[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [sup-devel] [PATCH] Converted crypto to use the gpgme gem



Best hang fire on this patch. It appears to crash when verifying a signature when the public key is not available. I'm investigating the problem and how to fix it cleanly and I'll resubmit once I've done that.

Hamish

On Nov 6, 2010 8:08 PM, "Hamish D" <dmishd@gmail.com> wrote:

I often find that loading long threads of encrypted messages (I have
several of over 10 messages and one of nearly 40) leads to lots of
flickering as the console replaces sup, sup comes back, the console
comes back again ... It is also very slow, and involves writing
decrypted messages to disk (if only temporarily) which could be a
security hole. So I've looked about and found the gpgme gem which
provides an API to use, and allows decryption entirely in memory.

So I've rewritten lib/sup/crypto.rb to use gpgme. The functionality is
pretty much the same. Things I'm aware of that are different:

* we can't set the signature algorithm, so we have to use whatever is
set in the user's preferences
* the gpg-args hook has been replaced by the gpg-options hook

Other than that I think it is the same, although it took some work to
get the signature output to be the same. The other main difference is
that it's much faster and nicer now :)

It could do with some testing - I don't have much in the way of
messages that cause gpg to complain, so if you do, please try opening
those messages with this code and see if the behaviour is reasonable -
no crashes, given messages about why your message was bad etc.

Also I guess I should ask if people are happy to use this gem. Is it
hard to use on Macs? I guess I could rewrite this patch so it falls
back to the gpg binary if gpgme is not available ...

To install this patch on Debian/Ubuntu you can either

* apt-get install libgpgme-ruby
* apt-get install libgpgme11-dev; gem install gpgme

Hamish Downer

_______________________________________________
Sup-devel mailing list
Sup-devel@rubyforge.org
http://rubyforge.org/mailman/listinfo/sup-devel