GNU bug report logs - #20550
25.0.50; Add GnuPG 2.x support to epa-file-cache-passphrase-for-symmetric-encryption.

Previous Next

Package: emacs;

Reported by: bruce.connor.am <at> gmail.com

Date: Mon, 11 May 2015 19:20:02 UTC

Severity: wishlist

Merged with 20982, 22711

Found in versions 25.0.50, 25.0.91

Done: Daiki Ueno <ueno <at> gnu.org>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 20550 in the body.
You can then email your comments to 20550 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-gnu-emacs <at> gnu.org:
bug#20550; Package emacs. (Mon, 11 May 2015 19:20:03 GMT) Full text and rfc822 format available.
Acknowledgement sent to bruce.connor.am <at> gmail.com:
New bug report received and forwarded. Copy sent to bug-gnu-emacs <at> gnu.org. (Mon, 11 May 2015 19:20:04 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Artur Malabarba <bruce.connor.am <at> gmail.com>
To: bug-gnu-emacs <at> gnu.org
Subject: 25.0.50; Add GnuPG 2.x support to
 epa-file-cache-passphrase-for-symmetric-encryption.
Date: Mon, 11 May 2015 20:19:35 +0100

As is well-documented, the variable
`epa-file-cache-passphrase-for-symmetric-encryption'` has no effect on
GnuPG 2.0.

I would like to request this support be added, if possible.
Ted mentioned on another thread that GnuPG 2.x recently added this
functionality, but he wasn't sure and I have no idea how to check that.
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#20550; Package emacs. (Mon, 11 May 2015 22:49:02 GMT) Full text and rfc822 format available.

Message #8 received at 20550 <at> debbugs.gnu.org (full text, mbox):

From: Daiki Ueno <ueno <at> gnu.org>
To: Artur Malabarba <bruce.connor.am <at> gmail.com>
Cc: 20550 <at> debbugs.gnu.org
Subject: Re: bug#20550: 25.0.50; Add GnuPG 2.x support to
 epa-file-cache-passphrase-for-symmetric-encryption.
Date: Tue, 12 May 2015 07:48:39 +0900

Artur Malabarba <bruce.connor.am <at> gmail.com> writes:

> As is well-documented, the variable
> `epa-file-cache-passphrase-for-symmetric-encryption'` has no effect on
> GnuPG 2.0.
>
> I would like to request this support be added, if possible.
> Ted mentioned on another thread that GnuPG 2.x recently added this
> functionality, but he wasn't sure and I have no idea how to check that.

I'm not sure what you want, but perhaps this might help:
https://lists.gnu.org/archive/html/emacs-devel/2014-11/msg00421.html

Regards,
-- 
Daiki Ueno
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#20550; Package emacs. (Mon, 11 May 2015 23:26:02 GMT) Full text and rfc822 format available.

Message #11 received at 20550 <at> debbugs.gnu.org (full text, mbox):

From: Artur Malabarba <bruce.connor.am <at> gmail.com>
To: Daiki Ueno <ueno <at> gnu.org>
Cc: 20550 <at> debbugs.gnu.org
Subject: Re: bug#20550: 25.0.50; Add GnuPG 2.x support to
 epa-file-cache-passphrase-for-symmetric-encryption.
Date: Tue, 12 May 2015 00:25:02 +0100

[Message part 1 (text/plain, inline)]
> I'm not sure what you want, but perhaps this might help:
> https://lists.gnu.org/archive/html/emacs-devel/2014-11/msg00421.html

Might be, thanks. I'll try it out tomorrow.
If it works I'll add a sentence to the docstring of
*epa-file-cache-passphrase-for-symmetric-encryption*.

[Message part 2 (text/html, inline)]
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#20550; Package emacs. (Tue, 12 May 2015 08:51:03 GMT) Full text and rfc822 format available.

Message #14 received at 20550 <at> debbugs.gnu.org (full text, mbox):

From: Artur Malabarba <bruce.connor.am <at> gmail.com>
To: Daiki Ueno <ueno <at> gnu.org>
Cc: 20550 <at> debbugs.gnu.org
Subject: Re: bug#20550: 25.0.50; Add GnuPG 2.x support to
 epa-file-cache-passphrase-for-symmetric-encryption.
Date: Tue, 12 May 2015 09:49:55 +0100

2015-05-12 0:25 GMT+01:00 Artur Malabarba <bruce.connor.am <at> gmail.com>:
>> I'm not sure what you want, but perhaps this might help:
>> https://lists.gnu.org/archive/html/emacs-devel/2014-11/msg00421.html
>
> Might be, thanks. I'll try it out tomorrow.
> If it works I'll add a sentence to the docstring of
> epa-file-cache-passphrase-for-symmetric-encryption.

