[PATCH 0/2] Use external process to check for passphrase quality

Damien Goutte-Gattat dgouttegattat at incenp.org
Sat Dec 30 11:19:23 CET 2017

Hi GnuPG folks,

The following patch set provides a way to give the user a better
passphrase quality estimation, as discussed in ticket #2103 [1].

The first patch adds to gpg-agent a new option --passphrase-checker,
which may be set to the pathname of a program that the agent will
call to perform the passphrase quality estimation. The program
should read the passphrase on stdin and write a 0..100 quality
value on stdout. (Such a program is pwscore, from the libpwquality
project [2]).

The second patch changes the behavior of the agent to request a
quality bar from pinentry *only* if either --passphrase-checker
or --check-passphrase-pattern is set, as proposed by Werner.

[1] https://dev.gnupg.org/T2103.

[2] https://github.com/libpwquality/libpwquality

Damien Goutte-Gattat (2):
  agent: Defer passphrase quality check to external tool.
  agent: Disable quality bar by default.

 agent/agent.h         |  3 +++
 agent/call-pinentry.c | 34 +++++++++++++++++++++++++++++-----
 agent/gpg-agent.c     |  6 ++++++
 doc/gpg-agent.texi    |  7 +++++++
 4 files changed, 45 insertions(+), 5 deletions(-)


More information about the Gnupg-devel mailing list