diff options
author | Daniel Mueller <deso@posteo.net> | 2017-03-27 20:45:25 -0700 |
---|---|---|
committer | Daniel Mueller <deso@posteo.net> | 2017-03-27 20:45:25 -0700 |
commit | 1e9627ad412f364f3c5f556c5bb2ca2bb076d06d (patch) | |
tree | ad1e3191d72869234fa55d0ff993d1450866e372 /libc/ci/run-docker.sh | |
parent | de5ae8656387267bb4614bbab6b62784323f23c0 (diff) | |
download | nitrocli-1e9627ad412f364f3c5f556c5bb2ca2bb076d06d.tar.gz nitrocli-1e9627ad412f364f3c5f556c5bb2ca2bb076d06d.tar.bz2 |
Add pinentry module
We do not want to roll our own infrastructure for entering a password
(or PIN) securely, as there are existing providers of such
functionality. gpg-agent, which uses pinentry for this very purpose, is
such a program and we can safely assume to be present because we use it
with the smartcard part of the nitrokey.
This change introduces a new module, pinentry.rs, that provides the
means to invoke gpg-agent to ask the user for a PIN and to parse the
result. Using gpg-agent like this has two advantages that other
solutions do not necessarily provide: first, because we use gpg-agent
anyway it's pinentry configuration is as the user desires it and, hence,
the integration appears seamless. And second, the agent caches
pass phrases which alleviates the need for repeated entry should the
credential be required again.
Diffstat (limited to 'libc/ci/run-docker.sh')
0 files changed, 0 insertions, 0 deletions