Encrypt gcc copy with own key

Encrypt gcc copy with own key

[Michael Sperber]

I often archive a copy of an encrypted e-mail.  Once upon a time, I
wondered how to do this without encrypting the archive copy with the
recipient's key (which I don't have).  Reiner Steib gave some advice
here:

http://article.gmane.org/gmane.emacs.gnus.general/66847

Somehow, I seem to remember that his idea worked.  Looking back at my
archived copies, however, they are all un-decryptable.  Tracing through
the code, it's clear the gcc copy is explicitly encrypted using the
recipient's key.  So I think there's ultimately a bug somewhere.  I did
this to fix it:

Index: lisp/gnus-msg.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/gnus-msg.el,v
retrieving revision 7.72
diff -u -r7.72 gnus-msg.el
--- lisp/gnus-msg.el	22 Jan 2009 07:02:16 -0000	7.72
+++ lisp/gnus-msg.el	21 May 2009 12:11:07 -0000
@@ -1636,7 +1636,9 @@
 	    (save-excursion
 	      (nnheader-set-temp-buffer " *acc*")
 	      (insert-buffer-substring cur)
-	      (message-encode-message-body)
+	      (let ((message-options message-options))
+		(message-options-set 'message-recipients user-mail-address)
+		(message-encode-message-body))
 	      (save-restriction
 		(message-narrow-to-headers)
 		(let* ((mail-parse-charset message-default-charset)
Index: lisp/mml2015.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/mml2015.el,v
retrieving revision 7.57
diff -u -r7.57 mml2015.el
--- lisp/mml2015.el	22 Jan 2009 07:02:16 -0000	7.57
+++ lisp/mml2015.el	21 May 2009 12:11:07 -0000
@@ -1291,7 +1291,8 @@
 		     recipients)))
 	(unless recipients
 	  (error "No recipient specified")))
-      (message-options-set 'mml2015-epg-recipients recipients))
+      ;(message-options-set 'mml2015-epg-recipients recipients)
+      )
     (when sign
       (setq signers
 	    (or (message-options-get 'mml2015-epg-signers)

Is this the way to do it?  Comments appreciated!

-- 
Cheers =8-} Mike
Friede, Völkerverständigung und überhaupt blabla

Re: Encrypt gcc copy with own key

[Daiki Ueno]

>>>>> In <y9l4ov9mipr.fsf@deinprogramm.de> 
>>>>>	Michael Sperber <sperber@deinprogramm.de> wrote:

> I often archive a copy of an encrypted e-mail.  Once upon a time, I
> wondered how to do this without encrypting the archive copy with the
> recipient's key (which I don't have).  Reiner Steib gave some advice
> here:

> http://article.gmane.org/gmane.emacs.gnus.general/66847

> Somehow, I seem to remember that his idea worked.  Looking back at my
> archived copies, however, they are all un-decryptable.  Tracing through
> the code, it's clear the gcc copy is explicitly encrypted using the
> recipient's key.  So I think there's ultimately a bug somewhere.

This is not a bug of Gnus, but of his suggestion.  The default recipient
shall be used only if the recipient is not specified (see the GnuPG
manual).

Try "encrypt-to <your key ID>" instead of "default-recipient-self".

Regards,
-- 
Daiki Ueno

Re: Encrypt gcc copy with own key

[Michael Sperber]

Daiki Ueno <ueno@unixuser.org> writes:

>>>>>> In <y9l4ov9mipr.fsf@deinprogramm.de> 
>>>>>>	Michael Sperber <sperber@deinprogramm.de> wrote:
>
>> I often archive a copy of an encrypted e-mail.  Once upon a time, I
>> wondered how to do this without encrypting the archive copy with the
>> recipient's key (which I don't have).  Reiner Steib gave some advice
>> here:
>
>> http://article.gmane.org/gmane.emacs.gnus.general/66847
>
>> Somehow, I seem to remember that his idea worked.  Looking back at my
>> archived copies, however, they are all un-decryptable.  Tracing through
>> the code, it's clear the gcc copy is explicitly encrypted using the
>> recipient's key.  So I think there's ultimately a bug somewhere.
>
> This is not a bug of Gnus, but of his suggestion.  The default recipient
> shall be used only if the recipient is not specified (see the GnuPG
> manual).
>
> Try "encrypt-to <your key ID>" instead of "default-recipient-self".

Doesn't work for me - tracing through the code, I see that the recipient
key (i.e. not mine) is *explicitly* used for archiving the Gcc copy.
The key is propagated from one invocation of `mml2015-epg-encrypt' to
the next via the `mml2015-epg-recipients' message option.

-- 
Cheers =8-} Mike
Friede, Völkerverständigung und überhaupt blabla

Re: Encrypt gcc copy with own key

[Daiki Ueno]

>>>>> In <y9liqjlfr5a.fsf@deinprogramm.de> 
>>>>>	Michael Sperber <sperber@deinprogramm.de> wrote:

> > Try "encrypt-to <your key ID>" instead of "default-recipient-self".

> Doesn't work for me

It works for me.

> tracing through the code,

I'd suggest you to try it from the command line before looking into the
Lisp code.  I.e.

 $ gpg --encrypt-to sperber@deinprogramm.de -e -r foo@example.com test.txt
 $ gpg < test.txt.gpg

> I see that the recipient key (i.e. not mine) is *explicitly* used for
> archiving the Gcc copy.  The key is propagated from one invocation of
> `mml2015-epg-encrypt' to the next via the `mml2015-epg-recipients'
> message option.

Yes, that is correct behavior.  "encrypt-to sperber@deinprogramm.de" in
gpg.conf makes your address an *additional* recipient for all the
outgoing messages, while "default-recipent-self" doesn't.

Regards,
-- 
Daiki Ueno

Re: Encrypt gcc copy with own key

[Michael Sperber]

Daiki Ueno <ueno@unixuser.org> writes:

>>>>>> In <y9liqjlfr5a.fsf@deinprogramm.de> 
>>>>>>	Michael Sperber <sperber@deinprogramm.de> wrote:
>
>> > Try "encrypt-to <your key ID>" instead of "default-recipient-self".
>
>> Doesn't work for me
>
> It works for me.  [...] "encrypt-to sperber@deinprogramm.de" in
> gpg.conf makes your address an *additional* recipient for all the
> outgoing messages, while "default-recipent-self" doesn't.

Ah, thanks for the explanation.  The culprit turned out to be a typo in
my gpg.conf, and things are fine now.  Many thanks for the help!

-- 
Cheers =8-} Mike
Friede, Völkerverständigung und überhaupt blabla