+2005-11-04 Ken Manheimer <ken.manheimer@gmail.com>
+
+ * pgg-pgp.el (pgg-pgp-encrypt-region, pgg-pgp-decrypt-region)
+ (pgg-pgp-sign-region): Add optional 'passphrase' argument to all
+ these routines, so the passphrase can be managed externally and
+ passed in to the system.
+ (pgg-pgp-decrypt-region, pgg-pgp-sign-region): Use new name for
+ pgg-add-passphrase-to-cache function.
+
+ * pgg-pgp5.el (pgg-pgp5-encrypt-region, pgg-pgp5-decrypt-region)
+ (pgg-pgp5-sign-region): Add optional 'passphrase' argument to all
+ these routines, so the passphrase can be managed externally and
+ passed in to the system.
+ (pgg-pgp5-sign-region): Use new name of
+ pgg-add-passphrase-to-cache function.
+
+2005-10-29 Ken Manheimer <ken.manheimer@gmail.com>
+
+ * pgg-gpg.el (pgg-gpg-select-matching-key): Fix: look at the right
+ part of the decoded armor to find the key-identifier.
+ (pgg-gpg-lookup-key-owner): New function to return the
+ human-readable identifier of a key owner.
+ (pgg-gpg-key-id-from-key-owner): Make it easy to identify the key
+ itself.
+ (pgg-gpg-decrypt-region): Prompt with the key owner (rather than
+ the key value) if we have a key and can match it against a secret
+ key. Also, added a note pointing out fact that the prompt only
+ indicates the first matching key.
+
+ * pgg.el (pgg-decrypt): Passing along 'passphrase' in call to
+ pgg-decrypt-region.
+ (pgg-add-passphrase-to-cache): Rename from
+ `pgg-add-passphrase-cache' to reduce confusion (all callers
+ changed).
+ (pgg-remove-passphrase-from-cache): Rename from
+ `pgg-remove-passphrase-cache' to reduce confusion (all callers
+ changed).
+ (pgg-read-passphrase) (pgg-add-passphrase-cache)
+ (pgg-remove-passphrase-cache): Add informative docstrings.
+ (pgg-decrypt): Convey provided passphrase in subordinate call to
+ pgg-decrypt-region.
+
+2005-10-20 Ken Manheimer <ken.manheimer+emacs@gmail.com>
+
+ * pgg.el (pgg-encrypt-region, pgg-encrypt-symmetric-region)
+ (pgg-encrypt-symmetric, pgg-encrypt, pgg-decrypt-region)
+ (pgg-decrypt, pgg-sign-region, pgg-sign): Add optional
+ 'passphrase' argument, so the passphrase can be managed externally
+ and then passed in to the system.
+
+ * pgg.el (pgg-read-passphrase, pgg-add-passphrase-cache)
+ (pgg-remove-passphrase-cache): Add optional 'notruncate' argument,
+ so the passphrase cache can be used reliably with identifiers
+ besides a pgp packet's key id.
+
+ * pgg-gpg.el (pgg-gpg-encrypt-region)
+ (pgg-gpg-encrypt-symmetric-region, pgg-gpg-decrypt-region)
+ (pgg-gpg-sign-region): Add optional 'passphrase' argument to all
+ these routines, so the passphrase can be managed externally and
+ passed in to the system.
+
+ * pgg-gpg.el (pgg-gpg-possibly-cache-passphrase): Add optional
+ 'notruncate' argument, so the passphrase cache can be used
+ reliably with identifiers besides a pgp packet's key id.
+
+2005-10-29 Sascha Wilde <swilde@sha-bang.de>
+
+ * pgg-gpg.el (pgg-gpg-encrypt-symmetric-region): New function for
+ symmetric encryption.
+ (pgg-gpg-symmetric-key-p): New function to check for an symmetric
+ encrypted session key.
+ (pgg-gpg-decrypt-region): When decrypting a symmetric encrypted
+ message ask for the passphrase in a proper way.
