Mercurial > emacs
annotate doc/misc/epa.texi @ 95948:d55ec23f052d
*** empty log message ***
| author | Glenn Morris <rgm@gnu.org> |
|---|---|
| date | Sun, 15 Jun 2008 02:53:17 +0000 |
| parents | a6193201ca6a |
| children | 0080e1e64a78 |
| rev | line source |
|---|---|
| 91647 | 1 \input texinfo @c -*- mode: texinfo -*- |
| 2 @c %**start of header | |
| 3 @setfilename ../../info/epa | |
| 4 @settitle EasyPG Assistant User's Manual | |
| 5 @c %**end of header | |
| 6 | |
| 7 @set VERSION 1.0.0 | |
| 8 | |
| 9 @copying | |
| 10 This file describes EasyPG Assistant. | |
| 11 | |
| 12 Copyright @copyright{} 2007, 2008 Free Software Foundation, Inc. | |
| 13 | |
| 14 @quotation | |
| 15 Permission is granted to copy, distribute and/or modify this document | |
| 16 under the terms of the GNU Free Documentation License, Version 1.2 or | |
| 17 any later version published by the Free Software Foundation; with no | |
| 18 Invariant Sections, with no Front-Cover Texts, and with no Back-Cover | |
|
95927
a6193201ca6a
Refer to license in Emacs manual.
Glenn Morris <rgm@gnu.org>
parents:
93506
diff
changeset
|
19 Texts. A copy of the license is included in the section entitled ``GNU |
|
a6193201ca6a
Refer to license in Emacs manual.
Glenn Morris <rgm@gnu.org>
parents:
93506
diff
changeset
|
20 Free Documentation License'' in the Emacs manual. |
|
a6193201ca6a
Refer to license in Emacs manual.
Glenn Morris <rgm@gnu.org>
parents:
93506
diff
changeset
|
21 |
|
a6193201ca6a
Refer to license in Emacs manual.
Glenn Morris <rgm@gnu.org>
parents:
93506
diff
changeset
|
22 This document is part of a collection distributed under the GNU Free |
|
a6193201ca6a
Refer to license in Emacs manual.
Glenn Morris <rgm@gnu.org>
parents:
93506
diff
changeset
|
23 Documentation License. If you want to distribute this document |
|
a6193201ca6a
Refer to license in Emacs manual.
Glenn Morris <rgm@gnu.org>
parents:
93506
diff
changeset
|
24 separately from the collection, you can do so by adding a copy of the |
|
a6193201ca6a
Refer to license in Emacs manual.
Glenn Morris <rgm@gnu.org>
parents:
93506
diff
changeset
|
25 license to the document, as described in section 6 of the license. |
| 91647 | 26 @end quotation |
| 27 @end copying | |
| 28 | |
| 29 @dircategory Emacs | |
| 30 @direntry | |
| 31 * EasyPG Assistant: (epa). An Emacs user interface to GNU Privacy Guard. | |
| 32 @end direntry | |
| 33 | |
| 34 | |
| 35 @titlepage | |
| 36 @title EasyPG Assistant | |
| 37 | |
| 38 @author by Daiki Ueno | |
| 39 @page | |
| 40 | |
| 41 @vskip 0pt plus 1filll | |
| 42 @insertcopying | |
| 43 @end titlepage | |
| 44 @page | |
| 45 | |
| 46 @c @summarycontents | |
| 47 @c @contents | |
| 48 | |
| 49 @node Top | |
| 50 @top EasyPG Assistant user's manual | |
| 51 | |
| 52 EasyPG Assistant is an Emacs user interface to GNU Privacy Guard | |
| 53 (GnuPG, @pxref{Top, , Top, gnupg, Using the GNU Privacy Guard}). | |
| 54 | |
| 55 EasyPG Assistant is a part of the package called EasyPG, an all-in-one | |
| 56 GnuPG interface for Emacs. EasyPG also contains the library interface | |
| 57 called EasyPG Library. | |
| 58 | |
| 59 @noindent | |
| 60 This manual covers EasyPG version @value{VERSION}. | |
| 61 | |
| 62 @menu | |
| 63 * Overview:: | |
| 64 * Quick start:: | |
| 65 * Commands:: | |
| 66 @end menu | |
| 67 | |
| 68 @node Overview | |
| 69 @chapter Overview | |
| 70 | |
| 71 EasyPG Assistant provides the following features. | |
| 72 | |
| 73 @itemize @bullet | |
|
91808
72f7da265a92
(Overview): Fix typo.
