[guardian-dev] GPG+Android pinentry status
abel at guardianproject.info
Wed Jan 2 17:25:31 CET 2013
> Its all building on the build server, that's good news :)
> I am pretty sure that gpg2 <---> gpg-agent was working because I was able to
> verify and encrypt files. As far as I understand it, in GnuPG 2.1, the gpg2
> does no work on its own, but only serves as an interface to gpg-agent, which
> now does all the work. I'm also able to download a key from the keyserver,
> but maybe that skips gpg-agent and just uses dirmngr.
I haven't tried encrypting, but decrypting is definitely failing because
gpg2 can't communicate with gpg-agent (I'll post some logs soonish).
> Now, I just tried the "List Keys" test option from the menu, which definitely
> uses gpg-agent and definitely worked before. That caused gpg-agent to crash.
> Could the new pinentry stuff be causing this?
I very much doubt it... but you never know. I recall not being able to
list keys before many of my changes. Possibly some recent commits or
android build patches are the cause?
> On 12/29/2012 01:50 PM, Abel Luck wrote:
>> __ Where is my android pinentry? __
>> We're so close to a working pinentry. All the pieces have fallen into
>> place, though they fell haphazardly and it's all quite a mess.
>> This is all somewhat convoluted so I thought I'd do a bit of
>> documentation real quick. Eventually this will go into actual docs in
>> the source tree, but I need to brain dump first.
>> __ Show me the Beasty __
>> So you want to decrypt that email you say? Here's how that'll work:
>> Component interaction in my hastily spewed ascii chart format:
>> ("<--->" is IPC)
>> [ User action e.g., decrypt ]
>> 1. gpg2 --decrypt secret_msg
>> 2. gpg2 <---> gpg-agent
>> 3. gpg-agent <---> pinentry-android (p-a)
>> 4. p-a invokes PINEntry Activity (P-A)
>> 5. (P-A) <---> p-a
>> [ User types PIN ]
>> gpg2 is what you think it is
>> gpg-agent is GPG's daemon that manages secret keys
>> pinentry-android is the C command line utility
>> PINEntry Activity is the Java/Android GUI for inputing the PIN
>> As you can see we're nomming hard on that yummy unixy IPC.
>> __But Does It Work?__
>> 1. works, but doesn't decrypt as it can't talk to gpg-agent (see 2)
>> 2. not working
>> 3. unknown (blocking on 2)
>> 4. works
>> 5. works, but no useful data is passed yet
>> __ So nothing really works? __
>> __ And then? __
>> The next step is to sit down with gpg-agent and gpg2 and have a little
>> relationship counseling.
>> Then, assuming 3 works (hah!), we need to teach PIN Entry Activity
>> gpg-agent's language (known as Assuan) or translate it into something
>> simpler (I'm betting on the latter).
>> __Where is all this crap?__
>> I simplified things down to two repos.
>> pinentry-android lives in the actual gnupg pinentry source tree, but
>> since we haven't submitted anything upstream yet, it lives in my
>> personal repo. Hopefully this will go back upstream to the good GnuPG
>> PINEntry Activity lives in gnupg-for-android along with the cross
>> compiled gpg2, gpg-agent and pinentry
>> __ So I came here, read this, and get nothing? __
>> False! You'll be leaving with a warm fuzzy feeling secure in the fact
>> that pinentry on Android is not too far off.
>> Guardian-dev mailing list
>> Post: Guardian-dev at lists.mayfirst.org
>> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>> To Unsubscribe
>> Send email to: Guardian-dev-unsubscribe at lists.mayfirst.org
>> Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/hans%40guardianproject.info
>> You are subscribed as: hans at guardianproject.info
> Guardian-dev mailing list
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To Unsubscribe
> Send email to: Guardian-dev-unsubscribe at lists.mayfirst.org
> Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/abel%40guardianproject.info
> You are subscribed as: abel at guardianproject.info
More information about the Gnupg-devel