GSoC 2015 Project Intro and Progress

GNOME Keyring GSoC project

Hi, I’m Yuuma Sato and this summer I’ll be working on gnome-keyring as part of GSoC.

This project is about saving GnuPG passphrases in GNOME Keyring, which is not possible in newer versions of GnuPG due to a GNOME gpg-agent that can no longer attend the needs of GnuPG.

GnuPG provides a way to configure applications to ask for passphrases, these applications are called pinentry. And that is the proposed way to solve this issue. The pinentry will allow GNOME Keyring to manage GnuPG passphrases without interfering with other functionalities provided by GnuPG gpg-agent.

More about the project in GNOME wiki.

How did it start?

It’s been a week since coding period started, but before it even begins something that totally affects the project happened.
The development of a gnome3 based pinentry on GnuPG side to solve the same issue this project is about, its is not finished though.

Talking to Stef, we decided to change route of the project so that same thing is not implemented twice.
So, part of the work has shifted from building a pinentry from ground up to improving the one started on GnuPG.

Neal Walfied, who is working on the pinentry, explained that GnuPG requires some prompts not supported by gcr, those would be one button and three button prompts.
GnuPG uses a prompt with only one button to just notify the user, no input is taken. These prompts are used, for example, when passphrase constraints are enforced, a new key is being generated and the user has provided no passphrase. GnuPG informs that an empty passphrase is not allowed, and asks for the passphrase again.

The three button prompts are used in two situations, when marking a certificate as trusted, and when verifying the fingerprint of the certificate being added.
In both scenarios gpg prompts with a question to which you can give one of three answers.
When gpg prompts you to verify the fingerprint, for example, it gives you three options: “Correct”, “Wrong” and “Cancel”.

The changes to support new system prompts need to be made on gcr and gnome-shell.
Currently I’m working on adding support for one button prompts, but it still needs work.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s