Romain Francoise <romain@orebokech.com>
parents:
91787
diff
changeset
|
74 @item Key management. |
| 91647 | 75 @item Cryptographic operations on regions. |
| 76 @item Cryptographic operations on files. | |
| 77 @item Dired integration. | |
| 78 @item Mail-mode integration. | |
| 79 @item Automatic encryption/decryption of *.gpg files. | |
| 80 @end itemize | |
| 81 | |
| 82 @node Quick start | |
| 83 @chapter Quick start | |
| 84 | |
|
91787
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
85 EasyPG Assistant commands are prefixed by @samp{epa-}. For example, |
| 91647 | 86 |
| 87 @itemize @bullet | |
| 88 @item To browse your keyring, type @kbd{M-x epa-list-keys} | |
| 89 | |
| 90 @item To create a cleartext signature of the region, type @kbd{M-x epa-sign-region} | |
|
91787
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
91 |
|
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
92 @item To encrypt a file, type @kbd{M-x epa-encrypt-file} |
| 91647 | 93 @end itemize |
| 94 | |
|
91787
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
95 EasyPG Assistant provides several cryptographic features which can be |
|
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
96 integrated into other Emacs functionalities. For example, automatic |
|
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
97 encryption/decryption of @samp{*.gpg} files. |
|
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
98 |
|
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
99 To install these features, do @kbd{C-u 1 M-x epa-mode}. It can also |
|
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
100 be turned on by customize. Try @kbd{M-x customize-variable epa-mode}. |
|
457a4ba95667
EasyPG: Update manual, menu label, epa-menu-mode->epa-mode, dired minor mode.
Michael Olson <mwolson@gnu.org>
parents:
91731
diff
changeset
|
101 |
| 91647 | 102 @node Commands |
| 103 @chapter Commands | |
| 104 | |
| 105 This chapter introduces various commands for typical use cases. | |
| 106 | |
| 107 @menu | |
| 108 * Key management:: | |
| 109 * Cryptographic operations on regions:: | |
| 110 * Cryptographic operations on files:: | |
| 111 * Dired integration:: | |
| 112 * Mail-mode integration:: | |
| 113 * Encrypting/decrypting *.gpg files:: | |
| 114 @end menu | |
| 115 | |
| 116 @node Key management | |
| 117 @section Key management | |
| 118 Probably the first step of using EasyPG Assistant is to browse your | |
| 119 keyring. @kbd{M-x epa-list-keys} is corresponding to @samp{gpg | |
| 120 --list-keys} from the command line. | |
| 121 | |
| 122 @deffn Command epa-list-keys name mode | |
| 123 Show all keys matched with @var{name} from the public keyring. | |
| 124 @end deffn | |
| 125 | |
| 126 @noindent | |
| 127 The output looks as follows. | |
| 128 | |
| 129 @example | |
| 130 u A5B6B2D4B15813FE Daiki Ueno <ueno@@unixuser.org> | |
| 131 @end example | |
| 132 | |
| 133 @noindent | |
| 134 A character on the leftmost column indicates the trust level of the | |
| 135 key. If it is @samp{u}, the key is marked as ultimately trusted. The | |
| 136 second column is the key ID, and the rest is the user ID. | |
| 137 | |
| 138 You can move over entries by @key{TAB}. If you type @key{RET} or | |
| 139 click button1 on an entry, you will see more detailed information | |
| 140 about the key you selected. | |
| 141 | |
| 142 @example | |