+
+ * pgg.el (pgg-encrypt-symmetric, pgg-encrypt-symmetric-region):
+ New user commands for symmetric encryption.
+
2006-01-19 Katsumi Yamaoka <yamaoka@jpl.org>
* mm-bodies.el (mm-decode-body): Don't decode decoded body.
;; 2005, 2006 Free Software Foundation, Inc.
;; Author: Daiki Ueno <ueno@unixuser.org>
+;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de>
;; Created: 1999/10/28
;; Keywords: PGP, OpenPGP, GnuPG
(delete-file output-file-name))
(set-default-file-modes orig-mode))))
-(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key)
+(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key notruncate)
(if (and pgg-cache-passphrase
(progn
(goto-char (point-min))
(re-search-forward "^\\[GNUPG:] \\(GOOD_PASSPHRASE\\>\\)\\|\\(SIG_CREATED\\)" nil t)))
- (pgg-add-passphrase-cache
+ (pgg-add-passphrase-to-cache
(or key
(progn
(goto-char (point-min))
(if (re-search-forward
"^\\[GNUPG:] NEED_PASSPHRASE\\(_PIN\\)? \\w+ ?\\w*" nil t)
(substring (match-string 0) -8))))
- passphrase)))
+ passphrase
+ notruncate)))
(defvar pgg-gpg-all-secret-keys 'unknown)
nil t)
(substring (match-string 2) 8)))))
-(defun pgg-gpg-encrypt-region (start end recipients &optional sign)
+(defun pgg-gpg-lookup-key-owner (string &optional all)
+ "Search keys associated with STRING and return owner of identified key.
+
+The value may be just the bare key id, or it may be a combination of the
+user name associated with the key and the key id, with the key id enclosed
+in \"<...>\" angle brackets.
+
+Optional ALL non-nil means search all keys, including secret keys."
+ (let ((args (list "--with-colons" "--no-greeting" "--batch"
+ (if all "--list-secret-keys" "--list-keys")
+ string))
+ (key-regexp (concat "^\\(sec\\|pub\\)"
+ ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):[^:]*"
+ ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):")))
+ (with-temp-buffer
+ (apply #'call-process pgg-gpg-program nil t nil args)
+ (goto-char (point-min))
+ (if (re-search-forward key-regexp
+ nil t)
+ (match-string 3)))))
+
+(defun pgg-gpg-key-id-from-key-owner (key-owner)
+ (cond ((not key-owner) nil)
+ ;; Extract bare key id from outermost paired angle brackets, if any:
+ ((string-match "[^<]*<\\(.+\\)>[^>]*" key-owner)
+ (substring key-owner (match-beginning 1)(match-end 1)))
+ (key-owner)))
+
+(defun pgg-gpg-encrypt-region (start end recipients &optional sign passphrase)
"Encrypt the current region between START and END.
-If optional argument SIGN is non-nil, do a combined sign and encrypt."
+
+If optional argument SIGN is non-nil, do a combined sign and encrypt.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id))
- (passphrase
- (when sign
- (pgg-read-passphrase
- (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
- pgg-gpg-user-id)))
+ (passphrase (or passphrase
+ (when sign
+ (pgg-read-passphrase
+ (format "GnuPG passphrase for %s: "
+ pgg-gpg-user-id)
+ pgg-gpg-user-id))))
(args
(append
(list "--batch" "--textmode" "--armor" "--always-trust" "--encrypt")
(pgg-gpg-possibly-cache-passphrase passphrase)))
(pgg-process-when-success)))
-(defun pgg-gpg-decrypt-region (start end)
- "Decrypt the current region between START and END."
