Integrate pinentry-mac into pinentry
Patrick Brunschwig
patrick at enigmail.net
Sun Feb 22 16:13:19 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 22.02.15 13:17, Roman Zechmeister wrote:
> Hello!
>
>> It seems there's http://github.com/GPGTools/pinentry now, which
>> is based on the original pinentry.
>
> This repo is my quick check, if it's possible to integrate
> pinentry-mac into pinentry. It's more or less our code for
> pinentry-mac, copied into the sub-dir macosx. The most of the code
> is old and ugly, but it works. So i'm thinking about a complete
> rewrite.
That's a _very_ good idea!
> There are some points, i want to clear, before i start to work on
> this:
>
> 1. On Mac OS X it's standard to use Xcode for builds and we're
> using it for pinentry-mac and all of our other tools. Is it okay
> for you, if we're using an Xcode-Project and Xcode, instead of
> plain automake, to build pinentry for Mac OS X?
I'd say that this should be OK. Automake should probably simply be
able to determine that it's compiling for OS X and then use the XCode
project.
> 2. Should we compile the required source-code from pinentry direct
> into pinentry-mac (as we do actually) or should we link against
> the libs?
I would prefer the same approach as all other pinentry-frontends, that
is, libpinentry.a is linked into the frontend.
> 3. pinentry-mac allows the user to store the passphrase in the Mac
> OS X keychain, by selecting a checkbox. To make this possible,
> we're patching gpg-agent, to pass the cacheid to pinentry. (OPTION
> cache-id=xxx) Without this option – e.g. upstream gpg-agent –
> pinentry-mac doesn't allow the user to store the passphrase. How
> should we solve this in the future?
>
> 4. pinentry-mac allows the calling app to define a custom message
> to show. This is implemented using PINENTRY_USER_DATA. We allow
> placeholders like %KEYID and %USERID. To fill the placeholders, we
> parse the description from pinentry. This works in the most
> cases. The reason for this feature is, to allow some more
> informative and readable messages. e.g. We can tell the user for
> which email/file, he enters the passphrase. What do you think about
> that? Is this a desirable feature for pinentry?
I think this is a desirable feature of pinentry in general. Other
tools could profit from it as well.
> 5. Using PINENTRY_USER_DATA we also allow to set a custom icon to
> be shown, like the standard Mac OS X security dialog. Opinions?
Same as above.
- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJU6fINAAoJENsRh7ndX2k79YEP/21NKT2rT/ntCfXbxURn4Ssx
DgJ5EMe0gGZcNk/3iox8QCvvyiIZVgsoc4XtLTaMS76PC74yOywdq7rXsUk2GA/4
o02LyfQpWC4YywrsdGTTgHrz2xgowiwhHPvekFodszdjBIM/K3i5aVm0ZczgCCDp
LxdVU+/Ba05EfQDSmJ36JBow+glOobKfcR9av3AfKo9O6CkHmYp+7lPiEx1vIELq
gWXKcMjN4tiFz9b6Uh68OYB8UiZ8/DT5g3LOIIvF1Fb/O9Q4ObutofEm7gp3Qngp
8jw20dQQZX9JH4sLgTLCWA7g98xXwMGv9576Z1gCjA/tj/2JtisUh2y+sSrzyQVY
iRfsmkhn3B2X8UNK3scUjlp9jFTC7GSBTP/fQehLQo/r27v2Ln0ScL1mHkAS/157
rB3bz4/O6zNyY8e1WvhiU/dRzM64RDoTAGSeAz8l3OeAWx82arV6ai+no8fY8DWP
2ixxVDVefZ8dNLliEyoAme+vi6j4jCvYOJeNT42IOnjVItY7gvxK64uGuBXGZ52X
32qJ7Xq01oIqWN1B6Fyo9JSfHPyfUuHA7SxNkKf5+duTU+i3UNtFBcZ48rGx8hA4
o7i0ki9Q5pOihzfXWZnBMOFfbGnrAlWOsr8oN9PITI7ce2ZtDpZet53Y29FxF1Bu
EcqFrjmcZcKT+cAM4LCB
=xEeO
-----END PGP SIGNATURE-----
More information about the Gnupg-devel
mailing list