Integrate pinentry-mac into pinentry

Werner Koch wk at gnupg.org
Tue Feb 24 14:51:27 CET 2015


On Tue, 24 Feb 2015 12:37, Mento at gpgtools.org said:

> Normally the message comes from gpg and not from gpg-agent.

Right, that is the case for OpenPGP messages.  But after all gpg-agent
decides what to display.  The gpg-agent command SETKEYDESC is used to
tell gpg-agent about the OpenPGP properties and desired operation of the
requested key.  However, gpg-agent may eventually be changed to screen
that information for correctness.  This is in particular important when
gpg is used via a remote socket.

> Btw. the same attack could be used on pinentry, to show a fake message.

Conceptually it is not allowed that pinentry is used by other software
than gpg-agent.  Today gpg-agent is mostly used within the same security
boundary as gpg (under the same user and on the same box) and thus there
is no enforcement of it.  However, using a SE-Linux it is possible to
enforce that even on current systems.

PINENTRY_USER_DATA was implemented to allow the use of a web interface
for Pinentry.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list