+(defun pgg-gpg-encrypt-symmetric-region (start end &optional passphrase)
+ "Encrypt the current region between START and END with symmetric cipher.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
+ (let* ((passphrase (or passphrase
+ (pgg-read-passphrase
+ "GnuPG passphrase for symmetric encryption: ")))
+ (args
+ (append (list "--batch" "--textmode" "--armor" "--symmetric" ))))
+ (pgg-as-lbt start end 'CRLF
+ (pgg-gpg-process-region start end passphrase pgg-gpg-program args))
+ (pgg-process-when-success)))
+
+(defun pgg-gpg-decrypt-region (start end &optional passphrase)
+ "Decrypt the current region between START and END.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(let* ((current-buffer (current-buffer))
(message-keys (with-temp-buffer
(insert-buffer-substring current-buffer)
(pgg-decode-armor-region (point-min) (point-max))))
(secret-keys (pgg-gpg-lookup-all-secret-keys))
+ ;; XXX the user is stuck if they need to use the passphrase for
+ ;; any but the first secret key for which the message is
+ ;; encrypted. ideally, we would incrementally give them a
+ ;; chance with subsequent keys each time they fail with one.
(key (pgg-gpg-select-matching-key message-keys secret-keys))
- (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id))
- (passphrase
- (pgg-read-passphrase
- (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
- pgg-gpg-user-id))
+ (key-owner (and key (pgg-gpg-lookup-key-owner key t)))
+ (key-id (pgg-gpg-key-id-from-key-owner key-owner))
+ (pgg-gpg-user-id (or key-id key
+ pgg-gpg-user-id pgg-default-user-id))
+ (passphrase (or passphrase
+ (pgg-read-passphrase
+ (format (if (pgg-gpg-symmetric-key-p message-keys)
+ "Passphrase for symmetric decryption: "
+ "GnuPG passphrase for %s: ")
+ (or key-owner "??"))
+ pgg-gpg-user-id)))
(args '("--batch" "--decrypt")))
(pgg-gpg-process-region start end passphrase pgg-gpg-program args)
(with-current-buffer pgg-errors-buffer
(goto-char (point-min))
(re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t))))
+;;;###autoload
+(defun pgg-gpg-symmetric-key-p (message-keys)
+ "True if decoded armor MESSAGE-KEYS has symmetric encryption indicator."
+ (let (result)
+ (dolist (key message-keys result)
+ (when (and (eq (car key) 3)
+ (member '(symmetric-key-algorithm) key))
+ (setq result key)))))
+
(defun pgg-gpg-select-matching-key (message-keys secret-keys)
"Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS."
(loop for message-key in message-keys
for message-key-id = (and (equal (car message-key) 1)
- (cdr (assq 'key-identifier message-key)))
+ (cdr (assq 'key-identifier
+ (cdr message-key))))
for key = (and message-key-id (pgg-lookup-key message-key-id 'encrypt))
when (and key (member key secret-keys)) return key))
-(defun pgg-gpg-sign-region (start end &optional cleartext)
+(defun pgg-gpg-sign-region (start end &optional cleartext passphrase)
"Make detached signature from text between START and END."
(let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id))
- (passphrase
- (pgg-read-passphrase
- (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
- pgg-gpg-user-id))
+ (passphrase (or passphrase
+ (pgg-read-passphrase
+ (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
+ pgg-gpg-user-id)))
(args
(list (if cleartext "--clearsign" "--detach-sign")
"--armor" "--batch" "--verbose"
(buffer-substring (point)(progn (end-of-line) (point)))))
2))))))
-(defun pgg-pgp-encrypt-region (start end recipients)
+(defun pgg-pgp-encrypt-region (start end recipients &optional sign passphrase)
"Encrypt the current region between START and END."
