gpgme uses gpgsm in server mode. To allow gpgme to tell gpgsm to work directly on files instead of on FDs the server commands "ENCRYPT", etc., need to accept file names for input and output alternatively to the input/output FDs.
Alternatively, gpgme could use gpgsm in command mode (just as gpg) instead of in server mode.
| Status | Assigned | Task | ||
|---|---|---|---|---|
| Open | None | T6928 Kleopatra: Speed up S/MIME crypto operations for large files (on Windows) | ||
| Open | None | T6922 GpgME: Extend sign/encrypt/decrypt/verify S/MIME jobs to accept input / output from a filename | ||
| Open | None | T6927 gpgsm: Accept file names for input and output in server mode |
This either requires an updated libassuan which allows "INPUT FILE=foo" in addition to INPUT FD=n" or using custom handlers in for INPUT et al. in gpgsm. I'd prefer the former. Anoter option would be to open and close the file in ggpgme and pass the fd.
I do not think this is a very common usecase. For me regarding CMS file operations it would be more important to implement T2435: gpgsm combined sign and encrypt which I find the most annyoing issue regarding CMS file encryption.