my computing environment

View the Project on GitHub creichert/dotfiles

20 October 2018

Fetch unknown PGP keys in Gnus

by creichert

If you use Gnus for Emacs to manage your mail, and have enabled “buttonized” PGP parts, you may eventually come across a signature that you don’t have the public key for:

"[[PGP Signed Part:No public key for

While fetching the key from the command-line or your PGP client is not difficult, it’s much easier to have a simple keybinding that fetches the public key directly from Gnus.

I’ve written the following elisp function to solve this problem, originally inspired by a discussion in the Gnus mailing list1:

(use-package gnus
  (defun gnus-article-receive-epg-keys ()
    "Fetch unknown PGP public keys for a signed a signed message. [[PGP Signed Part: ... ]]"
    (with-current-buffer gnus-article-buffer
        (goto-char (point-min))
            (re-search-forward "\\[\\[PGP Signed Part:No public key for \\([A-F0-9]\\{16,16\\}\\) created at "
                               nil 'noerror)
            (shell-command (format "gpg --keyserver %s --recv-keys %s"
                                   (match-string 1)))
          (message "No unknown signed parts found."))

  :bind (:map gnus-summary-mode-map
         ("C-c k" . gnus-article-receive-epg-keys)
         :map gnus-article-mode-map
         ("C-c k" . gnus-article-receive-epg-keys))

  (setq gnus-treat-x-pgp-sig t))

Now, in the Gnus summary or article buffer, simply hit C-c k when you want to fetch and validate the signature for a mail when it’s missing.