EasyGnuPG

Keith Mallen k.mallen at soondae.co.uk
Tue Mar 22 15:30:38 CET 2016


Sorry to butt in here but in my first post to the list I mentioned that
I was attempting to use FreePascal/Lazarus to interface with GPG via the
command line but whilst I had managed to get it working with OpenSSL
attempting the same methodology on GPG resulted in a 'hang'.

Now I realise I am a novice and whilst Lazarus is supposedly
cross-platform the documentation for Lazarus is hard to interpret
presumably because I am a novice but Lazarus is Pascal and cross
platform and it is Pascal so I would hope more understandable to knuckle
scrapers such as myself.

http://wiki.freepascal.org/Executing_External_Programs

Someone recently asked about using FreePascal under Windows but made
mention of using a DLL. As far as I am aware FreePascal should give you
a 'direct' command line interface on any platform. I'll be rubbish here
but scratching my head about DLLs reminds me of when I was looking into
'keyloggers' which, under Windows, require a hook into the system if you
wish to capture data across running applications...

Honest I was trying to catch out a 'Microsoft Support Person' who wanted
to fix my computer over the phone.

Anyway, for what it might be worth..

http://www.soondae.co.uk/testssl

Yes I hate myself already for dropping that one on you with no
explanation but basically it is a GUI that interfaces with OpenSSL via
the command line in order to generate multiple key pairs. As I say
similar does not work on GPG but it would seem that if you can get
access to the command line interface for GPG in a similar manner then,
being naive, it could be a solution

Just floating one

Keith

On Tue, 2016-03-22 at 13:55 +0000, Andrew Gallagher wrote:
> > On 22 Mar 2016, at 10:40, Paolo Bolzoni <paolo.bolzoni.brown at gmail.com> wrote:
> > 
> > And besides, it's much easier to build a GUI app in front of a C API
> > than a command line application.
> 
> This is undeniably true. Unfortunately you first need to learn the API, which can be a barrier to someone who knows the command line interface and just wants to hack together a script to do a particular job. 
> 
> Cryptography is hard, and decades later we still aren't at the point where average computer users can take advantage of it without either first becoming experts or punching holes in the sides of the boat. For that we need to be encouraging hackers and tinkerers to experiment with novel interfaces; and this is best done by giving them the software equivalent of Lego rather than Meccano. 
> 
> This is not a gpg-specific issue. OpenSSL suffers the same problem of having to be both a comprehensive implementation and a user interface, and handles it pretty much the same way, by using a basic command prompt. 
> 
> Where is the gpg equivalent of easy-rsa though? This is a complaint about software tools in general, but for hackers and tinkerers inconsistency across UIs is a significant barrier to entry. If I can't take what I've learned from using the command line for years and apply it (safely) to writing a modest shell script, I'm going to think long and hard before taking the time to learn a Python API. At the very least, any feature accessible through an interactive interface should have an equivalent command line option, so that all interactive operations can trivially be automated. Thought should also be given to whether wrapping all functionality in a single binary with thousands of options is the best interface to present to even expert command line users (again, OpenSSL is another offender). 
> 
> I say this because I found myself in exactly the same boat as the OP. I wanted to write a small script for my technically-proficient but non-cryptography-expert users so that they could easily manage gpg private keys without me worrying that they'd screw it up; and I ended up with a fragile interface very similar to his that needed to be completely refactored using gpgme. Just interfacing with gpg was the most difficult part of the process; the logic that I built on top of it was easy by comparison. This is the wrong way around.
> 
> A
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users





More information about the Gnupg-users mailing list