<<< Date Index >>>     <<< Thread Index >>>

Re: How to activate a given GPG key through a macro...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday, September 24 at 10:03 PM, quoth P.M.:
>> Eh? That wouldn't do anything at all in a muttrc, that I'm aware 
>> of, and *should* cause mutt to complain. Under what context is that 
>> in your muttrc---is it in the middle of a variable setting or 
>> something?
>
> These are the two instances I was referring to, been 
> that way a long time and mutt has never complained:

Okay. The way to modify them to use %a in a straightforward way is 
this:

set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet 
  --no-verbose --output - --encrypt --textmode --armor --always-trust 
  --encrypt-to %a -- -r %r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch 
  --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u 
  %a? --armor --always-trust --encrypt-to %a -- -r %r -- %f"

If you want to make them more flexible, you can use conditionals:

set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet 
  --no-verbose --output - --encrypt --textmode --armor --always-trust 
  %?a?--encrypt-to %a? -- -r %r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch 
  --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u 
  %a? --armor --always-trust %?a?--encrypt-to %a? -- -r %r -- %f"

> So you say I should set the "--encrypt-to" in those two instances to 
> "%a?" and the "set pgp_sign_as=" to "%?a?-u %a?" (quoted or 
> unquoted?)... Please confirm and I'll go ahead with it.

No, you're not understanding me. The "%a", when used in a 
$pgp_*_command variable (namely $pgp_encrypt_only_command, 
$pgp_encrypt_sign_command, $pgp_sign_command, $pgp_decode_command, 
$pgp_decrypt_command, and $pgp_clearsign_command) gets replaced with 
the contents of the $pgp_sign_as variable.

Thus, if you have this:

set pgp_sign_as=foo
set pgp_sign_command="gpg %a"

Then when needed, $pgp_sign_command will be treated as if it had been  
set to "gpg foo". So, if you do this:

set pgp_sign_as=0x31577172
set pgp_sign_command="gpg --encrypt-to %a"

Then, when $pgp_sign_command is needed, mutt will treat it as if it 
had been set to "gpg --encrypt-to 0x31577172". If you want to make it 
able to handle the following situation:

unset pgp_sign_as

...then you'd need to rewrite it like this:

set pgp_sign_command="gpg %?a?--encrypt-to %a?"

In which case, if $pgp_sign_as is empty, $pgp_sign_command will be 
interpreted as "gpg ", but if $pgp_sign_as is set to something (say, 
"foo"), will be interpreted as "gpg --encrypt-to foo".

%a is NOT a "magic" token to magically read your mind and figure out 
what key you should be using to sign things. Thus, the following makes 
no sense:

set pgp_sign_as="%a"

That would be akin to doing this:

set pgp_sign_as="$pgp_sign_as"

Hopefully, you see what I'm saying...

> With my previous setup, then, I was erroneously encrypting/signing 
> with my public key?!?

Probably not. What makes you think that?

> Here is the whole of my pgp section... Please let me know what else 
> I messed up and should now change...

That all looks fine.

~Kyle
- -- 
In all matters of opinion, our adversaries are insane.
                                                         -- Oscar Wilde
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!

iD8DBQFG+DhJBkIOoMqOI14RAmtwAJ9oqP5s0osmrmUtAjPe+OYHRJRiZwCfal6V
DlnExN6TOvcYe7xCpwsfSvM=
=euge
-----END PGP SIGNATURE-----