GNU bug report logs - #20550
25.0.50; Add GnuPG 2.x support to epa-file-cache-passphrase-for-symmetric-encryption.

Previous Next

Package: emacs;

Reported by: bruce.connor.am <at> gmail.com

Date: Mon, 11 May 2015 19:20:02 UTC

Severity: wishlist

Merged with 20982, 22711

Found in versions 25.0.50, 25.0.91

Done: Daiki Ueno <ueno <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Daiki Ueno <ueno <at> gnu.org>
To: Artur Malabarba <bruce.connor.am <at> gmail.com>
Cc: Werner Koch <wk <at> gnupg.org>, 20550 <at> debbugs.gnu.org
Subject: bug#20550: 25.0.50; Add GnuPG 2.x support to epa-file-cache-passphrase-for-symmetric-encryption.
Date: Tue, 12 May 2015 19:48:49 +0900

Artur Malabarba <bruce.connor.am <at> gmail.com> writes:

> - It made things worse in the sense that I now have to type the
> password 4(!) times when saving the file (all prompts are inside
> emacs). The first prompt is "Passphrase for symmetric encryption for
> /.../file.gpg: ", then I get "Confirm password: ", then I get the
> first one again, then the second one again.

Oh, you are right.  GnuPG 2.1 --pinentry-mode=loopback asks passphrase
twice on symmetric encryption, while GnuPG 1.x does that only once (look
at the GET_HIDDEN lines below):

  $ gpg2 --command-fd=1 --status-fd=1 --pinentry-mode=loopback --symmetric -o /dev/null < /dev/null
  gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
  gpg: It is only intended for test purposes and should NOT be
  gpg: used in a production environment or with production keys!
  [GNUPG:] NEED_PASSPHRASE_SYM 7 3 2
  [GNUPG:] GET_HIDDEN passphrase.enter
  test
  [GNUPG:] GOT_IT
  [GNUPG:] GET_HIDDEN passphrase.enter
  test
  [GNUPG:] GOT_IT
  [GNUPG:] BEGIN_ENCRYPTION 2 7
  [GNUPG:] END_ENCRYPTION

  $ gpg --command-fd=1 --status-fd=1 --symmetric -o /dev/null < /dev/null
  [GNUPG:] NEED_PASSPHRASE_SYM 3 3 2
  [GNUPG:] GET_HIDDEN passphrase.enter
  test
  [GNUPG:] GOT_IT
  [GNUPG:] BEGIN_ENCRYPTION 0 3
  [GNUPG:] END_ENCRYPTION

Though I suppose the repetition is meant to be a confirmation, I think
it is not very useful for clients (since we already know that the
confirmation is needed) and causes compatibility issues.

Could this be fixed in GnuPG itself?

Thanks,
-- 
Daiki Ueno
This bug report was last modified 9 years and 149 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.