+(defun pgg-gpg-encrypt-symmetric-region (start end &optional passphrase)
+ "Encrypt the current region between START and END with symmetric cipher.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
+ (let* ((passphrase (or passphrase
+ (when (not (pgg-gpg-use-agent-p))
+ (pgg-read-passphrase
+ "GnuPG passphrase for symmetric encryption: "))))
+ (args
+ (append (list "--batch" "--armor" "--symmetric" )
+ (if pgg-text-mode (list "--textmode")))))
+ (pgg-gpg-process-region start end passphrase pgg-gpg-program args)
+ (pgg-process-when-success)))
+
+(defun pgg-gpg-decrypt-region (start end &optional passphrase)
+ "Decrypt the current region between START and END.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
+ (let* ((current-buffer (current-buffer))
+ (message-keys (with-temp-buffer
+ (insert-buffer-substring current-buffer)
+ (pgg-decode-armor-region (point-min) (point-max))))
+ (secret-keys (pgg-gpg-lookup-all-secret-keys))
+ ;; XXX the user is stuck if they need to use the passphrase for
+ ;; any but the first secret key for which the message is
+ ;; encrypted. ideally, we would incrementally give them a
+ ;; chance with subsequent keys each time they fail with one.
+ (key (pgg-gpg-select-matching-key message-keys secret-keys))
+ (key-owner (and key (pgg-gpg-lookup-key-owner key t)))
+ (key-id (pgg-gpg-key-id-from-key-owner key-owner))
+ (pgg-gpg-user-id (or key-id key
+ pgg-gpg-user-id pgg-default-user-id))
+ (passphrase (or passphrase
+ (when (not (pgg-gpg-use-agent-p))
+ (pgg-read-passphrase
+ (format (if (pgg-gpg-symmetric-key-p message-keys)
+ "Passphrase for symmetric decryption: "
+ "GnuPG passphrase for %s: ")
+ (or key-owner "??"))
+ pgg-gpg-user-id))))