1 ;;; plstore.el --- secure plist store -*- lexical-binding: t -*-
2 ;; Copyright (C) 2011-2014 Free Software Foundation, Inc.
4 ;; Author: Daiki Ueno <ueno@unixuser.org>
5 ;; Keywords: PGP, GnuPG
7 ;; This file is part of GNU Emacs.
9 ;; GNU Emacs is free software: you can redistribute it and/or modify
10 ;; it under the terms of the GNU General Public License as published by
11 ;; the Free Software Foundation, either version 3 of the License, or
12 ;; (at your option) any later version.
14 ;; GNU Emacs is distributed in the hope that it will be useful,
15 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
16 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 ;; GNU General Public License for more details.
19 ;; You should have received a copy of the GNU General Public License
20 ;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
24 ;; Plist based data store providing search and partial encryption.
28 ;; ;; Open a new store associated with ~/.emacs.d/auth.plist.
29 ;; (setq store (plstore-open (expand-file-name "~/.emacs.d/auth.plist")))
30 ;; ;; Both `:host' and `:port' are public property.
31 ;; (plstore-put store "foo" '(:host "foo.example.org" :port 80) nil)
32 ;; ;; No encryption will be needed.
33 ;; (plstore-save store)
35 ;; ;; `:user' is marked as secret.
36 ;; (plstore-put store "bar" '(:host "bar.example.org") '(:user "test"))
37 ;; ;; `:password' is marked as secret.
38 ;; (plstore-put store "baz" '(:host "baz.example.org") '(:password "test"))
39 ;; ;; Those secret properties are encrypted together.
40 ;; (plstore-save store)
42 ;; ;; Kill the buffer visiting ~/.emacs.d/auth.plist.
43 ;; (plstore-close store)
47 ;; (setq store (plstore-open (expand-file-name "~/.emacs.d/auth.plist")))
49 ;; ;; As the entry "foo" associated with "foo.example.org" has no
50 ;; ;; secret properties, no need to decryption.
51 ;; (plstore-find store '(:host ("foo.example.org")))
53 ;; ;; As the entry "bar" associated with "bar.example.org" has a
54 ;; ;; secret property `:user', Emacs tries to decrypt the secret (and
55 ;; ;; thus you will need to input passphrase).
56 ;; (plstore-find store '(:host ("bar.example.org")))
58 ;; ;; While the entry "baz" associated with "baz.example.org" has also
59 ;; ;; a secret property `:password', it is encrypted together with
60 ;; ;; `:user' of "bar", so no need to decrypt the secret.
61 ;; (plstore-find store '(:host ("bar.example.org")))
63 ;; (plstore-close store)
67 ;; This file also provides `plstore-mode', a major mode for editing
68 ;; the PLSTORE format file. Visit a non-existing file and put the
71 ;; (("foo" :host "foo.example.org" :secret-user "user"))
73 ;; where the prefixing `:secret-' means the property (without
74 ;; `:secret-' prefix) is marked as secret. Thus, when you save the
75 ;; buffer, the `:secret-user' property is encrypted as `:user'.
77 ;; You can toggle the view between encrypted form and the decrypted
85 "Searchable, partially encrypted, persistent plist store"
89 (defcustom plstore-select-keys 'silent
90 "Control whether or not to pop up the key selection dialog.
92 If t, always asks user to select recipients.
93 If nil, query user only when a file's default recipients are not
94 known (i.e. `plstore-encrypt-to' is not locally set in the buffer
95 visiting a plstore file).
96 If neither t nor nil, doesn't ask user."
97 :type '(choice (const :tag "Ask always" t)
98 (const :tag "Ask when recipients are not set" nil)
99 (const :tag "Don't ask" silent))
102 (defvar plstore-encrypt-to nil
103 "*Recipient(s) used for encrypting secret entries.
104 May either be a string or a list of strings. If it is nil,
105 symmetric encryption will be used.")
107 (put 'plstore-encrypt-to 'safe-local-variable
113 (unless (stringp elt)
118 (put 'plstore-encrypt-to 'permanent-local t)
120 (defvar plstore-encoded nil)
122 (put 'plstore-encoded 'permanent-local t)
124 (defvar plstore-cache-passphrase-for-symmetric-encryption nil)
125 (defvar plstore-passphrase-alist nil)
127 (defun plstore-passphrase-callback-function (_context _key-id plstore)
128 (if plstore-cache-passphrase-for-symmetric-encryption
129 (let* ((file (file-truename (plstore-get-file plstore)))
130 (entry (assoc file plstore-passphrase-alist))
132 (or (copy-sequence (cdr entry))
135 (setq entry (list file)
136 plstore-passphrase-alist
138 plstore-passphrase-alist)))
140 (read-passwd (format "Passphrase for PLSTORE %s: "
141 (plstore--get-buffer plstore))))
142 (setcdr entry (copy-sequence passphrase))
144 (read-passwd (format "Passphrase for PLSTORE %s: "
145 (plstore--get-buffer plstore)))))
147 (defun plstore-progress-callback-function (_context _what _char current total
149 (if (= current total)
150 (message "%s...done" handback)
151 (message "%s...%d%%" handback
152 (if (> total 0) (floor (* (/ current (float total)) 100)) 0))))
154 (defun plstore--get-buffer (arg)
157 (defun plstore--get-alist (arg)
160 (defun plstore--get-encrypted-data (arg)
163 (defun plstore--get-secret-alist (arg)
166 (defun plstore--get-merged-alist (arg)
169 (defun plstore--set-buffer (arg buffer)
172 (defun plstore--set-alist (arg plist)
175 (defun plstore--set-encrypted-data (arg encrypted-data)
176 (aset arg 2 encrypted-data))
178 (defun plstore--set-secret-alist (arg secret-alist)
179 (aset arg 3 secret-alist))
181 (defun plstore--set-merged-alist (arg merged-alist)
182 (aset arg 4 merged-alist))
184 (defun plstore-get-file (arg)
185 (buffer-file-name (plstore--get-buffer arg)))
187 (defun plstore--make (&optional buffer alist encrypted-data secret-alist
189 (vector buffer alist encrypted-data secret-alist merged-alist))
191 (defun plstore--init-from-buffer (plstore)
192 (goto-char (point-min))
193 (when (looking-at ";;; public entries")
195 (plstore--set-alist plstore (read (point-marker)))
198 (when (looking-at ";;; secret entries")
200 (plstore--set-encrypted-data plstore (read (point-marker))))
201 (plstore--merge-secret plstore)))
204 (defun plstore-open (file)
205 "Create a plstore instance associated with FILE."
206 (let* ((filename (file-truename file))
207 (buffer (or (find-buffer-visiting filename)
208 (generate-new-buffer (format " plstore %s" filename))))
209 (store (plstore--make buffer)))
210 (with-current-buffer buffer
213 (insert-file-contents-literally file)