(let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id))
+ (passphrase (or passphrase
+ (when sign
+ (pgg-read-passphrase
+ (format "PGP passphrase for %s: "
+ pgg-pgp-user-id)
+ pgg-pgp-user-id))))
(args
- `("+encrypttoself=off +verbose=1" "+batchmode"
- "+language=us" "-fate"
- ,@(if recipients
- (mapcar (lambda (rcpt) (concat "\"" rcpt "\""))
- (append recipients
- (if pgg-encrypt-for-me
- (list pgg-pgp-user-id))))))))
+ (append
+ `("+encrypttoself=off +verbose=1" "+batchmode"
+ "+language=us" "-fate"
+ ,@(if recipients
+ (mapcar (lambda (rcpt) (concat "\"" rcpt "\""))
+ (append recipients
+ (if pgg-encrypt-for-me
+ (list pgg-pgp-user-id))))))
+ (if sign '("-s" "-u" pgg-pgp-user-id)))))
(pgg-pgp-process-region start end nil pgg-pgp-program args)
(pgg-process-when-success nil)))
-(defun pgg-pgp-decrypt-region (start end)
- "Decrypt the current region between START and END."
+(defun pgg-pgp-decrypt-region (start end &optional passphrase)
+ "Decrypt the current region between START and END.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id))
(key (pgg-pgp-lookup-key pgg-pgp-user-id 'encrypt))
(passphrase
- (pgg-read-passphrase
- (format "PGP passphrase for %s: " pgg-pgp-user-id) key))
+ (or passphrase
+ (pgg-read-passphrase
+ (format "PGP passphrase for %s: " pgg-pgp-user-id) key)))
(args
'("+verbose=1" "+batchmode" "+language=us" "-f")))
(pgg-pgp-process-region start end passphrase pgg-pgp-program args)
(pgg-process-when-success
(if pgg-cache-passphrase
- (pgg-add-passphrase-cache key passphrase)))))
+ (pgg-add-passphrase-to-cache key passphrase)))))
+
+(defun pgg-pgp-sign-region (start end &optional clearsign passphrase)
+ "Make detached signature from text between START and END.
-(defun pgg-pgp-sign-region (start end &optional clearsign)
- "Make detached signature from text between START and END."
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id))
(passphrase
- (pgg-read-passphrase
- (format "PGP passphrase for %s: " pgg-pgp-user-id)
- (pgg-pgp-lookup-key pgg-pgp-user-id 'sign)))
+ (or passphrase
+ (pgg-read-passphrase
+ (format "PGP passphrase for %s: " pgg-pgp-user-id)
+ (pgg-pgp-lookup-key pgg-pgp-user-id 'sign))))
(args
(list (if clearsign "-fast" "-fbast")
"+verbose=1" "+language=us" "+batchmode"
(point))
(point-max))))))
(if pgg-cache-passphrase
- (pgg-add-passphrase-cache
+ (pgg-add-passphrase-to-cache
(cdr (assq 'key-identifier packet))
passphrase)))))))
;;; pgg-pgp5.el --- PGP 5.* support for PGG.
;; Copyright (C) 1999, 2000, 2002, 2003, 2004,
-;; 2005 Free Software Foundation, Inc.
+;; 2005, 2006 Free Software Foundation, Inc.
;; Author: Daiki Ueno <ueno@unixuser.org>
;; Created: 1999/11/02
(buffer-substring (match-end 0)(progn (end-of-line)(point)))))
2)))))
-(defun pgg-pgp5-encrypt-region (start end recipients &optional sign)
+(defun pgg-pgp5-encrypt-region (start end recipients &optional sign passphrase)
"Encrypt the current region between START and END."
(let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id))
+ (passphrase (or passphrase
+ (when sign
+ (pgg-read-passphrase
+ (format "PGP passphrase for %s: "
+ pgg-pgp5-user-id)
+ pgg-pgp5-user-id))))
(args
- `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1"
- ,@(if recipients
- (apply #'append
- (mapcar (lambda (rcpt)
- (list "-r"
- (concat "\"" rcpt "\"")))
- (append recipients
- (if pgg-encrypt-for-me
- (list pgg-pgp5-user-id)))))))))
+ (append
+ `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1"
+ ,@(if recipients
+ (apply #'append
+ (mapcar (lambda (rcpt)
+ (list "-r"
+ (concat "\"" rcpt "\"")))
+ (append recipients
+ (if pgg-encrypt-for-me
+ (list pgg-pgp5-user-id)))))))
+ (if sign '("-s" "-u" pgg-pgp5-user-id)))))
(pgg-pgp5-process-region start end nil pgg-pgp5-pgpe-program args)
(pgg-process-when-success nil)))
-(defun pgg-pgp5-decrypt-region (start end)
+(defun pgg-pgp5-decrypt-region (start end &optional passphrase)
"Decrypt the current region between START and END."
(let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id))
(passphrase
- (pgg-read-passphrase
- (format "PGP passphrase for %s: " pgg-pgp5-user-id)
- (pgg-pgp5-lookup-key pgg-pgp5-user-id 'encrypt)))
+ (or passphrase
+ (pgg-read-passphrase
+ (format "PGP passphrase for %s: " pgg-pgp5-user-id)
+ (pgg-pgp5-lookup-key pgg-pgp5-user-id 'encrypt))))
(args
'("+verbose=1" "+batchmode=1" "+language=us" "-f")))
(pgg-pgp5-process-region start end passphrase pgg-pgp5-pgpv-program args)
(pgg-process-when-success nil)))
-(defun pgg-pgp5-sign-region (start end &optional clearsign)
+(defun pgg-pgp5-sign-region (start end &optional clearsign passphrase)
"Make detached signature from text between START and END."
(let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id))
(passphrase
- (pgg-read-passphrase
- (format "PGP passphrase for %s: " pgg-pgp5-user-id)
- (pgg-pgp5-lookup-key pgg-pgp5-user-id 'sign)))
+ (or passphrase
+ (pgg-read-passphrase
+ (format "PGP passphrase for %s: " pgg-pgp5-user-id)
+ (pgg-pgp5-lookup-key pgg-pgp5-user-id 'sign))))
(args
(list (if clearsign "-fat" "-fbat")
"+verbose=1" "+language=us" "+batchmode=1"
(point))
(point-max))))))
(if pgg-cache-passphrase
- (pgg-add-passphrase-cache
+ (pgg-add-passphrase-to-cache
(cdr (assq 'key-identifier packet))
passphrase)))))))
;;; pgg.el --- glue for the various PGP implementations.
;; Copyright (C) 1999, 2000, 2002, 2003, 2004,
-;; 2005 Free Software Foundation, Inc.
+;; 2005, 2006 Free Software Foundation, Inc.
;; Author: Daiki Ueno <ueno@unixuser.org>
+;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de>
;; Created: 1999/10/28
;; Keywords: PGP
(set-window-buffer window buffer)
(shrink-window-if-larger-than-buffer window)))
+;; XXX `pgg-display-output-buffer' is a horrible name for this function.
+;; It should be something like `pgg-situate-output-or-display-error'.
(defun pgg-display-output-buffer (start end status)
+ "Situate en/decryption results or pop up an error buffer.
+
+Text from START to END is replaced by contents of output buffer if STATUS
+is true, or else the output buffer is displayed."
(if status
- (progn
- (delete-region start end)
- (insert-buffer-substring pgg-output-buffer)
- (decode-coding-region start (point) buffer-file-coding-system))
- (let ((temp-buffer-show-function
- (function pgg-temp-buffer-show-function)))
- (with-output-to-temp-buffer pgg-echo-buffer
- (set-buffer standard-output)
- (insert-buffer-substring pgg-errors-buffer)))))
-
-(defun pgg-read-passphrase (prompt &optional key)
- (when pgg-cache-passphrase
- (password-read prompt (setq key (pgg-truncate-key-identifier key)))))
-
-(defun pgg-add-passphrase-cache (key passphrase)
+ (pgg-situate-output start end)
+ (pgg-display-error-buffer)))
+
+(defun pgg-situate-output (start end)
+ "Place en/decryption result in place of current text from START to END."
