Integrate pinentry-mac into pinentry
Roman Zechmeister
Mento at gpgtools.org
Sun Feb 22 17:55:08 CET 2015
Hello Jonathan!
> This could be used to trick the user into thinking he's doing the right thing when in fact he's not. What if you just don't use %KEYID, but write another key ID there that the user expects, when in fact you sign for something else?
If you want to trick a user, you could simply run they few lines below. So i don't think that's a reason to not add feature.
string='GET_PASSPHRASE 12345678 X Passphrase Please+enter+the+passphrase+'\
'to+unlock+the+secret+key+for+the+OpenPGP+certificate:%0A%22Example+User+'\
'<user at example.com>%22%0A4096-bit+RSA+key,+ID+12345678,%0Acreated+1503-02-29.%0A'
gpg-agent --server <<<"$string" 2>/dev/null | sed -n '2s/OK //p' | xxd -p -r
Regards, Mento
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: </pipermail/attachments/20150222/4319ce5e/attachment.sig>
More information about the Gnupg-devel
mailing list