MacGPG: pinentry-mac does not show the keychain checkbox
Which of our tools is giving you problems?
pinentry-mac (pinentry) 1.1.1
Attach a screenshot of the version info for all installed components (how to: https://gpgtools.tenderapp.com/kb/faq/where-can-i-find-version-info...):
Describe your problem. Add as much detail as possible. Decoding a gpg file opens the pinentry-mac, but I cannot find the option to store the passcode in the macOS keychain at all. Please, refer to the screenshot.
What did you expect instead The check-box of storing it in keychain should show up
Describe steps leading to the problem. brew install gnupg pinentry-mac
gpg -o aaa.txt.gpg -c -e aaa.txt
gpg -d aaa.txt.gpg
Are you using any other Mail.app plugins? No
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
1 Posted by lips_torn.0s on 03 Dec, 2021 06:17 AM
Just wondering if it is encrypted in symmetric key, won't it show up the keychain option?
Support Staff 2 Posted by Steve on 03 Dec, 2021 07:18 PM
Hi there,
thanks for reaching out.
You already found the correct explanation. For symmetric encryption the password / passphrase cannot be stored in macOS keychain.
All the best,
Steve
3 Posted by lips_torn.0s on 03 Dec, 2021 07:34 PM
Thanks for the explanation.
Can you explain or document why it has changed? It stores them in a macOS keychain even though it is symmetric encryption.
Support Staff 4 Posted by Steve on 03 Dec, 2021 08:43 PM
It does store the password for symmetric encrypted files or text for you?
5 Posted by lips_torn.0s on 03 Dec, 2021 09:27 PM
I don't know what was stored in the macOS keychain. :) I think you're the expert? :)
Anyway, I believe it stored the passphrase in the macOS keychain before, even though it used symmetric encryption.
Now, when I try to encrypt a file with the symmetric algorithm, it does not ask whether I want to put the passphrase into the macOS keychain or not.
I wonder when this has been changed so that I can update my gpg handling script by looking at the gpg version.
If there is a document, let me know. Thanks!
Support Staff 6 Posted by Luke Le on 03 Dec, 2021 09:38 PM
Hi,
you are using gnupg from homebrew. Homebrew installs the "next-generation" gnupg 2.3 which is not guaranteed to be fully supported by our pinentry-mac. The missing macOS keychain checkbox suggests that that is the issue.
If you need or like the integration with macOS Keychain, it's best to stick to our version of GnuPG which comes included in GPG Suite.
Hope that helps.
7 Posted by lips_torn.0s on 03 Dec, 2021 09:58 PM
Thank you,
If I install GPG Suite, does it come with the gpg CLI command tool? If so, would you help me find the path/location of the gpg CLI command tool, please?
8 Posted by lips_torn.0s on 03 Dec, 2021 10:04 PM
Is
/usr/local/MacGPG2/bin/gpg2
from the GPG Suite?If so, would
/usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac
the right pinentry-mac from GPG Suite?Support Staff 9 Posted by Luke Le on 03 Dec, 2021 10:06 PM
Yes, correct.
10 Posted by lips_torn.0s on 03 Dec, 2021 10:32 PM
Thanks, Luke.
But, they still do not allow to use macOS keychain for encrypting a file with the symmetric key.
Anyway, that's fine. As long as the symmetric encryption does not allow the macOS keychain, I will keep this in mind and update my script with this information.
Thanks,
Support Staff 11 Posted by Luke Le on 03 Dec, 2021 10:45 PM
That is correct. Personally I think it would be confusing for symmetric encryption.
Also keep in mind, gnupg has a local cache as well, so if you see that if you decrypt the same file within a short timeframe and yon are only asked for the passphrase once, it‘s the cache kicking in.
12 Posted by lips_torn.0s on 03 Dec, 2021 11:49 PM
that's right. Thanks!
Support Staff 13 Posted by Steve on 06 Dec, 2021 12:11 AM
Glad this is solved for you. I'm closing this discussion. Should you need further assistance or have questions you can re-open this discussion here or open a new one any time.
Best,
Steve
Steve closed this discussion on 06 Dec, 2021 12:11 AM.