search

ag-mailcrypto / storm-plugin

Thunderbird plugin to implement the STORM encryption concept, not based on enigmail
GNU General Public License v3.0
6 stars 0 forks source link

Ask for gpg private key passphrase #45

Open numbnut opened 10 years ago

numbnut commented 10 years ago

Create a dialogue which asks for the private key passphrase if its needed to access the key otherwise the encryption won't work (see log output).

Three things have to be done.

Log Output: console.log: function getBestKeyForEmail(): END console.log: gpg.jsm: call() --armor,--encrypt,--trust-model,always,--recipient,549CF896F30B7E59,--sign,--local-user,549CF896F30B7E59

You need a passphrase to unlock the secret key for user: "N W 1wilcke@informatik..." 2048-bit RSA key, ID F30B7E59, created 2013-02-17

got error from stdinWorker: expected type int, got (void 0) console.log: GPG Error: gpg: problem with the agent: End of file|gpg: skipped "549CF896F30B7E59": Operation cancelled|gpg: [stdin]: sign+encrypt failed: Operation cancelled|

opatut commented 10 years ago

If I remember correctly we decided to only go with gpg-agent for passphrase protected private keys and not implement the dialog ourselves...

zetaron commented 10 years ago

That's correct. We decided to use gpgs built in askpass tool which has proper memory protection, which we could not guarantee.

On May 6, 2014 7:20:16 PM CEST, Paul Bienkowski notifications@github.com wrote:

If I remember correctly we decided to only go with gpg-agent for passphrase protected private keys and not implement the dialog ourselves...

Reply to this email directly or view it on GitHub: https://github.com/ag-mailcrypto/storm-plugin/issues/45#issuecomment-42331750

numbnut commented 10 years ago

But how do we ensure the correct installation and configuration of the gpg-agent / askpass / whatever. On my System the gpg call just fails. I think thats not the desired behavior. By the way the gpg-agent is running on my system so its likely to be an configuration issue.

opatut commented 10 years ago

You need the GPG_AGENT_PID environment variable. Seems like we better build some mechanism to detect the agent if that is missing.