Using OpenPGP with Aegypten

Ingo Klöcker ingo.kloecker@epost.de
Thu Sep 19 01:57:05 2002 

--Boundary-02=_FPRi9DvkI3Wonnw
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

Hi,

now that libgcrypt doesn't crash anymore I finally managed to make=20
OpenPGP work in KMail. The following necessary steps are missing from=20
development.en.html:

Add "use-agent" to your ~/.gnupg/options.

Add "pinentry-program /some/where/bin/pinentry-xx" to=20
~/.gnupg/gpg-agent.conf where xx is either gtk or qt.

Then make sure gpg-agent is started _before_ KMail and GnuPG like this:
eval "$(gpg-agent --daemon --default-cache-ttl <passphrase ttl in=20
secs>)"

=3D=3D=3D=3D=3D

Then I noticed that pinentry-qt still doesn't work (for me at least).=20
When I try to use pinentry-qt I get the following debug messages when I=20
try to sign a message with KMail:
=3D=3D=3D=3D=3D
gpg-agent[0x806225c] -> OK Your orders please
gpg-agent[0x806225c] <- OPTION display=3D:0
gpg-agent[0x806225c] -> OK
gpg-agent[0x806225c] <- GET_PASSPHRASE=20
712A0910321AC762D48054081A747E4530E0B9D8 X X=20
You+need+a+passphrase+to+unlock+the+secret+key+for+user:%0A"Ingo+Kl%FF%FFck=
er+<ingo.kloecker@epost.de>"%0A1024-bit+DSA+key,+ID+30E0B9D8,+created+2000-=
10-16%0A
gpg-agent[7122]: command get_passphrase failed: assuan server fault
gpg-agent[0x806225c] -> ERR 101 server fault
gpg-agent[0x806225c] <- [EOF]


    gpgme_op_sign() returned this error code:  19
=3D=3D=3D=3D=3D

OTOH, when I use pinentry-gtk I get:
=3D=3D=3D=3D=3D
gpg-agent[0x806225c] -> OK Your orders please
gpg-agent[0x806225c] <- OPTION display=3D:0
gpg-agent[0x806225c] -> OK
gpg-agent[0x806225c] <- GET_PASSPHRASE=20
712A0910321AC762D48054081A747E4530E0B9D8 X X=20
You+need+a+passphrase+to+unlock+the+secret+key+for+user:%0A"Ingo+Kl%FF%FFck=
er+<ingo.kloecker@epost.de>"%0A1024-bit+DSA+key,+ID+30E0B9D8,+created+2000-=
10-16%0A
gpg-agent[7207]: DBG: connection to PIN entry established
gpg-agent[0x806225c] -> [Confidential data not shown]
=3D=3D=3D=3D=3D

On the command line both pinentry programs work.

Regards,
Ingo


--Boundary-02=_FPRi9DvkI3Wonnw
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQA9iRPFGnR+RTDgudgRAoL9AJ9+F94pjhHKbnWOeHNsdDXQJ3FjdQCgwu76
lsVWmcqjfeSZQKG/rVy9Puo=
=mxcC
-----END PGP SIGNATURE-----

--Boundary-02=_FPRi9DvkI3Wonnw--