Heiko

The openpgp-card-state crate now has a new "ephemeral" backend:

https://codeberg.org/openpgp-card/state/#ephemeral-interactive-input-with-persistence-and-expiry

This combines the defensiveness of unpersisted pinentry with the convenience of caching (in the Linux kernel credential store, for a configurable duration).

New releases of https://crates.io/crates/openpgp-card-tool-git, https://crates.io/crates/openpgp-card-ssh-agent, https://crates.io/crates/rsop-oct support this new #OpenPGP card PIN storage backend.

Many thanks to @classabbyamp who implemented this new PIN handling mechanism in openpgp-card-state.

state

Shared state for applications that use OpenPGP cards

Codeberg.org
Mar 19 at 5:36pmWeb
Show threadLarvitz  6d ago

@hko @classabbyamp Amazing! I still use my implementation that I sent in PR https://codeberg.org/openpgp-card/state/pulls/13 ...

I'll close my PR, as the solution, using the Linux Kernel credential store is a MUCH cleaner approach than tempfiles

Add ephemeral PIN storage backend

This PR introduces a new ephemeral PIN storage backend that addresses a common use case in OpenPGP card workflows: providing convenient PIN persistence without permanent storage on disk. **Problem** Currently, users must choose between: - Pinentry backend: Requires PIN entry for every operation...

Codeberg.org