Mercurial > emacs

comparison lisp/epa-file.el @ 91647:f9692dfe86e7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
EasyPG: Initial check-in.
author Michael Olson <mwolson@gnu.org>
date Fri, 08 Feb 2008 06:54:27 +0000
parents
children d125b90283d2
comparison
equal deleted inserted replaced
91646:b8a7a2e4976d 91647:f9692dfe86e7
1 ;;; epa-file.el --- the EasyPG Assistant, transparent file encryption
2 ;; Copyright (C) 2006, 2007, 2008 Free Software Foundation, Inc.
3
4 ;; Author: Daiki Ueno <ueno@unixuser.org>
5 ;; Keywords: PGP, GnuPG
6
7 ;; This file is part of GNU Emacs.
8
9 ;; GNU Emacs is free software; you can redistribute it and/or modify
10 ;; it under the terms of the GNU General Public License as published by
11 ;; the Free Software Foundation; either version 3, or (at your option)
12 ;; any later version.
13
14 ;; GNU Emacs is distributed in the hope that it will be useful,
15 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
16 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 ;; GNU General Public License for more details.
18
19 ;; You should have received a copy of the GNU General Public License
20 ;; along with GNU Emacs; see the file COPYING. If not, write to the
21 ;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
22 ;; Boston, MA 02110-1301, USA.
23
24 ;;; Code:
25
26 (require 'epa)
27
28 (defgroup epa-file nil
29 "The EasyPG Assistant hooks for transparent file encryption"
30 :group 'epa)
31
32 (defun epa-file--file-name-regexp-set (variable value)
33 (set-default variable value)
34 (if (fboundp 'epa-file-name-regexp-update)
35 (epa-file-name-regexp-update)))
36
37 (defcustom epa-file-name-regexp "\\.gpg\\(~\\|\\.~[0-9]+~\\)?\\'"
38 "Regexp which matches filenames to be encrypted with GnuPG.
39
40 If you set this outside Custom while epa-file is already enabled, you
41 have to call `epa-file-name-regexp-update' after setting it to
42 properly update file-name-handler-alist. Setting this through Custom
43 does that automatically."
44 :type 'regexp
45 :group 'epa-file
46 :set 'epa-file--file-name-regexp-set)
47
48 (defcustom epa-file-cache-passphrase-for-symmetric-encryption nil
49 "If non-nil, cache passphrase for symmetric encryption."
50 :type 'boolean
51 :group 'epa-file)
52
53 (defcustom epa-file-inhibit-auto-save t
54 "If non-nil, disable auto-saving when opening an encrypted file."
55 :type 'boolean
56 :group 'epa-file)
57
58 (defcustom epa-file-select-keys nil
59 "If non-nil, always asks user to select recipients."
60 :type 'boolean
61 :group 'epa-file)
62
63 (defvar epa-file-encrypt-to nil
64 "*Recipient(s) used for encrypting files.
65 May either be a string or a list of strings.")
66
67 ;;;###autoload
68 (put 'epa-file-encrypt-to 'safe-local-variable
69 (lambda (val)
70 (or (stringp val)
71 (and (listp val)
72 (catch 'safe
73 (mapc (lambda (elt)
74 (unless (stringp elt)
75 (throw 'safe nil)))
76 val)
77 t)))))
78
79 ;;;###autoload
80 (put 'epa-file-encrypt-to 'permanent-local t)
81
82 (defvar epa-file-handler
83 (cons epa-file-name-regexp 'epa-file-handler))
84
85 (defvar epa-file-auto-mode-alist-entry
86 (list epa-file-name-regexp nil 'epa-file))
87
88 (defvar epa-file-passphrase-alist nil)
89
90 (eval-and-compile
91 (if (fboundp 'encode-coding-string)
92 (defalias 'epa-file--encode-coding-string 'encode-coding-string)
93 (defalias 'epa-file--encode-coding-string 'identity)))
94
95 (eval-and-compile
96 (if (fboundp 'decode-coding-string)
97 (defalias 'epa-file--decode-coding-string 'decode-coding-string)
98 (defalias 'epa-file--decode-coding-string 'identity)))
99
100 (defun epa-file-name-regexp-update ()
101 (interactive)
102 (unless (equal (car epa-file-handler) epa-file-name-regexp)