+ (delete-region start end)
+ (insert-buffer-substring pgg-output-buffer)
+ (decode-coding-region start (point) buffer-file-coding-system))
+
+(defun pgg-display-error-buffer ()
+ "Pop up an error buffer indicating the reason for an en/decryption failure."
+ (let ((temp-buffer-show-function
+ (function pgg-temp-buffer-show-function)))
+ (with-output-to-temp-buffer pgg-echo-buffer
+ (set-buffer standard-output)
+ (insert-buffer-substring pgg-errors-buffer))))
+
+(defun pgg-read-passphrase (prompt &optional key notruncate)
+ "Using PROMPT, obtain passphrase for KEY from cache or user.
+
+Truncate the key to 8 trailing characters unless NOTRUNCATE is true
+\(default false).
+
+Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry'
+regulate cache behavior."
+ (password-read prompt (if notruncate
+ key
+ (pgg-truncate-key-identifier key))))
+
+(defun pgg-add-passphrase-to-cache (key passphrase &optional notruncate)
+ "Associate KEY with PASSPHRASE in time-limited passphrase cache.
+
+Truncate the key to 8 trailing characters unless NOTRUNCATE is true
+\(default false).
+
+Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry'
+regulate cache behavior."
(let ((password-cache-expiry pgg-passphrase-cache-expiry))
- (password-cache-add (setq key (pgg-truncate-key-identifier key))
+ (password-cache-add (if notruncate
+ key
+ (pgg-truncate-key-identifier key))
passphrase)))
-(defun pgg-remove-passphrase-cache (key)
- (password-cache-remove key))
+(defun pgg-remove-passphrase-from-cache (key &optional notruncate)
+ "Omit passphrase associated with KEY in time-limited passphrase cache.
+
+Truncate the key to 8 trailing characters unless NOTRUNCATE is true
+\(default false).
+
+This is a no-op if there is not entry for KEY (eg, it's already expired.
+
+The memory for the passphrase is filled with underscores to clear any
+references to it.
+
+Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry'
+regulate cache behavior."
+ (password-cache-remove (if notruncate
+ key
+ (pgg-truncate-key-identifier key))))
(defmacro pgg-convert-lbt-region (start end lbt)
`(let ((pgg-conversion-end (set-marker (make-marker) ,end)))
;;;
;;;###autoload
-(defun pgg-encrypt-region (start end rcpts &optional sign)
+(defun pgg-encrypt-region (start end rcpts &optional sign passphrase)
"Encrypt the current region between START and END for RCPTS.
-If optional argument SIGN is non-nil, do a combined sign and encrypt."
+
+If optional argument SIGN is non-nil, do a combined sign and encrypt.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(interactive
(list (region-beginning)(region-end)
(split-string (read-string "Recipients: ") "[ \t,]+")))
(let ((status
(pgg-save-coding-system start end
(pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme)
- (point-min) (point-max) rcpts sign))))
+ (point-min) (point-max) rcpts sign passphrase))))
+ (when (interactive-p)
+ (pgg-display-output-buffer start end status))
+ status))
+
+;;;###autoload
+(defun pgg-encrypt-symmetric-region (start end &optional passphrase)
+ "Encrypt the current region between START and END symmetric with passphrase.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+cache or user."
+ (interactive "r")
+ (let ((status
+ (pgg-save-coding-system start end
+ (pgg-invoke "encrypt-symmetric-region"
+ (or pgg-scheme pgg-default-scheme)
+ (point-min) (point-max) passphrase))))
+ (when (interactive-p)
+ (pgg-display-output-buffer start end status))
+ status))
+
+;;;###autoload
+(defun pgg-encrypt-symmetric (&optional start end passphrase)
+ "Encrypt the current buffer using a symmetric, rather than key-pair, cipher.
+
+If optional arguments START and END are specified, only encrypt within
+the region.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
+ (interactive)
+ (let* ((start (or start (point-min)))
+ (end (or end (point-max)))
+ (status (pgg-encrypt-symmetric-region start end passphrase)))
(when (interactive-p)
(pgg-display-output-buffer start end status))
status))
;;;###autoload
-(defun pgg-encrypt (rcpts &optional sign start end)
+(defun pgg-encrypt (rcpts &optional sign start end passphrase)
"Encrypt the current buffer for RCPTS.
