Open hluk opened 7 years ago
Thanks for the suggestion. gpg4usb seems to be using GPGME library which might be ideal but I would need to build the library for Windows. I'll check this out later.
Any news?
No news. I haven't got the time to work on this.
It would be nice if someone can help implementing this. What's needed is either to replace current ItemEncrypt plugin without breaking existing encrypted data or create new plugin (this would be a lot safer).
I did want to add that there is a portable GPG program offered by PortableApps that would forego having to install GPG to the default directory: https://portableapps.com/apps/security/gpg-plugin-portable
That way, the only function necessary would be to just point GPG to the directory and it would run akin to a plugin. This is useful if you're running CopyQ off a USB drive or -- like me -- from an encrypted VeraCrypt volume.
There are C++ bindings for gpg that are directly supported by the GnuPG team: https://wiki.gnupg.org/APIs
There are C++ bindings for gpg that are directly supported by the GnuPG team: https://wiki.gnupg.org/APIs
The link to C++ bindings on the page is broken.
I have no issues using a C library instead but I couldn't find one that provides binaries or is simple to build on the supported systems and has the required functionality.
It would be great to use GPGME, but last time I had problem finding binaries for Windows (and macOS). I think I might also need an agent for password entry.
It might be easier to use libsodium but I would need to figure out how to safely handle password entry and encrypting the private key.
Note: A GPG agent can remember the password for some time and -- presumably -- the password cannot be easily retrieved from memory by an attacker (libsodium provides some function to help with securing memory).
Did you click the third party binding link? The tarball for the 1.13.1 release of gpgme appears to contain what I thought you'd need: https://gnupg.org/download/index.html#gpgme but I was assuming you would be building it from source.
It looks like it may depend on other binaries installed on the system though: https://github.com/gpg/gpgme/commit/39052913f2154fa8e9575727e27d4101ef8b6460
Currently there is ItemEncrypt plugin which handles item encryption/decryption and passwords through GPG client. Big downsides are:
More appropriate would be to use (and bundle with the app) a simple library (or two) with stable API to handle encryption/decryption and passwords.
Libs to try: