gpgme_op_genkey() parms parameter: really XML? (escaping ampersands and angle brackets)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Jan 24 22:08:41 CET 2017
Hey GnuPG folks--
gpgme_op_genkey() takes a parms parameter that is supposed to be a
textual XML object:
the canonical example is this:
Name-Real: Joe Tester
Name-Comment: with stupid passphrase
Name-Email: joe at foo.bar
however, it's not clear to me that this is really XML -- it just looks
like plaintext with XML-ish lines on the top and bottom.
In particular, i want to know what happens if i want to include
ampersands or angle-brackets in any of the text (e.g. in the passphrase,
the comment field, the name, etc).
If it's really XML, i'd use & and < and >
But in practice, if i use those, they are passed through as literals:
Name-Real: Joe & his dog
On the flip side, if i put actual angle-brackets in there, it doesn't
seem to treat them as anything special (i haven't tried to make a key
with "Name-Real: </GnupgKeyParms>" yet).
So, i know how to stuff angle-brackets and ampersands into the strings
directly, but i don't know if that will somehow break if one day in the
future gpgme actually treats this as real XML.
What should someone who wants to use angle-brackets and ampersands in
these fields do?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 832 bytes
Desc: not available
More information about the Gnupg-devel