Re: [gmime-devel] Using GMimeDecryptResult - certificate information?

From: Daniel Kahn Gillmor <dkg fifthhorseman net>
To: Gaute Hope <eg gaute vetsj com>, gmime development <gmime-devel-list gnome org>
Subject: Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
Date: Thu, 14 Jul 2016 01:22:38 +0200

On Wed 2016-07-13 21:34:16 +0200, Gaute Hope wrote:

Yes. I always have some of the keys, since I am always encrypting to
myself as well. The issue also happens if the key is not
trusted/verified.


in particular, it's if no user ID on the key is "valid".  this is
confusing...

 * when you say "locally trusted" i think you mean "are considered
   valid" -- what matters is the mapping between User IDs and keys, not
   whether the user actually trusts the keyholder to make new
   certifications.


Yes, I agree. But the terms seem to be mixed up in gpg and gmime docs, the
always-trust option would have the same effect. Or the always-trust just
has the same effect. I need to read up on the PGP terminology again..


you're absolutely right that the terminology is both too complex and too
fuzzy.

 * if you're using gpg programmatically, you should be sending --batch
   no matter what.  in that case, there should be no interactive
   questions.  If you find a place where you're supplying --batch and
   there are interactive questions, that's a bug that should be reported
   to the gnupg folks upstream.


At this point I have only used gpg through gmime. I was assuming gmime
used '--batch', but I am getting suspicious after these errors.


looks like it does not always use --batch :

in gpg_ctx_get_argv():

        if (!gpg->need_passwd) {
                /* only use batch mode if we don't intend on using the
                   interactive --command-fd option to send it the
                   user's password */
                g_ptr_array_add (args, "--batch");
                g_ptr_array_add (args, "--yes");
        }

--------
and we see that --need-passwd shows up here:
--------

static void
gpg_ctx_set_mode (struct _GpgCtx *gpg, enum _GpgCtxMode mode)
{
        gpg->mode = mode;
        
        switch (gpg->mode) {
        case GPG_CTX_MODE_SIGN_ENCRYPT:
        case GPG_CTX_MODE_DECRYPT:
        case GPG_CTX_MODE_SIGN:
                gpg->need_passwd = TRUE;
                break;
        default:
                gpg->need_passwd = FALSE;
                break;
        }
}


This seems likely to be wrong for gpg 2.1.x, where passphrase disclosure
to the gpg process itsef is generally discouraged in favor of the
daemon-managed gpg-agent.

This is arguably a bug in gmime -- shouldn't all these requests use
--batch?

               --dkg

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Jeffrey Stedfast

References:
- [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Gaute Hope
- Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Daniel Kahn Gillmor
- Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Gaute Hope
- Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Daniel Kahn Gillmor
- Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Gaute Hope
- Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Daniel Kahn Gillmor
- Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Gaute Hope
- Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Daniel Kahn Gillmor
- Re: [gmime-devel] Using GMimeDecryptResult - certificate information?
  - From: Gaute Hope

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]