It didn't help. Well, it sort of did, but it also made things worse.
- It helped in the sense that now I only get prompted the first time I
open the file (instead of every time).
- It made things worse in the sense that I now have to type the
password 4(!) times when saving the file (all prompts are inside
emacs). The first prompt is "Passphrase for symmetric encryption for
/.../file.gpg: ", then I get "Confirm password: ", then I get the
first one again, then the second one again.
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#20550; Package emacs. (Tue, 12 May 2015 10:49:02 GMT) Full text and rfc822 format available.

Message #17 received at 20550 <at> debbugs.gnu.org (full text, mbox):

From: Daiki Ueno <ueno <at> gnu.org>
To: Artur Malabarba <bruce.connor.am <at> gmail.com>
Cc: Werner Koch <wk <at> gnupg.org>, 20550 <at> debbugs.gnu.org
Subject: Re: bug#20550: 25.0.50; Add GnuPG 2.x support to
 epa-file-cache-passphrase-for-symmetric-encryption.
Date: Tue, 12 May 2015 19:48:49 +0900

Artur Malabarba <bruce.connor.am <at> gmail.com> writes:

> - It made things worse in the sense that I now have to type the
> password 4(!) times when saving the file (all prompts are inside
> emacs). The first prompt is "Passphrase for symmetric encryption for
> /.../file.gpg: ", then I get "Confirm password: ", then I get the
> first one again, then the second one again.

Oh, you are right.  GnuPG 2.1 --pinentry-mode=loopback asks passphrase
twice on symmetric encryption, while GnuPG 1.x does that only once (look
at the GET_HIDDEN lines below):

  $ gpg2 --command-fd=1 --status-fd=1 --pinentry-mode=loopback --symmetric -o /dev/null < /dev/null
  gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
  gpg: It is only intended for test purposes and should NOT be
  gpg: used in a production environment or with production keys!
  [GNUPG:] NEED_PASSPHRASE_SYM 7 3 2
  [GNUPG:] GET_HIDDEN passphrase.enter
  test
  [GNUPG:] GOT_IT
  [GNUPG:] GET_HIDDEN passphrase.enter
  test
  [GNUPG:] GOT_IT
  [GNUPG:] BEGIN_ENCRYPTION 2 7
  [GNUPG:] END_ENCRYPTION

  $ gpg --command-fd=1 --status-fd=1 --symmetric -o /dev/null < /dev/null
  [GNUPG:] NEED_PASSPHRASE_SYM 3 3 2
  [GNUPG:] GET_HIDDEN passphrase.enter
  test
  [GNUPG:] GOT_IT
  [GNUPG:] BEGIN_ENCRYPTION 0 3
  [GNUPG:] END_ENCRYPTION

Though I suppose the repetition is meant to be a confirmation, I think
it is not very useful for clients (since we already know that the
confirmation is needed) and causes compatibility issues.

Could this be fixed in GnuPG itself?

Thanks,
-- 
Daiki Ueno
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#20550; Package emacs. (Tue, 12 May 2015 11:32:02 GMT) Full text and rfc822 format available.

Message #20 received at 20550 <at> debbugs.gnu.org (full text, mbox):

From: Werner Koch <wk <at> gnupg.org>
To: Daiki Ueno <ueno <at> gnu.org>
Cc: Artur Malabarba <bruce.connor.am <at> gmail.com>, 20550 <at> debbugs.gnu.org
Subject: Re: bug#20550: 25.0.50; Add GnuPG 2.x support to
 epa-file-cache-passphrase-for-symmetric-encryption.
Date: Tue, 12 May 2015 13:26:35 +0200

On Tue, 12 May 2015 12:48, ueno <at> gnu.org said:

> Oh, you are right.  GnuPG 2.1 --pinentry-mode=loopback asks passphrase
> twice on symmetric encryption, while GnuPG 1.x does that only once (look

That is quite possible, the loopback mode basically emulates the calls
to the pinentry, which is in this case called twice.  It is not intended
as a replacement for the passphrase-fd stuff from gpg 1.

