Pinentry-mode

Werner Koch wk at gnupg.org
Sat Feb 9 12:57:57 CET 2013 

On Fri,  8 Feb 2013 11:06, abel at guardianproject.info said:

> I don't suppose you have some example/tests demonstrating the
> command-[fd,file] functionality?

--command-fd, there is --no command-file.  A simple test run looks like
this (gpg-agent has already been started):

  $ g10/gpg2 --pinentry-mode loopback --verbose --status-fd 2 \
         --command-fd 0 g10/x.asc
  gpg: WARNING: unsafe permissions on homedir '[...]'
  gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
  gpg: It is only intended for test purposes and should NOT be
  gpg: used in a production environment or with production keys!
  gpg: armor header: Version: GnuPG v2.1.0-beta129 (GNU/Linux)
  gpg: public key is AD7AB69C
  [GNUPG:] ENC_TO B705A348AD7AB69C 18 0
  gpg: using subkey AD7AB69C instead of primary key EE5CA433
  [GNUPG:] USERID_HINT B705A348AD7AB69C Egon Charlie Crypto (ECC Test Key)
  [GNUPG:] NEED_PASSPHRASE B705A348AD7AB69C 9B57DB04EE5CA433 18 0
  [GNUPG:] GET_HIDDEN passphrase.enter
  abc
; I entered the above line at the tty.
  [GNUPG:] GOT_IT
  gpg: using subkey AD7AB69C instead of primary key EE5CA433
  gpg: encrypted with 256-bit ECDH key, ID AD7AB69C, created 2011-07-01
        "Egon Charlie Crypto (ECC Test Key)"
  [GNUPG:] BEGIN_DECRYPTION
  gpg: AES128 encrypted data
  [GNUPG:] DECRYPTION_INFO 2 7
  gpg: original file name=''
  [GNUPG:] PLAINTEXT 62 1360140890 
  [GNUPG:] PLAINTEXT_LENGTH 47
  File 'g10/x' exists. 
  [GNUPG:] GET_BOOL openfile.overwrite.okay
  y
; I entered the above line at the tty.
  [GNUPG:] GOT_IT
  [GNUPG:] DECRYPTION_OKAY
  [GNUPG:] GOODMDC
  [GNUPG:] END_DECRYPTION

Or if you want to use gpgme-tool:

  $ (printf "pinentry_mode loopback\nINPUT FILE=g10/x.asc\n\
  OUTPUT FILE=g10/x.txt\ndecrypt\n" && cat -) | \
  GPGME_DEBUG=9:out ~/b/gpgme/src/gpgme-tool --gpg-binary ~/b/gnupg/g10/gpg2
  OK GPGME-Tool 1.3.3-gitcd6de92 ready
  OK
  OK
  OK
  S PROGRESS -&14 0x3f 0 0
  S USERID_HINT B705A348AD7AB69C Egon Charlie Crypto (ECC Test Key)
  S NEED_PASSPHRASE B705A348AD7AB69C 9B57DB04EE5CA433 18 0
  INQUIRE PASSPHRASE
  D abc
; I entered the above line at the tty.
; The correct thing would be "D abc%0A" but the gpgme code takes care to
; append a missing LF.
  END
  S PROGRESS -&14 0x3f 404 0
  OK
  bye
; I entered the above line at the tty.
  OK closing connection
    

Using --edit-key with --command-fd is more complex.  GPA uses a FSM to
handle this (gpa/src/gpgmeedit.c).


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list