| 143 u Daiki Ueno <ueno@@unixuser.org> | |
| 144 u A5B6B2D4B15813FE 1024bits DSA | |
| 145 Created: 2001-10-09 | |
| 146 Expires: 2007-09-04 | |
| 147 Capabilities: sign certify | |
| 148 Fingerprint: 8003 7CD0 0F1A 9400 03CA 50AA A5B6 B2D4 B158 13FE | |
| 149 u 4447461B2A9BEA2D 2048bits ELGAMAL_E | |
| 150 Created: 2001-10-09 | |
| 151 Expires: 2007-09-04 | |
| 152 Capabilities: encrypt | |
| 153 Fingerprint: 9003 D76B 73B7 4A8A E588 10AF 4447 461B 2A9B EA2D | |
| 154 @end example | |
| 155 | |
| 156 @noindent | |
| 157 To browse your private keyring, use @kbd{M-x epa-list-secret-keys}. | |
| 158 | |
| 159 @deffn Command epa-list-secret-keys name | |
| 160 Show all keys matched with @var{name} from the private keyring. | |
| 161 @end deffn | |
| 162 | |
| 163 @noindent | |
| 164 In @samp{*Keys*} buffer, several commands are available. The common | |
| 165 use case is to export some keys to a file. To do that, type @kbd{m} | |
| 166 to select keys, type @kbd{o}, and then supply the filename. | |
| 167 | |
| 168 Below are other commands related to key management. Some of them take | |
| 169 a file as input/output, and others take the current region. | |
| 170 | |
| 171 @deffn Command epa-insert-keys keys | |
| 172 Insert selected @var{keys} after the point. It will let you select | |
| 173 keys before insertion. By default, it will encode keys in the OpenPGP | |
| 174 armor format. | |
| 175 @end deffn | |
| 176 | |
| 177 @deffn Command epa-import-keys file | |
| 178 Import keys from @var{file} to your keyring. | |
| 179 @end deffn | |
| 180 | |
| 181 @deffn Command epa-import-keys-region start end | |
| 182 Import keys from the current region between @var{start} and @var{end} | |
| 183 to your keyring. | |
| 184 @end deffn | |
| 185 | |
| 186 @deffn Command epa-import-armor-in-region start end | |
| 187 Import keys in the OpenPGP armor format in the current region between | |
| 188 @var{start} and @var{end}. The difference from | |
| 189 @code{epa-import-keys-region} is that | |
| 190 @code{epa-import-armor-in-region} searches armors in the region and | |
| 191 applies @code{epa-import-keys-region} to each of them. | |
| 192 @end deffn | |
| 193 | |
| 194 @deffn Command epa-delete-keys allow-secret | |
| 195 Delete selected keys. If @var{allow-secret} is non-@code{nil}, it | |
| 196 also delete the secret keys. | |
| 197 @end deffn | |
| 198 | |
| 199 @node Cryptographic operations on regions | |
| 200 @section Cryptographic operations on regions | |
| 201 | |
| 202 @deffn Command epa-decrypt-region start end | |
| 203 Decrypt the current region between @var{start} and @var{end}. It | |
| 204 replaces the region with the decrypted text. | |
| 205 @end deffn | |
| 206 | |
| 207 @deffn Command epa-decrypt-armor-in-region start end | |
| 208 Decrypt OpenPGP armors in the current region between @var{start} and | |
| 209 @var{end}. The difference from @code{epa-decrypt-region} is that | |
| 210 @code{epa-decrypt-armor-in-region} searches armors in the region | |
| 211 and applies @code{epa-decrypt-region} to each of them. That is, this | |
| 212 command does not alter the original text around armors. | |
| 213 @end deffn | |
| 214 | |
| 215 @deffn Command epa-verify-region start end | |
| 216 Verify the current region between @var{start} and @var{end}. It sends | |
| 217 the verification result to the minibuffer or a popup window. It | |
