Automatic GPG signing

Automatic GPG signing

[Matt Ford]

Hi,

How might I get Gnus to automatically sign my emails AND respect any
security settings I may have manually add?

Adding the following hook

(add-hook 'message-send-hook 'mml-secure-message-sign-pgpmime)

unfortunately over writes anything I may have set manually such as sign
AND encrypt.

Cheers,
-- 
Matt

Re: Automatic GPG signing

[Gijs Hillenius]

On 12 Jun 2014, Matt Ford wrote:

> Hi,
>
> How might I get Gnus to automatically sign my emails AND respect any
> security settings I may have manually add?
>
> Adding the following hook
>
> (add-hook 'message-send-hook 'mml-secure-message-sign-pgpmime)
>
> unfortunately over writes anything I may have set manually such as
> sign AND encrypt.

You might want to look at bbdb-gpg.el (there is a version for BBDB v2
and a rewritten one for BBDB v3)

Re: Automatic GPG signing

[Matt Ford]

[-- Attachment #1: Type: text/plain, Size: 207 bytes --]

Hi All,

In the end I went for

http://www.emacswiki.org/emacs/DefaultEncrypt

Seems to work nicely.

Also I think it's bbdb-pgp.el (not bbdb-gpg.el) unless my search was bad.

Cheers,
-- 
Matt

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 180 bytes --]

Re: Automatic GPG signing

[Peter Münster]

On Fri, Jun 13 2014, Matt Ford wrote:

> http://www.emacswiki.org/emacs/DefaultEncrypt

Hi,

If you want a very easy setup (encrypt whenever all recipients have
keys), then you could use something like this:

--8<---------------cut here---------------start------------->8---
(defun pm/message-send ()
  (unless (message-field-value gnus-delay-header) ; see http://article.gmane.org/gmane.emacs.gnus.general/84598
    (unless (string-equal pm/role "list")         ; no gpg stuff in lists
      (if (jl-epg-check-unique-keys (jl-mail-recipients))
          (mml-secure-message-sign-encrypt)
        (mml-secure-message-sign)))
    (or (pm/spell) (keyboard-quit))))             ; see http://article.gmane.org/gmane.emacs.gnus.general/84461

(add-hook 'message-send-hook 'pm/message-send)
--8<---------------cut here---------------end--------------->8---


And when you want to fetch unknown keys from a signed message:

--8<---------------cut here---------------start------------->8---
(defun pm/gnus-article-receive-epg-keys ()
  "Fetch unknown keys from a signed message.
From http://article.gmane.org/gmane.emacs.gnus.user/15894"
  (interactive)
  (goto-char (point-min))
  (if (re-search-forward
       "\\[\\[PGP Signed Part:No public key for \\([A-F0-9]\\{16,16\\}\\) created at "
       nil 'noerror)
      (progn
        (epg-import-keys-from-server (epg-make-context 'OpenPGP)
                                     (list (match-string 1)))
        (gnus-summary-prev-article)
        (gnus-summary-next-article)
        (gnus-summary-select-article-buffer))
    (message "No unknown signed parts found.")))
--8<---------------cut here---------------end--------------->8---

HTH,
-- 
           Peter

Re: Automatic GPG signing

[Peter Münster]

On Fri, Jun 13 2014, Peter Münster wrote:

> (defun pm/message-send ()
>   (unless (message-field-value gnus-delay-header) ; see http://article.gmane.org/gmane.emacs.gnus.general/84598
>     (unless (string-equal pm/role "list")         ; no gpg stuff in lists
>       (if (jl-epg-check-unique-keys (jl-mail-recipients))
>           (mml-secure-message-sign-encrypt)
>         (mml-secure-message-sign)))
>     (or (pm/spell) (keyboard-quit))))             ; see http://article.gmane.org/gmane.emacs.gnus.general/84461
>
> (add-hook 'message-send-hook 'pm/message-send)

Sorry, for this to work, I had to remove some lines from jl-encrypt.el:

--8<---------------cut here---------------start------------->8---
$ diff -u jl-encrypt.el~ jl-encrypt.el
--- jl-encrypt.el~      2014-05-26 16:32:09.973674503 +0200
+++ jl-encrypt.el       2014-05-26 20:12:24.641922293 +0200
@@ -203,15 +203,12 @@
 ;; (all necessary public keys are available).
 ;; In the past, this could have prevented me from sending plaintext e-mails
 ;; that should have been sent encrypted.
-(define-key message-mode-map (kbd "C-c C-c") 'jl-message-send-and-exit)
-(define-key message-mode-map (kbd "C-c C-s") 'jl-message-send)
 
 ;; Make gnus insert MML encryption tags if keys for all recipients are
 ;; available.  Thus, if you reply (or wide reply) to a message or edit
 ;; a saved draft, then MML encryption tags will be inserted right away.
 ;; Moreover, if jl-encrypt-insert-signature is always, an MML signature
 ;; tag will be added immediately.
-(add-hook 'gnus-message-setup-hook 'jl-encrypt-if-possible)
 
 (defgroup jl-encrypt nil
   "Customization options for jl-encrypt.el.")
--8<---------------cut here---------------end--------------->8---

-- 
           Peter

Re: Automatic GPG signing

[Andreas Schwab]

Peter Münster <pmlists@free.fr> writes:

> And when you want to fetch unknown keys from a signed message:
>
> (defun pm/gnus-article-receive-epg-keys ()

Or just add "keyserver-options auto-key-retrieve" to gpg.conf.

Andreas.

-- 
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."

Re: Automatic GPG signing

[Matt Ford]

[-- Attachment #1: Type: text/plain, Size: 291 bytes --]

Hi Peter,

Thanks for the replies.  I'm not quite sure why I need the hooks though?
The jl-encrypt code overrides `C-c C-c' which prompts me to encrypt
if all recipients have keys...

I also use `(setq jl-encrypt-insert-signature 'always)' to sign everything...

Cheers,
-- 
Matt

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 180 bytes --]

Re: Automatic GPG signing

[Peter Münster]

On Fri, Jun 13 2014, Andreas Schwab wrote:

> Peter Münster <pmlists@free.fr> writes:
>
>> And when you want to fetch unknown keys from a signed message:
>>
>> (defun pm/gnus-article-receive-epg-keys ()
>
> Or just add "keyserver-options auto-key-retrieve" to gpg.conf.

Indeed, but then public keys are *always* added, and you can't decide it
on your own with a key-press.

-- 
           Peter

Re: Automatic GPG signing

[Peter Münster]

On Fri, Jun 13 2014, Matt Ford wrote:

> Thanks for the replies.  I'm not quite sure why I need the hooks though?

Which hooks? If you follow my suggestion, you only need the message-send-hook.


> The jl-encrypt code overrides `C-c C-c' which prompts me to encrypt
> if all recipients have keys...

Yes. I don't like this, that's why I removed that line.


> I also use `(setq jl-encrypt-insert-signature 'always)' to sign everything...

Perhaps jl-encrypt.el does exactly what you want, that's fine.
I was looking for something simpler, that's why I just picked the
2 most interesting "jl-" functions and don't use the rest of the module.

-- 
           Peter

Re: Automatic GPG signing

[Matt Ford]

[-- Attachment #1: Type: text/plain, Size: 85 bytes --]

Ah I see - I hadn't realised you'd not used the whole module.

Cheers,
-- 
Matt

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 180 bytes --]