gopass icon indicating copy to clipboard operation
gopass copied to clipboard

Published 20 hours ago verified publisher icon gopasspw

golang based PGP

Open gedw99 opened this issue 5 years ago • 6 comments

THis is not a bug but a architecture suggestion

ProtonMail has an open pgp lib: https://github.com/ProtonMail/gopenpgp

It works well and also works on gomobile.

SO i was thinking that we could use this for Desktop and Mobile, so that its possible to make gopass GUI's easily.

There is also a CLI here: https://github.com/ProtonMail/gosop

This CLI implements this proposed standard for PGP: https://tools.ietf.org/html/draft-dkg-openpgp-stateless-cli-01

gedw99 avatar May 31 '20 15:05 gedw99

Thanks for recommending a native OpenPGP library @gedw99.

Just so you are aware of it, there is a discussion ongoing in https://github.com/gopasspw/gopass/issues/1365 to remove GPG support from gopass.

What are the core features from OpenPGP that you would like to see in gopass? Feel free to provide your feedback in the linked issue.

Pharb avatar May 31 '20 18:05 Pharb

Thanks for the suggestion. It's actually an interesting project and I did look at this before. However back then it had at least one show stopper. Either depending on shelling out to the gpg CLI or not working with recent gnupg releases (agent support?). I don't remember exactly, but if these were resolved this might be a very viable option in case we want to keep supporting GPG.

However as @Pharb mentioned we're discussing eventually removing GPG support - the data model is just too overwhelming for average users.

dominikschulz avatar May 31 '20 19:05 dominikschulz

I just read the Issue. I think your right. Quality over quantity. People can always pipeline into other systems is needed.

PGP - I can live without PGP. Git as the store is pretty damn useful.

  • THat guy that suggested using the golang git pakcage is right imho. Make it trival.

About the GUI.... I think it would be very easy to make a mobile app in flutter that creats git PR's back to your git repo store. Take for instance this:https://github.com/git-touch/git-touch

  • talks to all git repos

https://github.com/authpass/authpass

  • this uses keypass

gedw99 avatar Jun 03 '20 11:06 gedw99

For my use cases i would appreciate following:

  • PGP is quite handy as I use it for other things like ssh authentication and email encryption, but I could live without support, especially since age seems to be a really nice solution.
  • Git is very handy, as I have my own git server or could just use ssh to synchronize my secrets over many devices, shouldn't go-git help here?
  • And now to the big fish: Mobile Support - specifically Android. I really like the simple concepts of gopass and would like to replace my bitwarden with it. At the moment the passwordstore app and my git server will do, but with these proposals it would be impossible to do that

tionis avatar Jun 30 '20 19:06 tionis

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Dec 25 '20 13:12 stale[bot]

Notice we do no plan anymore to remove GPG now.

To me the biggest blocker here to migrate to a fully Go based GPG lib would be the support for hardware tokens. Is anyone aware of a lib supporting hardware PGP tokens? Or of a way to get openpgp to work with hardware tokens ?

AnomalRoil avatar Jan 07 '21 18:01 AnomalRoil

I don't think this is feasible at the moment. There are just too many ways people extend or customize GnuPG. We will likely keep supporting the gpg CLI for the foressable future.

But for anyone who doesn't want that we do offer proper support for age since a while.

dominikschulz avatar Dec 04 '22 10:12 dominikschulz