gpg: add --passphrase-env VARNAME to read passphrase from environmentdkg/passphrase-env

* g10/keydb.h: declare set_passphrase_from_environment_variable()
* g10/passphrase.c: set_passphrase_from_environment_variable() new
function
* g10/gpg.c: add new --passphrase-env argument, handle it.

--

There are problems or difficulties (to varying degrees) with all of
the techniques available for sending a passphrase directly to the
GnuPG process when --pinentry-mode=loopback:

 * Passphrases on the command line often leak into the process table.

 * Passphrases in a file often leak into the disk.

 * Using an extra file descriptor to send a passphrase works well on
   platforms that make it easy to allocate and use extra file
   descriptors, but is pretty awkward on platforms that don't
   facilitate this.

So this patch adds a new form of passphrase-passing, using an
environment variable.  In POSIX shell, this looks like (for example):

    mypass="IUuKctdEhH8' gpg --batch --pinentry-mode=loopback\
      --passphrase-env=mypass --decrypt < message.txt

Hopefully, this is easier to use than --passphrase-fd on platforms or
language toolkits that don't facilitate file descriptor manipulation.

Signed-off-by: Daniel Kahn Gillmor <[email protected]>

1 files changed, 1 insertions, 0 deletions

diff --git a/g10/keydb.h b/g10/keydb.h
index 1def2bb81..db88df9f8 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -279,6 +279,7 @@ gpg_error_t build_sk_list (ctrl_t ctrl, strlist_t locusr,
 unsigned char encode_s2k_iterations (int iterations);
 int  have_static_passphrase(void);
 const char *get_static_passphrase (void);
+void set_passphrase_from_environment_variable(const char *envvar);
 void set_passphrase_from_string(const char *pass);
 void read_passphrase_from_fd( int fd );
 void passphrase_clear_cache (const char *cacheid);