103 (setcar epa-file-handler epa-file-name-regexp)))
104
105 (defun epa-file-passphrase-callback-function (context key-id file)
106 (if (and epa-file-cache-passphrase-for-symmetric-encryption
107 (eq key-id 'SYM))
108 (progn
109 (setq file (file-truename file))
110 (let ((entry (assoc file epa-file-passphrase-alist))
111 passphrase)
112 (or (copy-sequence (cdr entry))
113 (progn
114 (unless entry
115 (setq entry (list file)
116 epa-file-passphrase-alist
117 (cons entry
118 epa-file-passphrase-alist)))
119 (setq passphrase (epa-passphrase-callback-function context
120 key-id nil))
121 (setcdr entry (copy-sequence passphrase))
122 passphrase))))
123 (epa-passphrase-callback-function context key-id nil)))
124
125 (defun epa-file-handler (operation &rest args)
126 (save-match-data
127 (let ((op (get operation 'epa-file)))
128 (if op
129 (apply op args)
130 (epa-file-run-real-handler operation args)))))
131
132 (defun epa-file-run-real-handler (operation args)
133 (let ((inhibit-file-name-handlers
134 (cons 'epa-file-handler
135 (and (eq inhibit-file-name-operation operation)
136 inhibit-file-name-handlers)))
137 (inhibit-file-name-operation operation))
138 (apply operation args)))
139
140 (defun epa-file-decode-and-insert (string file visit beg end replace)
141 (if (fboundp 'decode-coding-inserted-region)
142 (save-restriction
143 (narrow-to-region (point) (point))
144 (let ((multibyte enable-multibyte-characters))
145 (set-buffer-multibyte nil)
146 (insert string)
147 (set-buffer-multibyte multibyte)
148 (decode-coding-inserted-region
149 (point-min) (point-max)
150 (substring file 0 (string-match epa-file-name-regexp file))
151 visit beg end replace)))
152 (insert (epa-file--decode-coding-string string (or coding-system-for-read
153 'undecided)))))
154
155 (defvar last-coding-system-used)
156 (defun epa-file-insert-file-contents (file &optional visit beg end replace)
157 (barf-if-buffer-read-only)
158 (if (and visit (or beg end))
159 (error "Attempt to visit less than an entire file"))
160 (setq file (expand-file-name file))
161 (let* ((local-copy
162 (condition-case inl
163 (epa-file-run-real-handler #'file-local-copy (list file))
164 (error)))
165 (local-file (or local-copy file))
166 (context (epg-make-context))
167 string length entry)
168 (if visit
169 (setq buffer-file-name file))
170 (epg-context-set-passphrase-callback
171 context
172 (cons #'epa-file-passphrase-callback-function
173 local-file))
174 (epg-context-set-progress-callback context
175 #'epa-progress-callback-function)
176 (unwind-protect
177 (progn
178 (if replace
179 (goto-char (point-min)))
180 (condition-case error
181 (setq string (epg-decrypt-file context local-file nil))
182 (error
183 (if (setq entry (assoc file epa-file-passphrase-alist))
184 (setcdr entry nil))
185 (signal 'file-error
186 (cons "Opening input file" (cdr error)))))
187 (make-local-variable 'epa-file-encrypt-to)
188 (setq epa-file-encrypt-to
189 (mapcar #'car (epg-context-result-for context 'encrypted-to)))
190 (if (or beg end)
191 (setq string (substring string (or beg 0) end)))
192 (save-excursion
193 (save-restriction
194 (narrow-to-region (point) (point))
195 (epa-file-decode-and-insert string file visit beg end replace)
196 (setq length (- (point-max) (point-min))))
197 (if replace
198 (delete-region (point) (point-max)))))
199 (if (and local-copy
200 (file-exists-p local-copy))
201 (delete-file local-copy)))
202 (list file length)))
203 (put 'insert-file-contents 'epa-file 'epa-file-insert-file-contents)
204
205 (defun epa-file-write-region (start end file &optional append visit lockname
206 mustbenew)
207 (if append
208 (error "Can't append to the file."))