+
If optional argument SIGN is non-nil, do a combined sign and encrypt.
+
If optional arguments START and END are specified, only encrypt within
-the region."
+the region.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(interactive (list (split-string (read-string "Recipients: ") "[ \t,]+")))
(let* ((start (or start (point-min)))
(end (or end (point-max)))
- (status (pgg-encrypt-region start end rcpts sign)))
+ (status (pgg-encrypt-region start end rcpts sign passphrase)))
(when (interactive-p)
(pgg-display-output-buffer start end status))
status))
;;;###autoload
-(defun pgg-decrypt-region (start end)
- "Decrypt the current region between START and END."
+(defun pgg-decrypt-region (start end &optional passphrase)
+ "Decrypt the current region between START and END.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(interactive "r")
(let* ((buf (current-buffer))
(status
(pgg-save-coding-system start end
(pgg-invoke "decrypt-region" (or pgg-scheme pgg-default-scheme)
- (point-min) (point-max)))))
+ (point-min) (point-max) passphrase))))
(when (interactive-p)
(pgg-display-output-buffer start end status))
status))
;;;###autoload
-(defun pgg-decrypt (&optional start end)
+(defun pgg-decrypt (&optional start end passphrase)
"Decrypt the current buffer.
+
If optional arguments START and END are specified, only decrypt within
-the region."
+the region.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(interactive "")
(let* ((start (or start (point-min)))
(end (or end (point-max)))
- (status (pgg-decrypt-region start end)))
+ (status (pgg-decrypt-region start end passphrase)))
(when (interactive-p)
(pgg-display-output-buffer start end status))
status))
;;;###autoload
-(defun pgg-sign-region (start end &optional cleartext)
+(defun pgg-sign-region (start end &optional cleartext passphrase)
"Make the signature from text between START and END.
+
If the optional 3rd argument CLEARTEXT is non-nil, it does not create
a detached signature.
+
If this function is called interactively, CLEARTEXT is enabled
-and the the output is displayed."
+and the the output is displayed.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(interactive "r")
(let ((status (pgg-save-coding-system start end
(pgg-invoke "sign-region" (or pgg-scheme pgg-default-scheme)
(point-min) (point-max)
- (or (interactive-p) cleartext)))))
+ (or (interactive-p) cleartext)
+ passphrase))))
(when (interactive-p)
(pgg-display-output-buffer start end status))
status))
;;;###autoload
-(defun pgg-sign (&optional cleartext start end)
+(defun pgg-sign (&optional cleartext start end passphrase)
"Sign the current buffer.
+
If the optional argument CLEARTEXT is non-nil, it does not create a
detached signature.
+
If optional arguments START and END are specified, only sign data
within the region.
+
If this function is called interactively, CLEARTEXT is enabled
-and the the output is displayed."
+and the the output is displayed.
+
+If optional PASSPHRASE is not specified, it will be obtained from the
+passphrase cache or user."
(interactive "")
(let* ((start (or start (point-min)))
(end (or end (point-max)))
- (status (pgg-sign-region start end (or (interactive-p) cleartext))))
+ (status (pgg-sign-region start end
+ (or (interactive-p) cleartext)
+ passphrase)))
(when (interactive-p)
(pgg-display-output-buffer start end status))
status))
-
+
;;;###autoload
(defun pgg-verify-region (start end &optional signature fetch)
"Verify the current region between START and END.
(or (cdr (assq 'preferred-key-server packet))
pgg-default-keyserver-address))
(pgg-fetch-key keyserver key))
- (setq status
+ (setq status
(pgg-save-coding-system start end
(pgg-invoke "verify-region" (or pgg-scheme pgg-default-scheme)
(point-min) (point-max) signature)))