> On 03/10/2012 08:56 AM, Marcus Brinkmann wrote:
>> On 03/10/2012 04:35 AM, Hans-Christoph Steiner wrote:
>>>
>>>
>>> On 03/09/2012 01:12 PM, Marcus Brinkmann wrote:
>>>> On 03/09/2012 06:37 PM, Hans-Christoph Steiner wrote:
>>>>>
>>>>> I've been looking through the examples, those are hard to generalize
>>>>> from for this use case since they are all pure C and can all be linked
>>>>> together into a single program.  What I would love to see is an
>>>>> example transcript of the assuan dialog between a pinentry program and
>>>>> gpg-agent, since I think I'll have to implement the whole pinentry lib
>>>>> in Java.  Or perhaps I could wrap the pinentry C code in JNI for Java.
>>>>>
>>>>
>>>> It's a lot easier to make pinentry.c/pinentry.h in a library and wrap
>>>> that than to wrap libassuan or reimplement libassuan in Java.
>>>>
>>>> gpg-agent can be configured to log its assuan communication with
>>>> pinentry.
>>>
>>> I forgot to mention, we're going to be using gpgme in this.  It looks
>>> like gpgme somehow handle
>>
>> Thanks,
>> Marcus
>>
>>
> s the pinentry stuff with callbacks, or am I
>>> reading it wrong?  If we are using gpgme, do we still need a custom
>>> pinentry?
>>
>> The callbacks are "old school" and not functional for gpg2 with
>> gpg-agent. :)
>>
>> So a custom pinentry is indeed needed, and you don't need to set a gpgme
>> passphrase callback (it would never be called).
>>
>> Thanks for the list of issues, btw, it's a big help as the mailing list
>> threads were getting a tiny bit unwieldy.
> 
> I'm back on this and still not quite seeing how to do it.  From what
> I've seen, it seems that gpg-agent executes pinentry, then communicates
> with it via stdin/stdout.  This is not possible in Android because you
> cannot directly launch a GUI program in Android from the terminal.
> 
> The only way I've found to start an Android GUI screen from the terminal
> is to launch an Activity (which is a Java Class representing a GUI
> screen) using the 'am start' command.  Its not blocking, and there is no
> stdin/stdout to attach to.
> 

A thought I had when I looked at this was to create an 'am start'
wrapper program, 'pinentry-android' for example.

This program would:

1. launch the activity (non-blocking)
2. block, as other pinentry programs do
3. communicate with the activity somehow (maybe suingsome shared memory,
mmap)
4. communicate with gpg-agent via stdin/out

#3 is the trickiest bit I think, but this method would work well if
non-blocking pineentry programs that communicate over the gpg-agent
socket aren't possible.

~abel


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 626 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120919/eae9a7e4/attachment.pgp>

More information about the Gnupg-devel mailing list