Provide user PIN to gpg-agent?

Wed Dec 2 15:29:19 CET 2015

Niibe-san

Thank you so much for your help! It worked.

I was using gpg4win, which of course does not include v2.1. I need to download the windows version from gnupg.org.

I had some difficulty with the syntax of a windows batch file but eventually succeeded with

	gpg-connect-agent.exe --run <FILE>

Where <FILE> contained:

	OPTION pinentry-mode=loopback
	/definqfile PASSPHRASE <PIN>
	SCD CHECKPIN <CARDID>
	/bye

And where <CARDID> was the ID of the card from gpg --card-status as you suggested,
and <PIN> was a file containing the PIN.

Thank you again for your kind advice.

-----Original Message-----
From: Gnupg-users [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of NIIBE Yutaka
Sent: 02 December 2015 03:07
To: gnupg-users at gnupg.org
Subject: Re: Provide user PIN to gpg-agent?

On 12/01/2015 10:50 PM, Harbord Jonathan-EURITEC wrote:
> Is it possible to pass the user PIN of a smartcard to gpg-agent in a command?
> 
> I'd like to stop the pinentry program appearing for an automated system.

Please note that I don't have any experience like that, and I don't generally recommend such a usage.

In general, we can provide a special application specific pinentry program for such a special purpose.

In GnuPG 2.1.x, there is allow-loopback-pinentry option.  When enabled it by .gnupg/gpg-agent.conf or as an argument invoking gpg-agent, we can do something like:

    gpg-connect-agent \
        "OPTION pinentry-mode=loopback"
        '/definqfile PASSPHRASE /tmp/passphrase-for-smartcard' \
        "SCD CHECKPIN <CARDID>" /bye

having a file /tmp/passphrase-for-smartcard, where <CARDID> is the one in the output of 'gpg --card-status' like:

	Application ID ...: D276000124010200F517000000010000

Substitute <CARDID> by D276000124010200F517000000010000.

Please try.
-- 

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users