pinentry: How to get key id?

[Werner Koch]

On Sat, 30 Nov 2013 06:18, lukashaase at gmx.at said:

> Is there a way to find the key id for which the password is queried,
> e.g. within the pinentry_loop2 or better, the w32_cmd_handler function?

No.  The keyid is an OpenPGP specific datum and useless with other
protocols.  gpg-agent does not know about OpenPGP but only about the
keys.  Therefore it uses a protocol-neutral identification string for
keys, dubbed “keygrip”.

The pinentry is for humans and humans are really good in pattern
matching ;-).

If you need to automate pinentry, you should first ask yourself, why you
need to supply a passphrase.  Most likely this is an unattended system
and then a passphrase to protect the key does not make anything more
secure - the passphrase is stored somewhere in the clear anyway.

In case this is a server application you may use a loopback pinentry to
present the user a custom web form instead of the pinentry.

If that all does not help, you need to wait for GnuPG 2.1 which may work
without a pinentry by providing an internal loopback and thus the gpgme
passphrase callback can be used again.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.