> Could this be fixed in GnuPG itself?

I think this makes sense.  Can you please file a bug at bugs.gnupg.org?


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#20550; Package emacs. (Tue, 12 May 2015 23:07:01 GMT) Full text and rfc822 format available.

Message #23 received at 20550 <at> debbugs.gnu.org (full text, mbox):

From: Daiki Ueno <ueno <at> gnu.org>
To: Werner Koch <wk <at> gnupg.org>
Cc: Artur Malabarba <bruce.connor.am <at> gmail.com>, 20550 <at> debbugs.gnu.org
Subject: Re: bug#20550: 25.0.50; Add GnuPG 2.x support to
 epa-file-cache-passphrase-for-symmetric-encryption.
Date: Wed, 13 May 2015 08:05:58 +0900

Werner Koch <wk <at> gnupg.org> writes:

> I think this makes sense.  Can you please file a bug at bugs.gnupg.org?

Done as: https://bugs.gnupg.org/gnupg/issue1976

Regards,
-- 
Daiki Ueno
Reply sent to Daiki Ueno <ueno <at> gnu.org>:
You have taken responsibility. (Fri, 19 Jun 2015 09:11:04 GMT) Full text and rfc822 format available.
Notification sent to bruce.connor.am <at> gmail.com:
bug acknowledged by developer. (Fri, 19 Jun 2015 09:11:06 GMT) Full text and rfc822 format available.

Message #28 received at 20550-close <at> debbugs.gnu.org (full text, mbox):

From: Daiki Ueno <ueno <at> gnu.org>
To: Werner Koch <wk <at> gnupg.org>
Cc: 20550-close <at> debbugs.gnu.org, Artur Malabarba <bruce.connor.am <at> gmail.com>
Subject: Re: bug#20550: 25.0.50; Add GnuPG 2.x support to
 epa-file-cache-passphrase-for-symmetric-encryption.
Date: Fri, 19 Jun 2015 18:09:47 +0900

Daiki Ueno <ueno <at> gnu.org> writes:

> Done as: https://bugs.gnupg.org/gnupg/issue1976

So, now that the original issue was fixed in GnuPG by Neal (in the above
bug), and another approach is also taken to mitigate the issue with
GnuPG 2.0.x as well, I'm closing this bug.

Artur: it would be great if you could have a chance to try those changes
and report any issue.

Regards,
-- 
Daiki Ueno
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#20550; Package emacs. (Sun, 21 Jun 2015 18:54:02 GMT) Full text and rfc822 format available.

Message #31 received at 20550 <at> debbugs.gnu.org (full text, mbox):

From: Artur Malabarba <bruce.connor.am <at> gmail.com>
To: Daiki Ueno <ueno <at> gnu.org>
Cc: Werner Koch <wk <at> gnupg.org>, 20550 <at> debbugs.gnu.org
Subject: Re: bug#20550: 25.0.50; Add GnuPG 2.x support to
 epa-file-cache-passphrase-for-symmetric-encryption.
Date: Sun, 21 Jun 2015 19:53:37 +0100

> Artur: it would be great if you could have a chance to try those changes
> and report any issue.

Seems to be working. Thanks.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Mon, 20 Jul 2015 11:24:04 GMT) Full text and rfc822 format available.
bug unarchived. Request was from Daiki Ueno <ueno <at> gnu.org> to control <at> debbugs.gnu.org. (Mon, 27 Jul 2015 02:41:02 GMT) Full text and rfc822 format available.
Forcibly Merged 20550 20982. Request was from Daiki Ueno <ueno <at> gnu.org> to control <at> debbugs.gnu.org. (Mon, 27 Jul 2015 02:41:02 GMT) Full text and rfc822 format available.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Mon, 24 Aug 2015 11:24:04 GMT) Full text and rfc822 format available.
bug unarchived. Request was from Glenn Morris <rgm <at> gnu.org> to control <at> debbugs.gnu.org. (Tue, 16 Feb 2016 22:58:02 GMT) Full text and rfc822 format available.
Forcibly Merged 20550 20982 22711. Request was from Glenn Morris <rgm <at> gnu.org> to control <at> debbugs.gnu.org. (Tue, 16 Feb 2016 22:58:02 GMT) Full text and rfc822 format available.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Thu, 17 Mar 2016 11:24:03 GMT) Full text and rfc822 format available.
This bug report was last modified 9 years and 148 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.