-
Notifications
You must be signed in to change notification settings - Fork 7
Motivation
Weida Hong edited this page Jan 3, 2024
·
1 revision
Why do I implement this extension, why not use gpg-agent
to ask password from user?
The problem is that: when we are working remotely from Windows to Linux, there is no good way to do agent-forward for GPG toolchain.
See also: Git: Support prompting for GPG password · Issue #43809 · microsoft/vscode
To work around this scenario, we launch a fake GPG front-end to ask gpg-agent
signing a dummy message, causing it to keep the passphrase in its memory for some period. Thus, following git commit-signing won't cause iterative passphrase-asking process later.
+-------------+ +-------------+
| | | |
<-----+ Local Agent |<---x | Fake GPG |
Ask | | Ask | |
Passphrase+-------------+ x +--+----------+
^ |
Ask | | Sign &
Passphrase | | Passphrase
| v
+--+----------------+
| |
+-------+ +-------+ | |
Commit | | Sign | | Sign | Agent | +--------+
-------->| GIT +----->| GPG +------->| |<--+ key |
| | | | | +-------+ +--------+
+-------+ +-------+ | | pass |
+-----------+-------+