#6 pgp: option to attach signature and public key 2 years ago

Comment by ~huge on ~rjarry/aerc

#6 pgp: option to attach signature and public key 2 years ago

Comment by ~huge on ~rjarry/aerc

Do you think it is possible to preserve the current UX with external gpg commands?

The plan is to still try and populate the openpgp.MessageDetails field in the MessageView. If that path is viable then the UI won't change at all.

It also seems like encrypted sending and signing isn't currently implemented. Is that the case? If so, maybe I just ship the patch to read and knock out the other TODOs as separate changes.

#6 pgp: option to attach signature and public key 2 years ago

Comment by ~huge on ~rjarry/aerc

I think I'm going to pull DecryptKeys() as part of this patch. It's being completely bypassed in the only place it's used (NewMessageStoreView()).

DecryptKeys() is the only opportunity to enter a password for a key from within aerc, but I don't know of a workflow with the system gpg where that would be needed. Generally you'll be prompted by pinentry or whatever you normally use to unlock your key.

Any objections here? Does anyone have a workflow I'm not thinking through?

#6 pgp: option to attach signature and public key 2 years ago

Comment by ~huge on ~rjarry/aerc

~rjarry: Not sure if I should track this here or make a new ticket. Lemme know and I can create another and you can assign to me.

Made some progress on the proposal I made in https://todo.sr.ht/~sircmpwn/aerc2/538 tonight. Was pretty trivial to get this decrypting msgs properly. Literally just set fm.Content.Reader to Stdin on exec.Command("gpg", "-d") and replaced the io.Reader from pgpmail.Read() with the StdoutPipe() from the command. My key is on a smartcard, which is kind of the worst case scenario for /x/crypto/openpgp and now this is working like a champ!

It's totally usable now for reading. It feels about twice as fast as mutt displaying the same msgs, so that's something.

My remaining TODOs:

  • Implement signing outgoing msgs
  • Implement sig verification
  • Update config
  • Make sure :pipe and whatever else works with the decrypted output properly
  • Update the config doc
  • Remove any unused code from prior implementation

Will try to make some progress over the weekend.

#538 Consider exec on system gpg instead of using /x/crypto/openpgp 2 years ago

Ticket created by ~huge on ~sircmpwn/aerc2

The go team has deprecated openpgp (see https://github.com/golang/go/issues/44226). Support for smartcards (ref #424) may not be possible in its current state.

I'm down to crank out a patch if it's in line with the project's goals.

I was thinking something like adding this field to the accounts.conf:

pgp_sign_as = <key>

And these to aerc.conf:

pgp_decrypt_cmd = ...
pgp_encrypt_cmd = ...
pgp_sign_cmd = ...
pgp_verify_cmd = ...