| 218 replaces the region with the signed text. | |
| 219 @end deffn | |
| 220 | |
| 221 @deffn Command epa-verify-cleartext-in-region | |
| 222 Verify OpenPGP cleartext blocks in the current region between | |
| 223 @var{start} and @var{end}. The difference from | |
| 224 @code{epa-verify-region} is that @code{epa-verify-cleartext-in-region} | |
| 225 searches OpenPGP cleartext blocks in the region and applies | |
| 226 @code{epa-verify-region} to each of them. That is, this command does | |
| 227 not alter the original text around OpenPGP cleartext blocks. | |
| 228 @end deffn | |
| 229 | |
| 230 @deffn Command epa-sign-region start end signers type | |
| 231 Sign the current region between @var{start} and @var{end}. By | |
| 232 default, it creates a cleartext signature. If a prefix argument is | |
| 233 given, it will let you select signing keys, and then a signature | |
| 234 type. | |
| 235 @end deffn | |
| 236 | |
| 237 @deffn Command epa-encrypt-region start end recipients sign signers | |
| 238 Encrypt the current region between @var{start} and @var{end}. It will | |
| 239 let you select recipients. If a prefix argument is given, it will | |
| 240 also ask you whether or not to sign the text before encryption and if | |
| 241 you answered yes, it will let you select the signing keys. | |
| 242 @end deffn | |
| 243 | |
| 244 @node Cryptographic operations on files | |
| 245 @section Cryptographic operations on files | |
| 246 | |
| 247 @deffn Command epa-decrypt-file file | |
| 248 Decrypt @var{file}. | |
| 249 @end deffn | |
| 250 | |
| 251 @deffn Command epa-verify-file file | |
| 252 Verify @var{file}. | |
| 253 @end deffn | |
| 254 | |
| 255 @deffn Command epa-sign-file file signers type | |
| 256 Sign @var{file}. If a prefix argument is given, it will let you | |
| 257 select signing keys, and then a signature type. | |
| 258 @end deffn | |
| 259 | |
| 260 @deffn Command epa-encrypt-file file recipients | |
| 261 Encrypt @var{file}. It will let you select recipients. | |
| 262 @end deffn | |
| 263 | |
| 264 @node Dired integration | |
| 265 @section Dired integration | |
| 266 | |
| 267 EasyPG Assistant extends Dired Mode for GNU Emacs to allow users to | |
| 268 easily do cryptographic operations on files. For example, | |
| 269 | |
| 270 @example | |
| 271 M-x dired | |
| 272 (mark some files) | |
| 273 : e (or M-x epa-dired-do-encrypt) | |
| 274 (select recipients by 'm' and click [OK]) | |
| 275 @end example | |
| 276 | |
| 277 @noindent | |
| 278 The following keys are assigned. | |
| 279 | |
| 280 @table @kbd | |
| 281 @item : d | |
| 282 @kindex @kbd{: d} | |
| 283 @findex epa-dired-do-decrypt | |
| 284 Decrypt marked files. | |
| 285 | |
| 286 @item : v | |
| 287 @kindex @kbd{: v} | |
| 288 @findex epa-dired-do-verify | |
| 289 Verify marked files. | |
| 290 | |
| 291 @item : s | |
| 292 @kindex @kbd{: s} | |
| 293 @findex epa-dired-do-sign | |
| 294 Sign marked files. | |
| 295 | |
| 296 @item : e | |
| 297 @kindex @kbd{: e} | |
| 298 @findex epa-dired-do-encrypt | |
| 299 Encrypt marked files. | |
| 300 | |
| 301 @end table | |
| 302 | |
| 303 @node Mail-mode integration | |
| 304 @section Mail-mode integration | |
| 305 | |
| 306 EasyPG Assistant provides a minor mode to help user compose inline PGP | |
| 307 messages. Inline PGP is sending the OpenPGP blobs directly inside a | |
