[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption n
From: |
Daiki Ueno |
Subject: |
bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x |
Date: |
Wed, 09 Oct 2013 06:51:57 +0900 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux) |
Stefan Monnier <monnier@iro.umontreal.ca> writes:
>>>>> 1. On the local system, install GnuPG 2.x and don't run the gpg-agent
>>>>> 2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
>>>>> 3. Open file.gpg: password dialog pops up
>>>>> 4. close file.gpg
>>>>> 5. Open file.gpg: password dialog pops up again
>>>>> Step (5) should not prompt. It works properly with GnuPG 1.x.
> Still I'm confused: what kind of caching does
> epa-file-cache-passphrase-for-symmetric-encryption offer, then?
> From the docstring I got the impression that it would cache the
> passphrase in Emacs's heap, so gpg's own caching should be largely
> irrelevant (in the second session it will prompt for a password, which
> Emacs should provide from its own cache without prompting the user).
It used to work like that with gpg1. However, gpg2's implementation
choice is that it does not leak the indication that gpg2 (actually
gpg-agent) requires passphrase and it does not allow other tools than
pinentry to inject passphrase.
IMO that's a good idea for security (as pinentry uses secmem).
> Stefan "Also confused about what "symmetric" has to do with it"
Perhaps you could try the above recipe under gpg-agent is properly set up:
$ echo abc > file
$ gpg --symmetric file
$ eval `gpg-agent --daemon`
$ gpg2 < file.gpg
$ gpg2 < file.gpg
You won't be asked for the passphrase at the second time, because
gpg-agent remembers passphrase based on the file content.
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Teodor Zlatanov, 2013/10/07
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Daiki Ueno, 2013/10/07
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Ted Zlatanov, 2013/10/07
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Stefan Monnier, 2013/10/07
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Daiki Ueno, 2013/10/08
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Ted Zlatanov, 2013/10/08
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Stefan Monnier, 2013/10/08
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x,
Daiki Ueno <=
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Stefan Monnier, 2013/10/08
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Daiki Ueno, 2013/10/08
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Ted Zlatanov, 2013/10/09
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Stefan Monnier, 2013/10/09
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Daiki Ueno, 2013/10/09
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Ted Zlatanov, 2013/10/10
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Stefan Monnier, 2013/10/10
- bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x, Stefan Monnier, 2013/10/10