Page Menu
Home
GnuPG
Search
Configure Global Search
Log In
Files
F461296
0001-gpg-add-passphrase-env-VARNAME-to-read-passphrase-fr.patch
dkg (Daniel Kahn Gillmor)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Authored By
dkg
Sep 23 2018, 8:35 PM
2018-09-23 20:35:08 (UTC+2)
Size
5 KB
Subscribers
None
0001-gpg-add-passphrase-env-VARNAME-to-read-passphrase-fr.patch
View Options
From 07c19981da0607dc442fadc4079b1d71fbef8f83 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Sun, 23 Sep 2018 14:10:17 -0400
Subject: [PATCH] gpg: add --passphrase-env VARNAME to read passphrase from
environment
* g10/keydb.h: declare set_passphrase_from_environment_variable()
* g10/passphrase.c: set_passphrase_from_environment_variable() new
function
* g10/gpg.c: add new --passphrase-env argument, handle it.
--
There are problems or difficulties (to varying degrees) with all of
the techniques available for sending a passphrase directly to the
GnuPG process when --pinentry-mode=loopback:
* Passphrases on the command line often leak into the process table.
* Passphrases in a file often leak into the disk.
* Using an extra file descriptor to send a passphrase works well on
platforms that make it easy to allocate and use extra file
descriptors, but is pretty awkward on platforms that don't
facilitate this.
So this patch adds a new form of passphrase-passing, using an
environment variable. In POSIX shell, this looks like (for example):
mypass="IUuKctdEhH8' gpg --batch --pinentry-mode=loopback\
--passphrase-env=mypass --decrypt < message.txt
Hopefully, this is easier to use than --passphrase-fd on platforms or
language toolkits that don't facilitate file descriptor manipulation.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
doc/gpg.texi | 11 ++++++++++-
g10/gpg.c | 5 +++++
g10/keydb.h | 1 +
g10/passphrase.c | 13 +++++++++++++
4 files changed, 29 insertions(+), 1 deletion(-)
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 7f55cc7e3..55e31d2e7 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -670,7 +670,8 @@ used for no expiration date.
If this command is used with @option{--batch},
@option{--pinentry-mode} has been set to @code{loopback}, and one of
the passphrase options (@option{--passphrase},
-@option{--passphrase-fd}, or @option{passphrase-file}) is used, the
+@option{--passphrase-fd}, @option{--passphrase-env}, or
+@option{passphrase-file}) is used, the
supplied passphrase is used for the new key and the agent does not ask
for it. To create a key without any protection @code{--passphrase ''}
may be used.
@@ -3172,6 +3173,14 @@ Note that since Version 2.0 this passphrase is only used if the
option @option{--batch} has also been given. Since Version 2.1
the @option{--pinentry-mode} also needs to be set to @code{loopback}.
+@item --passphrase-env @var{string}
+@opindex passphrase-env
+Use the value of the environment variable @var{string} as the passphrase.
+This can only be used if only one passphrase is supplied.
+
+This passphrase is only used if the option @option{--batch} has also
+been given, and if @option{--pinentry-mode} is set to @code{loopback}.
+
@item --pinentry-mode @var{mode}
@opindex pinentry-mode
Set the pinentry mode to @var{mode}. Allowed values for @var{mode}
diff --git a/g10/gpg.c b/g10/gpg.c
index f04a3400a..36adbaaa2 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -257,6 +257,7 @@ enum cmd_and_opt_values
oBZ2CompressLevel,
oBZ2DecompressLowmem,
oPassphrase,
+ oPassphraseEnv,
oPassphraseFD,
oPassphraseFile,
oPassphraseRepeat,
@@ -709,6 +710,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_c (aRebuildKeydbCaches, "rebuild-keydb-caches", "@"),
ARGPARSE_s_s (oPassphrase, "passphrase", "@"),
+ ARGPARSE_s_s (oPassphraseEnv, "passphrase-env", "@"),
ARGPARSE_s_i (oPassphraseFD, "passphrase-fd", "@"),
ARGPARSE_s_s (oPassphraseFile, "passphrase-file", "@"),
ARGPARSE_s_i (oPassphraseRepeat,"passphrase-repeat", "@"),
@@ -3151,6 +3153,9 @@ main (int argc, char **argv)
case oPassphrase:
set_passphrase_from_string(pargs.r.ret_str);
break;
+ case oPassphraseEnv:
+ set_passphrase_from_environment_variable(pargs.r.ret_str);
+ break;
case oPassphraseFD:
pwfd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
break;
diff --git a/g10/keydb.h b/g10/keydb.h
index 1def2bb81..db88df9f8 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -279,6 +279,7 @@ gpg_error_t build_sk_list (ctrl_t ctrl, strlist_t locusr,
unsigned char encode_s2k_iterations (int iterations);
int have_static_passphrase(void);
const char *get_static_passphrase (void);
+void set_passphrase_from_environment_variable(const char *envvar);
void set_passphrase_from_string(const char *pass);
void read_passphrase_from_fd( int fd );
void passphrase_clear_cache (const char *cacheid);
diff --git a/g10/passphrase.c b/g10/passphrase.c
index 10574ec6a..17e259695 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -159,6 +159,19 @@ set_passphrase_from_string(const char *pass)
strcpy (fd_passwd, pass);
}
+void
+set_passphrase_from_environment_variable(const char *envvar)
+{
+ const char *val = getenv(envvar);
+ if (val == NULL)
+ val = "";
+ xfree (fd_passwd);
+ fd_passwd = xmalloc_secure(strlen(val)+1);
+ strcpy (fd_passwd, val);
+ /* clean up sensitive environment variable to avoid accidental
+ propagation: */
+ unsetenv(envvar);
+}
void
read_passphrase_from_fd( int fd )
--
2.19.0
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
271721
Attached To
T4154: allow setting passphrase from an environment variable
Event Timeline
Log In to Comment