GNOME.org
 

Re: Choose signing key

Hi all:
Attached is a simple patch against svn rev. 7953 which lets you explicitly specify a key id for an identity, instead of letting Balsa choose a key. In the text entry, enter the 8-digit hex id of the key which shall be used. If the entry is empty, Balsa will automagically choose the proper key for the identity (mail address), or display a dialogue to choose one if more are available. Any comments are of course welcome! 

Am 02.08.08 16:00 schrieb(en) Bruno Miguel:

> be improved, though.  If you have any ideas, they would be welcome!
The ability to create signing filters, so a specific email address would be automatically signed with a specific key, also allowing the sender to remove the signature if he wanted.
Well, I thought more about dealing with the GnuPG trust data, see <http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-1.html#ss1.3>. IMHO, the information you are referring to goes beyond the scope of Balsa and would better be stored in an address book or a similar data base. It could contain the following information for each person: 
* shall receive signed messages
  - yes/no
  - use key with ID xxx (optional)
* shall receive encrypted messages
  - yes/no
  - use key with ID yyy (optional)
* use protocol: RFC 2440/2633/3156
* (maybe more could be usefu8l, like default language etc.)
However, dealing with this information is not so easy - what should Balsa do if you send a message to multiple recipients with contradictory statements?
And now, when you send a message, you always get a dialogue to choose the key, right? 

I haven't tried that, yet. But I will do it in a moment.


May be superseded by the patch above...
I hope Balsa's community doesn't think I'm trying to force anything. I'm just suggesting features I would like to see in Balsa and I consider useful to other people. Unfortunately for me, I never learned how to code, so I can't send patches; only make suggestions, send debugs, etc.
Any feedback from users is always very welcome! It just sometimes needs some discussion before I completely understand /what/ you want... ;-) (and of course you have to find someone who thinks it really adds value to Balsa, and who codes it). 

Cheers,
Albrecht.

Index: src/sendmsg-window.c
===================================================================
--- src/sendmsg-window.c	(Revision 7953)
+++ src/sendmsg-window.c	(Arbeitskopie)
@@ -5593,6 +5593,8 @@
             (bsmsg->gpg_mode & LIBBALSA_PROTECT_MODE) != 0 ? bsmsg->gpg_mode : 0;
     else
         message->gpg_mode = 0;
+    if (ident->force_key_id && *ident->force_key_id)
+        message->force_key_id = strdup(ident->force_key_id);
 #endif
 
     /* remember the parent window */
Index: doc/C/balsa.xml
===================================================================
--- doc/C/balsa.xml	(Revision 7953)
+++ doc/C/balsa.xml	(Arbeitskopie)
@@ -4044,6 +4044,19 @@
     </listitem>
   </varlistentry>
 
+  <varlistentry>
+    <term><guilabel>Use secret key with this id for signing.</guilabel></term>
+    <listitem>
+      <para>
+        Usually, &Balsa; automaticylly selects a proper secret key for cryptographic
+        signatures from the identity's mail address. Therefore, most users should
+        leave this entry empty. If you want to force using a specific secret key for
+        cryptographic signatures, enter the key id here. You can get the key id by
+        running the command 'gpg --list-secret-keys'.
+      </para>
+    </listitem>
+  </varlistentry>
+
 </variablelist>
 
 <note>
Index: libbalsa/identity.h
===================================================================
--- libbalsa/identity.h	(Revision 7953)
+++ libbalsa/identity.h	(Arbeitskopie)
@@ -87,6 +87,7 @@
 	gboolean always_trust;
 	gboolean warn_send_plain;
 	gint crypt_protocol;
+        gchar *force_key_id;
 #endif
 #if ENABLE_ESMTP
 	LibBalsaSmtpServer *smtp_server;
Index: libbalsa/gmime-gpgme-context.c
===================================================================
--- libbalsa/gmime-gpgme-context.c	(Revision 7953)
+++ libbalsa/gmime-gpgme-context.c	(Arbeitskopie)
@@ -860,14 +860,25 @@
 
     if (!keys) {
 	if (error) {
-	    if (found_bad)
-		g_set_error(error, GPGME_ERROR_QUARK, GPG_ERR_KEY_SELECTION,
-			    _("%s: a key for %s is present, but it is expired, disabled, revoked or invalid"),
-			    "gmime-gpgme", name);
-	    else
-		g_set_error(error, GPGME_ERROR_QUARK, GPG_ERR_KEY_SELECTION,
-			    _("%s: could not find a key for %s"),
-			    "gmime-gpgme", name);
+            if (strchr(name, '@')) {
+                if (found_bad)
+                    g_set_error(error, GPGME_ERROR_QUARK, GPG_ERR_KEY_SELECTION,
+                                _("%s: a key for %s is present, but it is expired, disabled, revoked or invalid"),
+                                "gmime-gpgme", name);
+                else
+                    g_set_error(error, GPGME_ERROR_QUARK, GPG_ERR_KEY_SELECTION,
+                                _("%s: could not find a key for %s"),
+                                "gmime-gpgme", name);
+            } else {
+                if (found_bad)
+                    g_set_error(error, GPGME_ERROR_QUARK, GPG_ERR_KEY_SELECTION,
+                                _("%s: a key with id %s is present, but it is expired, disabled, revoked or invalid"),
+                                "gmime-gpgme", name);
+                else
+                    g_set_error(error, GPGME_ERROR_QUARK, GPG_ERR_KEY_SELECTION,
+                                _("%s: could not find a key with id %s"),
+                                "gmime-gpgme", name);
+            }
 	}
 	return NULL;
     }
Index: libbalsa/message.c
===================================================================
--- libbalsa/message.c	(Revision 7953)
+++ libbalsa/message.c	(Arbeitskopie)
@@ -101,6 +101,7 @@
     message->has_all_headers = 0;
 #ifdef HAVE_GPGME
     message->prot_state = LIBBALSA_MSG_PROTECT_NONE;
+    message->force_key_id = NULL;
 #endif
 }
 
