EasyGnuPG

Bjarni Runar Einarsson bre at pagekite.net
Wed Mar 30 10:05:25 CEST 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Werner,

Thanks for the reply!

Werner Koch <wk at gnupg.org> wrote:
> > This is one of the complaints/wishes us Mailpile folks had, for
> > some sort of stable socket/stdio-based programmatic API for
> > talking to GnuPG. This sort of interface would make it much more
> 
> A socket based interface exists for years if you are going to
> use the UI-server approach we are using in Kleopatra, GpgOL and
> GpgEX. gpgme even provides high level access functions. If you
> want to try this you need an UI server (Kleopatra, GPA, or
> whatever you want to write) and then test it with
> 
>   gpg-connect-agent --uiserver

FYI, on the latest Ubuntu (15.10), that command does not work:

    $ gpg-connect-agent --uiserver  
    gpg-connect-agent: invalid option "--uiserver"  

Maybe I missed a step, but it appears at first glance that folks
writing software targeting mainstream Linux users cannot
reasonably make use of this facility yet?

Ubuntu's gpg-connect-agent command comes from a package named
gnupg-agent 2.0.28.

All that aside, based on
https://www.gnupg.org/documentation/manuals/gpgme/UI-Server-Protocol.html,
it looks like that protocol is only suitable for localhost
operations, it relies on both file paths and file descriptors -
neither of which work over the network. This makes it unsuitable
for a number of potential use-cases.


> A stdio based interfaces exists for more than 20 years.

We've discussed this at length. It's quite hard to use
programmatically, in part because it has existed for so long and
has to maintain quirks and compatibility with such a long legacy.
But you know that! :-)


> > Requiring that a ruby, python or node.js dev know to install
> > GnuPG from the C sources and build this tool is a non-starter,
> 
> They only need to install their language binding for GPGME.

... and figure out how to use it!

The Python bindings had abysmal documentation when I started
working on Mailpile, the assumption appears to have been that
Python devs could just read the C library docs and fill in the
blanks themselves (not a reasonable assumption).

I'm glad to see that in the meantime someone did some work on
improving that (https://github.com/rshk/pygpgme,
https://pygpgme.readthedocs.org/en/latest/).

Hopefully that work will make it back into the main library?


> > So pretty please, ship it! :-)
> 
> It is not useful right now.

Okay. :-)

Take care,
 - Bjarni

- -- 
PageKite.net lets your personal computer be part of the web.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJW+4jFAAoJEI4ANxYAz5SRDh8IALSdAFqL/5UjQw+m51YrNi6A
62jkhIcjs6FwEGlYsCZSFKte6uy/caHMFcLdl78Ca+BJfyY/030nGv2MIGPkMOZa
nhfDet8bkuerKHAPDCTgukL6BS+ULOBGzKn1lbu+lCWVhPV7gtqp+l4vXirRJJGG
7isnKmhNglGqsNGNb2NNGDvM3YGhePe77jHcnwUKfiz48O9IzqO/Ka1vPqrXDS2v
+b1Pl3FCjHti5/CIyY16tRrzSQ3d1a8R9reTq0IKKAu4eb9k4dLN2zCTKxhvDiH+
J8zJP/bsLYBJJXahyJN6HJ7+RoLPFDeF0t4DoU2quOSVSoB1FNHaPeb7CF/sUUQ=
=RQcM
-----END PGP SIGNATURE-----


More information about the Gnupg-users mailing list