pinentry for Android questions

[Hans-Christoph Steiner]

On 09/19/2012 12:30 PM, Abel Luck wrote:
> Hans-Christoph Steiner:
>>
>>
>> On 03/10/2012 08:56 AM, Marcus Brinkmann wrote:
>>> On 03/10/2012 04:35 AM, Hans-Christoph Steiner wrote:
>>>>
>>>>
>>>> On 03/09/2012 01:12 PM, Marcus Brinkmann wrote:
>>>>> On 03/09/2012 06:37 PM, Hans-Christoph Steiner wrote:
>>>>>>
>>>>>> I've been looking through the examples, those are hard to generalize
>>>>>> from for this use case since they are all pure C and can all be linked
>>>>>> together into a single program.  What I would love to see is an
>>>>>> example transcript of the assuan dialog between a pinentry program and
>>>>>> gpg-agent, since I think I'll have to implement the whole pinentry lib
>>>>>> in Java.  Or perhaps I could wrap the pinentry C code in JNI for Java.
>>>>>>
>>>>>
>>>>> It's a lot easier to make pinentry.c/pinentry.h in a library and wrap
>>>>> that than to wrap libassuan or reimplement libassuan in Java.
>>>>>
>>>>> gpg-agent can be configured to log its assuan communication with
>>>>> pinentry.
>>>>
>>>> I forgot to mention, we're going to be using gpgme in this.  It looks
>>>> like gpgme somehow handle
>>>
>>> Thanks,
>>> Marcus
>>>
>>>
>> s the pinentry stuff with callbacks, or am I
>>>> reading it wrong?  If we are using gpgme, do we still need a custom
>>>> pinentry?
>>>
>>> The callbacks are "old school" and not functional for gpg2 with
>>> gpg-agent. :)
>>>
>>> So a custom pinentry is indeed needed, and you don't need to set a gpgme
>>> passphrase callback (it would never be called).
>>>
>>> Thanks for the list of issues, btw, it's a big help as the mailing list
>>> threads were getting a tiny bit unwieldy.
>>
>> I'm back on this and still not quite seeing how to do it.  From what
>> I've seen, it seems that gpg-agent executes pinentry, then communicates
>> with it via stdin/stdout.  This is not possible in Android because you
>> cannot directly launch a GUI program in Android from the terminal.
>>
>> The only way I've found to start an Android GUI screen from the terminal
>> is to launch an Activity (which is a Java Class representing a GUI
>> screen) using the 'am start' command.  Its not blocking, and there is no
>> stdin/stdout to attach to.
>>
> 
> A thought I had when I looked at this was to create an 'am start'
> wrapper program, 'pinentry-android' for example.
> 
> This program would:
> 
> 1. launch the activity (non-blocking)
> 2. block, as other pinentry programs do
> 3. communicate with the activity somehow (maybe suingsome shared memory,
> mmap)
> 4. communicate with gpg-agent via stdin/out
> 
> #3 is the trickiest bit I think, but this method would work well if
> non-blocking pineentry programs that communicate over the gpg-agent
> socket aren't possible.

Abel and I discussed this on IRC, so I'm posting it here to get feedback
on the best approach here:

_hc: The thing is that all of the pinentry impls that I found use the
pinentry 'lib'
_hc: that pinentry lib makes it really easy to write a pinentry that is
launched via gpg-agent which communicates via stdin/stdout
_hc: the pinentry lib handles all of the conversation in the assuan protocol
_hc: and it seems that conversation is pretty elaborate
_hc: so we'll want to try to include the pinentry 'lib'
_hc: I guess the Activity could launch its own pinentry process and
intercept stdin/stdout
_hc: then that needs to be ferried back somehow, I guess that's your #3
14:55
abeluck: hm, thats not quite what i had in mind
abeluck: the CLI program gpg-agent would launch uses pinentry lib
abeluck: and is a middleman between gpg and the Activity
_hc: ok, so pinentry-android does exec("am start
info.guardianproject.gpg.PassphraseActivity);
abeluck: gpg-agent <--pinentry lib--> pinentry-android-blocking
<--mmap/other socket--> Java Activity
abeluck: yes
abeluck: yes, it starts the activity
abeluck: and bridges communication between gpg-agent
abeluck: and the activity
abeluck: using mmap/or socket to talk to the activity
abeluck: and using stdin/out to talk to gpg
abeluck: or s/stdin\out/pineentry-lib/ if necessary
_hc: right, ok
_hc: I guess pinentry-android makes it own UNIX socket, which the
PinEntryActivity connects to once it starts
abeluck: yes
_hc: ok, this is seeming doable
abeluck: its pretty elegant really
_hc: hmm, elegant considering the options
abeluck: indeed
_hc: if android just let you write a cmd line program that showed an
Activity, this would be done
abeluck: the savings there doesnt seem any more difficult than doing it
this way
abeluck: 'am start' is effectively that
_hc: it would be nice if gpg-agent could just call 'am start ...', then
the PinEntryActivity could just connect directly to the gpg-agent UNIX
socket and do everything there.
abeluck: the fact you have to communicate asyncly isn't a big deal imo
_hc: async isn't the problem, its adding another socket
_hc: just seems messy
abeluck: yea, that would be nice, but infeasible atm
_hc: but the only feasible approach right now

.hc

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 937 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120919/9912d9fa/attachment-0001.pgp>