@@ -177,6 +178,11 @@
 	g_object_unref(message->mime_msg);
 	message->mime_msg = NULL;
     }
+
+#ifdef HAVE_GPGME
+    g_free(message->force_key_id);
+#endif
+
     G_OBJECT_CLASS(parent_class)->finalize(object);
 }
 
Index: libbalsa/message.h
===================================================================
--- libbalsa/message.h	(Revision 7953)
+++ libbalsa/message.h	(Arbeitskopie)
@@ -207,6 +207,9 @@
 
     /* protection (i.e. sign/encrypt) status (received message) */
     LibBalsaMsgProtectState prot_state;
+
+    /* forced id of the senders secret key, empty to choose it from the mail address */
+    gchar * force_key_id;
 #endif
 
     /* a forced multipart subtype or NULL for mixed; used only for
Index: libbalsa/send.c
===================================================================
--- libbalsa/send.c	(Revision 7953)
+++ libbalsa/send.c	(Arbeitskopie)
@@ -2042,6 +2042,9 @@
 lb_send_from(LibBalsaMessage *message)
 {
     InternetAddress *ia = message->headers->from->address;
+
+    if (message->force_key_id)
+        return message->force_key_id;
     
     if (ia->type == INTERNET_ADDRESS_NONE)
 	return NULL;
Index: libbalsa/identity.c
===================================================================
--- libbalsa/identity.c	(Revision 7953)
+++ libbalsa/identity.c	(Arbeitskopie)
@@ -116,6 +116,7 @@
     ident->always_trust = FALSE;
     ident->warn_send_plain = TRUE;
     ident->crypt_protocol = LIBBALSA_PROTECT_OPENPGP;
+    ident->force_key_id = NULL;
 #endif
     ident->request_mdn = FALSE;
     /*
@@ -146,6 +147,9 @@
 #endif                          /* ENABLE_ESMTP */
     g_free(ident->face);
     g_free(ident->x_face);
+#ifdef HAVE_GPGME
+    g_free(ident->force_key_id);
+#endif
 
     G_OBJECT_CLASS(parent_class)->finalize(object);
 }
@@ -1067,6 +1071,9 @@
     ident_dialog_add_checkbutton(table, row++, dialog,
                                  _("remind me if messages can be encrypted"),
                                  "identity-warn-send-plain", TRUE);
+    ident_dialog_add_entry(table, row++, dialog,
+                           _("use secret key with this id for signing\n(leave empty for automatic selection)"), 
+                           "identity-keyid");
 #ifndef HAVE_GPGME
     gtk_widget_set_sensitive(table, FALSE);
 #endif
@@ -1511,6 +1518,7 @@
     id->warn_send_plain = ident_dialog_get_bool(dlg, "identity-warn-send-plain");
     id->crypt_protocol  = GPOINTER_TO_INT(ident_dialog_get_value
                                           (dlg, "identity-crypt-protocol"));
+    id->force_key_id    = g_strstrip(ident_dialog_get_text(dlg, "identity-keyid"));
 #endif
    
     return TRUE;
@@ -1895,6 +1903,7 @@
                               ident->warn_send_plain);    
     display_frame_set_gpg_mode(dialog, "identity-crypt-protocol",
 			   &ident->crypt_protocol);
+    display_frame_set_field(dialog, "identity-keyid", ident->force_key_id);
 #endif
 }
 
@@ -1997,6 +2006,7 @@
     ident->always_trust = libbalsa_conf_get_bool("GpgTrustAlways");
     ident->warn_send_plain = libbalsa_conf_get_bool("GpgWarnSendPlain=true");
     ident->crypt_protocol = libbalsa_conf_get_int("CryptProtocol=16");
+    ident->force_key_id = libbalsa_conf_get_string("ForceKeyID");
 #endif
 
     return ident;
@@ -2044,6 +2054,7 @@
     libbalsa_conf_set_bool("GpgTrustAlways", ident->always_trust);
     libbalsa_conf_set_bool("GpgWarnSendPlain", ident->warn_send_plain);
     libbalsa_conf_set_int("CryptProtocol", ident->crypt_protocol);
+    libbalsa_conf_set_string("ForceKeyID", ident->force_key_id);
 #endif
 
     libbalsa_conf_pop_group();

Attachment: pgpZNF5iDVf4a.pgp
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]