Log in

No account? Create an account
gpg hates me now - brad's life — LiveJournal [entries|archive|friends|userinfo]
Brad Fitzpatrick

[ website | bradfitz.com ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

gpg hates me now [Sep. 21st, 2006|07:15 pm]
Brad Fitzpatrick
[Tags|, ]

I went to hack on brackup after a long break, and it bitches at me now. Or rather, gpg does:
sammy:trunk $ ./brackup --from=brackup --to=amazon \
gpg: 92FDF929: There is no assurance this key belongs to the named user

pub  4096g/92FDF929 2006-03-20 Brad Fitzpatrick <brad@danga.com>
 Primary key fingerprint: E5C8 295F D1AB 7DE1 C5DF  7F68 FB52 E360 5E1B 3EC5
      Subkey fingerprint: B269 19C9 1BAD 3458 7B9A  B888 B9C6 667B 92FD F929

It is NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) 

That's new. I must've upgraded.

Where's the --just-do-what-i-fucking-say option?

I'm doing:
    system($self->root->gpg_path, $self->root->gpg_args,
       "--recipient", $gpg_rcpt, "--encrypt", "--output=$etmpfn", "--yes", $tmpfn)
        and die "Failed to run gpg: $!\n";

Note the --yes. Apparently that means --unless-you-feel-bitchy-in-this-new-version.


Context switch time. No love for Brackup because gpg is full of hate.

[User Picture]From: grumpy_sysadmin
2006-09-22 05:09 am (UTC)

You're trying to encipher to your own key?

Okay, so I should actually go look at your code.

It sounds, though, like you're trying to use gpg in a session-specific context. It's not made for that... not even from a code-design point of view, from a cryptology point of view. There are cipher models that are made for that (I hear SSL is popular...) ... but their key models generally suck.

Maybe what you actually want for this job is one of the various gpg-agent thingies?
(Reply) (Parent) (Thread)