GpgOL: Key resolution without Kleopatra or GPA
Closed, ResolvedPublic

Description

The key resolver dialog from Kleopatra should be in libkleo so that a unified key dialog ( https://phabricator.kde.org/T5050 ). Such a dialog should be wrapped into an executable that takes recipients as arguments on the command line and returns the resolved keys / fingerprints on stdout.

This could replace the remaining assuan / UI Server communcation in GpgOL while still providing a nice GUI without having to add GUI Code to GpgOL itself. That should drastically increase performance as it bypasses Kleopatra's full init code, and gives control about the encryption directly to GpgOL. GpgOL would then also be more flexible to handle the eencryption / signing.

aheinecke added a comment.EditedJan 25 2018, 8:53 AM
  1. Collect all data in OOM, then start a thread to do the encryption.
  2. Do a proof of concept that this actually works and outlook lets us do it with our usual window message async handling.
  3. Update my Keyresolver patches in Libkleo and build a "libkleo-tool" to do the key resolving.
  4. Figure out Window Management / Create a Qt Overlay over the Mail window to block it from closing while encryption happens. This will resolve all bugs related to window mangement of the current key resolution.

Afterwards we can add all the fun we planned in https://wiki.gnupg.org/EasyGpg2016/AutomatedEncryption in the keyresolver and GpgOL itself. For that I think new tasks are in order.

Steps 1. and 2. are now implemented in the async-enc branch of GpgOL. The keyresolver patches are updated for me and partially commited.

This is coming along nicely. It might take longer then with Kleopatra if the key is large (as the new resolver does a full keylisting on every start) but that should be OK and we have plans to optimize that anyway.

We now do keylistings when encrypting in GpgOL:

  1. When a recpient is added we do a Keylist EXTERN | LOCAL (locate-key) in gpg
  2. When the keyresolver is started:
    1. keylisting for public keys in gpg
    2. keylisting for secret keys in gpg
    3. keylisting for public keys in gpgsm
    4. keylisting for secret keys in gpgsm
  3. After the recipients are resolved GpgOL does a Keylist LOCAL on the resolved Fingerprints to obtain the GPGME Key objects.

All listings are done through GPGME.

aheinecke closed this task as Resolved.Mar 8 2018, 8:24 AM

We have this now. There might be bugs but in general this works.

For better User Experience the "Automatic" resolution that is default in GpgOL does now work better and as long as there can be a marginally trusted key found for each recipient user id there won't be a resolver at all. Crypto does just work.