Discussion:
[Emacs-diffs] master 29006a6: Detect if a message can be encrypted and add an MML tag
(too old to reply)
Gregor Zattler
2018-04-11 11:32:20 UTC
Permalink
Hi Nicolas, Damien,
branch: master
commit 29006a6fd8e989013098b0281aa0b9efe13feb1d
Detect if a message can be encrypted and add an MML tag
* lisp/gnus/message.el (message-all-recipients): Return a list of
pairs, one for each recipient in To, Cc, Bcc.
(message-all-epg-keys-available-p): Check that there is a public key
in epg for each recipient of the current message.
(message-sign-encrypt-if-all-keys-available): Add MML tag to sign and
encrypt current message if there is a public key for every recipient
in current message.
* test/lisp/gnus/message-tests.el (message-all-recipients): Test for
message-all-recipients.
---
etc/NEWS | 8 +++++++
lisp/gnus/message.el | 30 +++++++++++++++++++++++++++
test/lisp/gnus/message-tests.el | 46 +++++++++++++++++++++++++++++++++++++++++
3 files changed, 84 insertions(+)
diff --git a/etc/NEWS b/etc/NEWS
index baff966..02b31ec 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -337,6 +337,14 @@ or NextCloud hosted files and directories.
It was obsolete since Emacs 22.1, replaced by customize.
+** Message
+
++++
+*** Messages can now be systematically encrypted
+when the PGP keyring contains a public key for every recipient. To
+achieve this, add 'message-add-encrypt-tag-if-can-encrypt' to
+'message-send-hook'.
When doing so I get:

run-hooks: Symbol’s function definition is void:
message-add-encrypt-tag-if-can-encrypt when sending a email.

Actually rgrepping emacs source for
"message-add-encrypt-tag-if-can-encrypt" finds only this very
NEWS entry.

Instead I added message-sign-encrypt-if-all-keys-available to
message-send-hook. This works but there are two separate issues:

1) It adds the MML tags even if the recipients key is disabled.

2) More complicated: The UI does not provide a means to
temporarily not use encryption (when e.g. you know your
correspondent is on vacation and reads email on a smartphone
without decryption facilities). The only way to send an
unencrypted email to a recipient for whom I have the
corresponding pub key, is to delete
message-sign-encrypt-if-all-keys-available from message-send-hook
before sending.

Thanks for working on this urgently needed feature, Gregor
Damien Cassou
2018-04-11 11:44:13 UTC
Permalink
Post by Gregor Zattler
message-add-encrypt-tag-if-can-encrypt when sending a email.
right. I will send a patch fixing the NEWS entry. Thanks for the report.
Post by Gregor Zattler
1) It adds the MML tags even if the recipients key is disabled.
I don't know what "the recipients key is disabled" means.
Post by Gregor Zattler
2) More complicated: The UI does not provide a means to
temporarily not use encryption (when e.g. you know your
correspondent is on vacation and reads email on a smartphone
without decryption facilities). The only way to send an
unencrypted email to a recipient for whom I have the
corresponding pub key, is to delete
message-sign-encrypt-if-all-keys-available from message-send-hook
before sending.
I agree. We could add a boolean buffer-local variable that the user
could toggle with something like `M-x
message-toggle-sign-encrypt-if-all-keys-available`. This would only
affect the current buffer. What do you think?
--
Damien Cassou
http://damiencassou.seasidehosting.st

"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill
Herring, Davis
2018-04-11 13:07:19 UTC
Permalink
Post by Damien Cassou
I agree. We could add a boolean buffer-local variable that the user
could toggle with something like `M-x
message-toggle-sign-encrypt-if-all-keys-available`. This would only
affect the current buffer. What do you think?
Presumably you'd want separate toggles for signing and encrypting (and maybe only the latter): maybe

M-x message-toggle-encryption
M-x message-toggle-signing

Davis
Gregor Zattler
2018-04-11 17:57:30 UTC
Permalink
Hi Damien,
Post by Damien Cassou
Post by Gregor Zattler
message-add-encrypt-tag-if-can-encrypt when sending a email.
right. I will send a patch fixing the NEWS entry. Thanks for the report.
Post by Gregor Zattler
1) It adds the MML tags even if the recipients key is disabled.
I don't know what "the recipients key is disabled" means.
A user may have a recipients public key in GnuPGs public key ring
but disable it. The key is the labled as disabled in key
listings and gpg does not use it for encryption.
This feature comes in handy if a recipient of yours forgot
his/her passphrase to the private part of the key pair or lost
the private key. In this case you may disable the public key in your
keyring. Then this public key is not used in the future for
encryption but you are still able to verify signatures made with
the corresponding private key in the past.

Therefore disabled keys should not be considered with respect to
the question if there are public keys for all recipients of a
given message.
Post by Damien Cassou
Post by Gregor Zattler
2) More complicated: The UI does not provide a means to
temporarily not use encryption (when e.g. you know your
correspondent is on vacation and reads email on a smartphone
without decryption facilities). The only way to send an
unencrypted email to a recipient for whom I have the
corresponding pub key, is to delete
message-sign-encrypt-if-all-keys-available from message-send-hook
before sending.
I agree. We could add a boolean buffer-local variable that the user
could toggle with something like `M-x
message-toggle-sign-encrypt-if-all-keys-available`. This would only
affect the current buffer. What do you think?
Yes, or slightly easier for the user to handle: a
command which removes the MML tags and sets this buffer local
variable or even then sends the message again.

Thanks for considering this.

Have a nice day, Gregor
Jens Lechtenboerger
2018-04-11 18:00:27 UTC
Permalink
Post by Damien Cassou
Post by Gregor Zattler
1) It adds the MML tags even if the recipients key is disabled.
I don't know what "the recipients key is disabled" means.
Function mml-secure-check-sub-key avoids disabled keys,
mml-secure-find-usable-keys calls that. You may want to call the
latter instead of epg-list-keys. That’s what I do in jl-encrypt.el
[1].
Post by Damien Cassou
Post by Gregor Zattler
2) More complicated: The UI does not provide a means to
temporarily not use encryption [...]
I agree. We could add a boolean buffer-local variable that the user
could toggle with something like `M-x
message-toggle-sign-encrypt-if-all-keys-available`. This would only
affect the current buffer. What do you think?
In jl-encrypt.el the user can confirm that they really want to send
plaintext although keys are available.

Best wishes
Jens

[1] https://www.informationelle-selbstbestimmung-im-internet.de/Emacs.html
Loading...