gpg-agent features of loopback-pinentry mode, preset_passphrase

Ben Kibbey bjk at luxsci.net
Tue May 19 12:44:27 CEST 2015


On Mon, May 18, 2015 at 12:12:14PM +0200, Werner Koch wrote:
> On Fri,  8 May 2015 05:42, gniibe at fsij.org said:
> 
> > When --passphrase option is offered, gpg checks gpg-agent feature
> > availability (before reading passphrase from file/fd), and gives
> > explanation if not.  And gpg/gpg-agent manual should address the
> > relationship of --passphrase and loopback-pinentry mode.
> 
> Actually, I expected that the loopback mode would be used with
> --command-fd and not with the one-time setting of a passphrase.  I kept
> passphrase working because that can be used for symmteric encryption.

While looking at the code for --gen-key I noticed that gpg-agent isn't
used for getting the passphrase. Is it possible to do this? Or would
that make creating the public key impossible? I ask because --command-fd
isn't considered during --gen-key making pinentry-mode=loopback broken.

I have patches for fixing --command-fd (bjk/passphrase-inquire branches
of gpgme and gnupg) but those still don't use gpg-agent during
--gen-key. Maybe there is a reason why --gen-key isn't supposed to work
while using pinentry-mode=loopback?

-- 
Ben Kibbey



More information about the Gnupg-devel mailing list