1

I am trying a write a small little C++ application that uses gpg to encrypt/decrypt files. I am using the GpgME library.

I want to be able to have a little line edit where the user can enter the password for the key he wants to use to decrypt a message instead of popping up the gpg pinentry application.

I am able to disable the pinentry application to popup by doing: gpgme_set_pinentry_mode(context, GPGME_PINENTRY_MODE_CANCEL);

But I am not able to supply a password any other way. I have been googling for a couple of weeks now and from what I can gather people say that I can write a "custom pinentry wrapper" and supply the password that way. I am trying to wrap my brain around this, but I just cant figure out what that means or how to do it.

Anyone able to help me shed some light on this?

pskaa
  • 21
  • 1
  • 3

1 Answers1

0

Why would you not want to use the default pinentry and worry about securely handling the (master) passphrase or pin (for people using GnuPG cards)?

I would advice against creating a custom solution for this well audited and supported part of the GPG(2) system.

the JinX
  • 1,950
  • 1
  • 18
  • 23
  • 1
    I am using group keys that no one really know the passwords to. I am using their personal keys to decrypt the group key, which I in turn then use to unlock the actual content. So it is the group key password I need to supply without any user input. – pskaa Nov 16 '15 at 11:00
  • That sounds like a valid but still imo pretty dangerous option of going about it. Have you tried this "trick" https://www.gnupg.org/documentation/manuals/gnupg/gpg_002dpreset_002dpassphrase.html – the JinX Nov 16 '15 at 11:27