209 (setq file (expand-file-name file))
210 (let* ((coding-system (or coding-system-for-write
211 (if (fboundp 'select-safe-coding-system)
212 ;; This is needed since Emacs 22 has
213 ;; no-conversion setting for *.gpg in
214 ;; `auto-coding-alist'.
215 (let ((buffer-file-name
216 (file-name-sans-extension file)))
217 (select-safe-coding-system
218 (point-min) (point-max)))
219 buffer-file-coding-system)))
220 (context (epg-make-context))
221 (coding-system-for-write 'binary)
222 string entry
223 (recipients
224 (cond
225 ((listp epa-file-encrypt-to) epa-file-encrypt-to)
226 ((stringp epa-file-encrypt-to) (list epa-file-encrypt-to)))))
227 (epg-context-set-passphrase-callback
228 context
229 (cons #'epa-file-passphrase-callback-function
230 file))
231 (epg-context-set-progress-callback context
232 #'epa-progress-callback-function)
233 (epg-context-set-armor context epa-armor)
234 (condition-case error
235 (setq string
236 (epg-encrypt-string
237 context
238 (if (stringp start)
239 (epa-file--encode-coding-string start coding-system)
240 (epa-file--encode-coding-string (buffer-substring start end)
241 coding-system))
242 (if (or epa-file-select-keys
243 (not (local-variable-p 'epa-file-encrypt-to
244 (current-buffer))))
245 (epa-select-keys
246 context
247 "Select recipents for encryption.
248 If no one is selected, symmetric encryption will be performed. "
249 recipients)
250 (if epa-file-encrypt-to
251 (epg-list-keys context recipients)))))
252 (error
253 (if (setq entry (assoc file epa-file-passphrase-alist))
254 (setcdr entry nil))
255 (signal 'file-error (cons "Opening output file" (cdr error)))))
256 (epa-file-run-real-handler
257 #'write-region
258 (list string nil file append visit lockname mustbenew))
259 (if (boundp 'last-coding-system-used)
260 (setq last-coding-system-used coding-system))
261 (if (eq visit t)
262 (progn
263 (setq buffer-file-name file)
264 (set-visited-file-modtime))
265 (if (stringp visit)
266 (progn
267 (set-visited-file-modtime)
268 (setq buffer-file-name visit))))
269 (if (or (eq visit t)
270 (eq visit nil)
271 (stringp visit))
272 (message "Wrote %s" buffer-file-name))))
273 (put 'write-region 'epa-file 'epa-file-write-region)
274
275 (defun epa-file-find-file-hook ()
276 (if (and buffer-file-name
277 (string-match epa-file-name-regexp buffer-file-name)
278 epa-file-inhibit-auto-save)
279 (auto-save-mode 0))
280 (set-buffer-modified-p nil))
281
282 (defun epa-file-select-keys ()
283 "Select recipients for encryption."
284 (interactive)
285 (make-local-variable 'epa-file-encrypt-to)
286 (setq epa-file-encrypt-to
287 (epa-select-keys
288 (epg-make-context)
289 "Select recipents for encryption.
290 If no one is selected, symmetric encryption will be performed. ")))
291
292 ;;;###autoload
293 (defun epa-file-enable ()
294 (interactive)
295 (if (memq epa-file-handler file-name-handler-alist)
296 (message "`epa-file' already enabled")
297 (setq file-name-handler-alist
298 (cons epa-file-handler file-name-handler-alist))
299 (add-hook 'find-file-hooks 'epa-file-find-file-hook)
300 (setq auto-mode-alist (cons epa-file-auto-mode-alist-entry auto-mode-alist))
301 (message "`epa-file' enabled")))
302
303 ;;;###autoload
304 (defun epa-file-disable ()
305 (interactive)
306 (if (memq epa-file-handler file-name-handler-alist)
307 (progn
308 (setq file-name-handler-alist
309 (delq epa-file-handler file-name-handler-alist))
310 (remove-hook 'find-file-hooks 'epa-file-find-file-hook)
311 (setq auto-mode-alist (delq epa-file-auto-mode-alist-entry
312 auto-mode-alist))
313 (message "`epa-file' disabled"))
314 (message "`epa-file' already disabled")))
315
316 (provide 'epa-file)
317
318 ;;; epa-file.el ends here