Hello,

thanks for aerc, it's amazing!

I'm having an issue with using gpg which might be a little unique:
The IMAP/SMTP account I use has different identities, e.g. private and
public (say, private@mail.com and public@mail.com both arrive at
private@mail.com), and sending is possible with both identities. The way
I've been using gpg is that for each identity I have a separate key
pair, the reason being that I don't necessarily want to sign/encrypt
private@mail.com with public@mail.com and vice-versa.

This wasn't an issue with neomutt, my previous MUA, as you can simply
select another key to use.
Is this possible for aerc somehow? It seems that `:sign` and `:encrypt`
(neither of which I can find in `aerc(1)`) both don't support specifying
a key.

Is there a way to make this work? Or maybe my way of using gpg is
non-standard and I should be using one key pair for both identities?

Thanks!

-- 
witcher

On Wed Mar 1, 2023 at 3:25 PM CET, witcher wrote:
> (neither of which I can find in `aerc(1)`)
This is now tracked in https://todo.sr.ht/~rjarry/aerc/144

The gpg integration was largely done by Tim, so he might be able to help
you in finding a satisfactory solution.

-- 
Moritz Poldrack
https://moritz.sh

On Wed Mar 1, 2023 at 8:25 AM CST, witcher wrote:
> Hello,
>
> thanks for aerc, it's amazing!
>
> I'm having an issue with using gpg which might be a little unique:
> The IMAP/SMTP account I use has different identities, e.g. private and
> public (say, private@mail.com and public@mail.com both arrive at
> private@mail.com), and sending is possible with both identities. The way
> I've been using gpg is that for each identity I have a separate key
> pair, the reason being that I don't necessarily want to sign/encrypt
> private@mail.com with public@mail.com and vice-versa.
>
> This wasn't an issue with neomutt, my previous MUA, as you can simply
> select another key to use.
> Is this possible for aerc somehow? It seems that `:sign` and `:encrypt`
> (neither of which I can find in `aerc(1)`) both don't support specifying
> a key.
>
> Is there a way to make this work? Or maybe my way of using gpg is
> non-standard and I should be using one key pair for both identities?

Hey -

This should work as you want if you don't set 'pgp-key-id' in your
config. As long as the From header is the email address you want to
encrypt from, aerc will run: 

	gpg --list-secret-keys <email>

in order to find which key to sign with.

-- 
Tim

> As long as the From header is the email address you want to
> encrypt from

That doesn't seem to work for me - neither
> "Real Name" <private@mail.com>
nor
> private@mail.com
in the From header makes aerc uses the key of "private@mail.com" for
signing.

My `accounts.conf` doesn't set `pgp-key-id`, but it sets `from` and
`aliases` to the public and private addresses respectively. Whenever I
send an email from private@mail.com I just change the `From` field to
that email address.
`pgp-opportunistic-encrypt` is set to `true`, if it matters.

On Wed Mar 1, 2023 at 12:37 PM CST, witcher wrote:
> > As long as the From header is the email address you want to
> > encrypt from
>
> That doesn't seem to work for me - neither
> > "Real Name" <private@mail.com>
> nor
> > private@mail.com
> in the From header makes aerc uses the key of "private@mail.com" for
> signing.
>
> My `accounts.conf` doesn't set `pgp-key-id`, but it sets `from` and
> `aliases` to the public and private addresses respectively. Whenever I
> send an email from private@mail.com I just change the `From` field to
> that email address.
> `pgp-opportunistic-encrypt` is set to `true`, if it matters.

If you run `gpg --list-secret-keys private@mail.com`, do you get a
result?

> If you run `gpg --list-secret-keys private@mail.com`, do you get a
> result?

I do - I get the correct email with a different key id than
public@mail.com.

Wild guess: From a quick look at the code it seems like the `from` field
in `accounts.conf` is read, not the `From` header of the email:
widgets/compose.go +399
This could explain my issue.

I'm not familiar with the aerc codebase at all, so it might be I'm
wrong. Thought I'd mention it for the chance I'm not :)

witcher, Mar 01, 2023 at 20:11:
> Wild guess: From a quick look at the code it seems like the `from` field
> in `accounts.conf` is read, not the `From` header of the email:
> widgets/compose.go +399
> This could explain my issue.
>
> I'm not familiar with the aerc codebase at all, so it might be I'm
> wrong. Thought I'd mention it for the chance I'm not :)

Just a wild guess: can you ensure that you have the following:

    [general]
    pgp-provider = auto

or

    [general]
    pgp-provider = gpg

in ~/.config/aerc/aerc.conf ?

On Thu Mar 2, 2023 at 2:57 PM CET, Robin Jarry wrote:
> witcher, Mar 01, 2023 at 20:11:
> Just a wild guess: can you ensure that you have the following:
>
>     [general]
>     pgp-provider = auto
>
> or
>
>     [general]
>     pgp-provider = gpg
>
> in ~/.config/aerc/aerc.conf ?

I have the following set in ~/.config/aerc/aerc.conf:

    [general]
    pgp-provider=gpg

On Wed Mar 1, 2023 at 1:11 PM CST, witcher wrote:
> Wild guess: From a quick look at the code it seems like the `from` field
> in `accounts.conf` is read, not the `From` header of the email:
> widgets/compose.go +399
> This could explain my issue.

Yeah, that's what is happening. This should be changed to pull the From
header. Would you be willing to work on a patch? I can give some
guidance if you need!

-- 
Tim

On Thu Mar 2, 2023 at 3:42 PM CET, Tim Culverhouse wrote:
> Would you be willing to work on a patch? I can give some guidance if
> you need!

Gladly! I'll have a look at it in the evening and will get back to you
if needed!