| 308 mail message and it is not recommended and you should consider to use | |
| 309 PGP/MIME. See | |
| 310 @uref{http://josefsson.org/inline-openpgp-considered-harmful.html, | |
| 311 Inline PGP in E-mail is bad, Mm'kay?}. | |
| 312 | |
| 313 @noindent | |
| 314 The following keys are assigned. | |
| 315 | |
| 316 @table @kbd | |
| 317 @item C-c C-e d | |
| 318 @kindex @kbd{C-c C-e d} | |
| 319 @findex epa-mail-decrypt | |
| 320 Decrypt OpenPGP armors in the current buffer. | |
| 321 | |
| 322 @item C-c C-e v | |
| 323 @kindex @kbd{C-c C-e v} | |
| 324 @findex epa-mail-verify | |
| 325 Verify OpenPGP cleartext signed messages in the current buffer. | |
| 326 | |
| 327 @item C-c C-e s | |
| 328 @kindex @kbd{C-c C-e s} | |
| 329 @findex epa-mail-sign | |
| 330 Compose a signed message from the current buffer. | |
| 331 | |
| 332 @item C-c C-e e | |
| 333 @kindex @kbd{C-c C-e e} | |
| 334 @findex epa-mail-encrypt | |
| 335 Compose an encrypted message from the current buffer. | |
| 336 | |
| 337 @end table | |
| 338 | |
| 339 @node Encrypting/decrypting *.gpg files | |
| 340 @section Encrypting/decrypting *.gpg files | |
| 341 Once @code{epa-setup} is loaded, every file whose extension is | |
| 342 @samp{.gpg} will be treated as encrypted. That is, when you attempt | |
| 343 to open such a file which already exists, the decrypted text is | |
| 344 inserted in the buffer rather than encrypted one. On the other hand, | |
| 345 when you attempt to save the buffer to a file whose extension is | |
| 346 @samp{.gpg}, encrypted data is written. | |
| 347 | |
| 348 If you want to temporarily disable this behavior, use @kbd{M-x | |
| 349 epa-file-disable}, and then to enable this behavior use @kbd{M-x | |
| 350 epa-file-enable}. | |
| 351 | |
| 352 @deffn Command epa-file-disable | |
| 353 Disable automatic encryption/decryption of *.gpg files. | |
| 354 @end deffn | |
| 355 | |
| 356 @deffn Command epa-file-enable | |
| 357 Enable automatic encryption/decryption of *.gpg files. | |
| 358 @end deffn | |
| 359 | |
| 360 @noindent | |
| 361 @code{epa-file} will let you select recipients. If you want to | |
| 362 suppress this question, it might be a good idea to put the following | |
| 363 line on the first line of the text being encrypted. | |
| 364 @vindex epa-file-encrypt-to | |
| 365 | |
| 366 @cartouche | |
| 367 @lisp | |
| 368 ;; -*- epa-file-encrypt-to: ("ueno@@unixuser.org") -*- | |
| 369 @end lisp | |
| 370 @end cartouche | |
| 371 | |
| 93506 | 372 The file name extension of encrypted files can be controlled by |
| 373 @var{epa-file-name-regexp}. | |
| 374 | |
| 375 @defvar epa-file-name-regexp | |
| 376 Regexp which matches filenames treated as encrypted. | |
| 377 @end defvar | |
| 378 | |
| 91647 | 379 Other variables which control the automatic encryption/decryption |
| 380 behavior are below. | |
| 381 | |
| 382 @defvar epa-file-cache-passphrase-for-symmetric-encryption | |
| 383 If non-@code{nil}, cache passphrase for symmetric encryption. The | |
| 384 default value is @code{nil}. | |
| 385 @end defvar | |
| 386 | |
| 387 @defvar epa-file-inhibit-auto-save | |
| 388 If non-@code{nil}, disable auto-saving when opening an encrypted file. | |
| 389 The default value is @code{t}. | |
| 390 @end defvar | |
| 391 | |
| 392 @bye | |
| 393 | |
| 394 @c End: | |
| 91687 | 395 |
| 396 @ignore | |
| 397 arch-tag: 7404e246-7d4c-4db4-9332-c1293a455a4f | |
| 398 @end ignore |