GNOME.org
 

Re: [gmime-devel] Using GMimeDecryptResult - certificate information?

I just went back and re-read the entire thread.
It's clear to me based on the unit tests that if use_agent = FALSE, then we cannot use --batch when signing or decrypting because we need to interactively supply a passphrase to gpg.
Since you were setting use_agent = TRUE, perhaps the solution to this problem is to use --batch for sign/decrypt if use_agent = TRUE.
Unfortunately I'm having trouble getting use_agent = TRUE to work, it seems that the gpg-agent always immediately fails with an error about invalid ioctl for device.
I'm guessing that I need to configure a gpg-agent or something, but I'm not entirely sure how. 

Jeff

On 12/10/2016 6:18 AM, Gaute Hope wrote:

I have never been able to get the query passphrase part to work.

Regards, Gaute

Jeffrey Stedfast writes on desember 10, 2016 2:20:
I'm actually getting errors due to --batch in the unit tests (just got a Linux VM up and running in order to make a new release): 

[fejj@localhost tests]$ ./test-pgp -vvvv
Checking GMimeGpgContext::import... PASSED
Checking GMimeGpgContext::export... PASSED
GMimeGpgContext::sign failed: gpg: can't query passphrase in batch mode
gpg: skipped "no.user@no.domain": bad passphrase
gpg: signing failed: bad passphrase

Checking GMimeGpgContext::sign... FAILED
ciphertext:
-----BEGIN PGP MESSAGE-----

hQIOAwTJ0obO8knpEAgAi/FMe5qmWFch4IDiZK87P3RU4rVj5OQwGXTUI/gkBx8Z
2IwuodPir6osQplzs+R6w3rzpe2ah2wm9XlXCuaqMoPmWLzKbnDEbl6RLGYLLPbW
tqjjI/GJ5QH1m4s5oQlUm5K3jamXDIdb/NsHQhZF4Je9708os6MjjAf8lpapUu+B
AKnEAi8XBbCRUJLwOtFGAbeuCNxmdmLDiNd/sHqc5jl4C2FlZIhLZnTnAuC5aT7Z
plEG8HTKA0ffpJI87qBoZOCLZ6fDFRVBkhHvr1yfMYyzXW8liqXHB88HntRLx2uq
JW9KvnlLn0vnSrirDFxKjMIaOgYnR6bby6VGlPWO1wf+K9yizOrkL+VADnDeic+6
9e1Fa0/9S8O5aIAMmJWAFBlKVXV91HP1bjqeW9OKKuXKpKBi/Lk6ieolsLa53+VZ
yApXf9XgmQ+f2F0AcK1zCX5a1q1GjwyE0pTx1+UFQoWQUItrwu+/6+xec99sVefE
h14zfycc7kNkF1axB6T+65w9f5P/QIrIjGPeC/Ltw9Q/rBfRMdOBbz0xW+quLWih
fY/R/2Mv44G/h3tjh3P9zpEjJltFl1cjrSv6fudmtoqJvwMNUTyRsZ4hf/kHNJIQ
TBdaSfDvBuT3OfRbZxRyww5VC+s6nP/SBWQbN7FrOTHTF8jFCgxqaFMbBozex9q3
GtJRAdFfj69qNJl/Z9jDbILiKpIoU1rSmXFNfnuTEeGPbWtCkfDm5EeIUrzSuEZs
B8lBfN8G6zubUesZ5fjh63EC5zIOUzHEli1NDuxcnp6qZvXd
=9sx6
-----END PGP MESSAGE-----

Checking GMimeGpgContext::encrypt... PASSED
GMimeGpgContext::encrypt failed: gpg: public key is CEF249E9
gpg: using subkey CEF249E9 instead of primary key 5182C200
gpg: can't query passphrase in batch mode
gpg: using subkey CEF249E9 instead of primary key 5182C200
gpg: encrypted with 2048-bit ELG-E key, ID CEF249E9, created 2007-03-24
       "no.user (no.comment) <no.user@no.domain>"
gpg: public key decryption failed: bad passphrase
gpg: decryption failed: secret key not available

Checking GMimeGpgContext::decrypt... FAILED
GMimeGpgContext::encrypt+sign failed: gpg: can't query passphrase in batch mode 
gpg: skipped "no.user@no.domain": bad passphrase
gpg: [stdin]: sign+encrypt failed: bad passphrase

Checking GMimeGpgContext::encrypt+sign... FAILED
Testing GnuPG crypto context: failed (3 errors, 0 warnings)



If I remove the --batch, they all pass.

Jeff

On 7/18/2016 4:26 PM, Gaute Hope wrote:

Daniel Kahn Gillmor writes on juli 14, 2016 9:25:

On Thu 2016-07-14 04:42:40 +0200, Jeffrey Stedfast wrote:
[...]

In any case, i recommend "--batch" by default at least.


It seems that the '--batch' and '--yes' arguments are only added if a
password is requrired, which are all operations except decryption.

The '--yes' option should not be used.

Also, the '--use-agent' option is no longer supported with newer gpg
('--no-use-agent') is neither needed.

I can neither get the request_passwd function to work since newer gpg
needs the agent. This might work better with the passphrase-fd arg.

Regards, gaute
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]