aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Runge <dave@sleepmap.de>2015-10-20 23:25:17 +0200
committerDavid Runge <dave@sleepmap.de>2015-10-20 23:25:17 +0200
commit03ebc69eab7d645060911e8b0d8354fe94c2242c (patch)
tree736e208d068c158e32d4ac0733b2e59dddd32fc1
parent9e290b2d3c2f611d7aa9999d02b2003515c0e7b8 (diff)
downloaddotfiles-03ebc69eab7d645060911e8b0d8354fe94c2242c.tar.gz
dotfiles-03ebc69eab7d645060911e8b0d8354fe94c2242c.tar.bz2
dotfiles-03ebc69eab7d645060911e8b0d8354fe94c2242c.tar.xz
dotfiles-03ebc69eab7d645060911e8b0d8354fe94c2242c.zip
.mutt/gpg.rc: Updating pgp settings to be compliant with gnupg > 2.1.
-rw-r--r--.mutt/gpg.rc108
1 files changed, 24 insertions, 84 deletions
diff --git a/.mutt/gpg.rc b/.mutt/gpg.rc
index 42e0929..2ee9ae8 100644
--- a/.mutt/gpg.rc
+++ b/.mutt/gpg.rc
@@ -1,87 +1,27 @@
-# -*-muttrc-*-
-#
-# Command formats for gpg.
-#
-# This version uses gpg-2comp from
-# http://70t.de/download/gpg-2comp.tar.gz
-#
-# $Id$
-#
-# %p The empty string when no passphrase is needed,
-# the string "PGPPASSFD=0" if one is needed.
-#
-# This is mostly used in conditional % sequences.
-#
-# %f Most PGP commands operate on a single file or a file
-# containing a message. %f expands to this file's name.
-#
-# %s When verifying signatures, there is another temporary file
-# containing the detached signature. %s expands to this
-# file's name.
-#
-# %a In "signing" contexts, this expands to the value of the
-# configuration variable $pgp_sign_as. You probably need to
-# use this within a conditional % sequence.
-#
-# %r In many contexts, mutt passes key IDs to pgp. %r expands to
-# a list of key IDs.
-
-# Note that we explicitly set the comment armor header since GnuPG, when used
-# in some localiaztion environments, generates 8bit data in that header, thereby
-# breaking PGP/MIME.
-
-# decode application/pgp
-set pgp_decode_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f"
-
-# verify a pgp/mime signature
-set pgp_verify_command="gpg --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f"
-
-# decrypt a pgp/mime attachment
-set pgp_decrypt_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f"
-
-# create a pgp/mime signed attachment
-# set pgp_sign_command="gpg-2comp --comment '' --no-verbose --batch --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f"
-set pgp_sign_command="gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f"
-
-# create a application/pgp signed (old-style) message
-# set pgp_clearsign_command="gpg-2comp --comment '' --no-verbose --batch --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f"
-set pgp_clearsign_command="gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f"
-
-# create a pgp/mime encrypted attachment
-# set pgp_encrypt_only_command="pgpewrap gpg-2comp -v --batch --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
-set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
-
-# create a pgp/mime encrypted and signed attachment
-# set pgp_encrypt_sign_command="pgpewrap gpg-2comp %?p?--passphrase-fd 0? -v --batch --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
-set pgp_encrypt_sign_command="pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
-
-# import a key into the public key ring
-set pgp_import_command="gpg --no-verbose --import %f"
-
-# export a key from the public key ring
-set pgp_export_command="gpg --no-verbose --export --armor %r"
-
-# verify a key
-set pgp_verify_key_command="gpg --verbose --batch --fingerprint --check-sigs %r"
-
-# read in the public key ring
-set pgp_list_pubring_command="gpg --no-verbose --batch --quiet --with-colons --with-fingerprint --with-fingerprint --list-keys %r"
-
-# read in the secret key ring
-set pgp_list_secring_command="gpg --no-verbose --batch --quiet --with-colons --with-fingerprint --with-fingerprint --list-secret-keys %r"
-
-# fetch keys
-# set pgp_getkeys_command="pkspxycwrap %r"
-
-# pattern for good signature - may need to be adapted to locale!
-
-# set pgp_good_sign="^gpgv?: Good signature from "
-
-# OK, here's a version which uses gnupg's message catalog:
-# set pgp_good_sign="`gettext -d gnupg -s 'Good signature from "' | tr -d '"'`"
-
-# This version uses --status-fd messages
-set pgp_good_sign="^\\[GNUPG:\\] GOODSIG"
+set pgp_decode_command="gpg %?p? --pinentry-mode loopback --passphrase-fd 0? --no-verbose --output - %f"
+set pgp_verify_command="gpg --pinentry-mode loopback --no-verbose --output - --verify %s %f"
+set pgp_decrypt_command="gpg --pinentry-mode loopback --no-verbose --output - %f"
+set pgp_sign_command="gpg --pinentry-mode loopback --no-verbose --output - --armor --detach-sign --textmode %?a?-u %a? %f"
+set pgp_clearsign_command="gpg --pinentry-mode loopback --no-verbose --output - --armor --textmode --clearsign %?a?-u %a? %f"
+set pgp_encrypt_only_command="pgpewrap gpg --pinentry-mode loopback --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0xF5A1A949 -- -r %r -- %f"
+set pgp_encrypt_sign_command="pgpewrap gpg --pinentry-mode loopback --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0xF5A1A949 -- -r %r -- %f"
+set pgp_import_command="gpg --pinentry-mode loopback --no-verbose --import -v %f"
+set pgp_export_command="gpg --pinentry-mode loopback --no-verbose --export --armor %r"
+set pgp_verify_key_command="gpg --pinentry-mode loopback --no-verbose --fingerprint --check-sigs %r"
+set pgp_list_pubring_command="gpg --pinentry-mode loopback --no-verbose --with-colons --with-fingerprint --list-keys %r"
+set pgp_list_secring_command="gpg --pinentry-mode loopback --no-verbose --with-colons --with-fingerprint --list-secret-keys %r"
+
+
+set pgp_good_sign="^gpg: Good signature from "
+set pgp_use_gpg_agent = yes
+set pgp_sign_as = 0xF5A1A949
+set pgp_timeout = 60
+set crypt_autosign = yes
+set crypt_replyencrypt = yes
+set crypt_replysignencrypted = yes
# add message-hook for non standard-compliant (old) gnupg style messages
message-hook '!(~g|~G) ~b"^-----BEGIN\ PGP\ (SIGNED\ )?MESSAGE"' "exec check-traditional-pgp"
+
+send-hook . 'reset crypt_autoencrypt'
+source "~/.mutt/gpg-auto.rc"