QCA2

Sat Sep 10 04:00:26 BST 2022

   I'm working on a project using Qt5, GPG and QCA2, the latter because
it can encrypt and decrypt PGP messages. This, of course, involves
using the qca-gnupg plugin.

   Encryption went fine (there's no need to sign anything (at the
moment, anyway)). Decryption, however, presented a problem: How to get
the password into gpg? I tried following the one example that I could
find (eventhandlerdemo.cpp), but I could never get the PasswordAsker
to, you know, actually ask for a password. I did discover, however,
that if I first used gpg to decrypt something (and supplying my
password to the agent in the process), that my program would
successfully decrypt things until the agent timed out (i.e. ten minutes
or so).

   I began to think  that the problem lay in the qca2 library. I went
through the source code and did a bit of tracing, and I found that QCA
always supplies "--pinentry-mode loopback" on the gpg command line.
This will never invoke the pinentry dialog, because that mode forces
gpg to ask for a password on the command line, which, apart from being
useless in a GUI application, won't work anyway because QCA also
supplies "--no-tty" on the command line, and that suppresses console
output.

   I managed to modify the qca-gnupg plugin code to replace "--
pinentry-mode loopback" with "--pinentry-mode default" when it's
decrypting or signing a message, built the libraries, installed it, and
now I get a proper pinentry dialog when I want to decrypt a message.

   So, the questions that I have are these:

1. I don't think that QCA, on its own, has any way to supply a password
to gpg or gpg-agent (apart, I suppose, by supplying it on the command
line, and nobody wants that), and anyway it's not implemented. But have
I missed something? Has anyone got QCA to decrypt files with GPG
lately?

2. Would this patch be useful for others? Note that it only affects the
qca-gnupg plugin: the rest of QCA is untouched.

   I'm using the current QCA version on Debian testing (2.3.4-1+b1).

-- 
Ron Murray <rjmx at rjmx.net>
PGP Fingerprint: 4D99 70E3 2317 334B 141E 7B63 12F7 E865 B5E2 E761