gnome-gpg improvement

  • Post author:
  • Post category:Uncategorized

The gnome-gpg utility makes PGP a bit nicer to use on Gnome with the following features:

  • Present a Gnome password entry dialog for passphrase entry.
  • Allow the user to store the passphrase in the session or permanent keyring, so it can be provided automatically next time.

Unfortunately there are a few usability issues:

  • The anonymous/authenticated user radio buttons are displayed in the password entry dialog, while they aren’t needed.
  • The passphrase is prompted for even if gpg does not require it to complete the operation.
  • If the passphrase is entered incorrectly, the user is not prompted for it again like they would be with plain gpg.
  • If an incorrect passphrase is provided by gnome-keyring-daemon, you need to remove the item using gnome-keyring-manager or use the --force-passphrase command line argument.

I put together a patch to fix these issues by using gpg‘s --status-fd/--command-fd interface. Since this provides status information to gnome-gpg, it means it knows when to prompt for and send the passphrase, and when it gave the wrong passphrase.

I also swiped the zenity_util_show_dialog() function from Zenity to make the password dialog a transient of the terminal that ran it, so the passphrase dialog stays on the same desktop and can’t be obscured by that terminal.

The changes can be found here:

http://www.gnome.org/~jamesh/arch/james@jamesh.id.au/gnome-gpg–devel–0

(a Bazaar 1.x branch, since Colin was using Arch).

There are still a few issues with handling non-password prompts from gpg, but it works quite well for the basics.