From 633e9bbdc8c330e5320d37d7419ddfe2673f7617 Mon Sep 17 00:00:00 2001 From: Katsumi Yamaoka Date: Thu, 19 Jan 2006 11:53:12 +0000 Subject: [PATCH] Merge v5-10 branch. --- lisp/ChangeLog | 77 ++++++++++++++++++++ lisp/pgg-gpg.el | 118 ++++++++++++++++++++++++------ lisp/pgg-pgp.el | 54 +++++++++----- lisp/pgg-pgp5.el | 50 ++++++++----- lisp/pgg.el | 186 +++++++++++++++++++++++++++++++++++++---------- 5 files changed, 384 insertions(+), 101 deletions(-) diff --git a/lisp/ChangeLog b/lisp/ChangeLog index 7f9e607ec..81454d33c 100644 --- a/lisp/ChangeLog +++ b/lisp/ChangeLog @@ -1,3 +1,80 @@ +2005-11-04 Ken Manheimer + + * pgg-pgp.el (pgg-pgp-encrypt-region, pgg-pgp-decrypt-region) + (pgg-pgp-sign-region): Add optional 'passphrase' argument to all + these routines, so the passphrase can be managed externally and + passed in to the system. + (pgg-pgp-decrypt-region, pgg-pgp-sign-region): Use new name for + pgg-add-passphrase-to-cache function. + + * pgg-pgp5.el (pgg-pgp5-encrypt-region, pgg-pgp5-decrypt-region) + (pgg-pgp5-sign-region): Add optional 'passphrase' argument to all + these routines, so the passphrase can be managed externally and + passed in to the system. + (pgg-pgp5-sign-region): Use new name of + pgg-add-passphrase-to-cache function. + +2005-10-29 Ken Manheimer + + * pgg-gpg.el (pgg-gpg-select-matching-key): Fix: look at the right + part of the decoded armor to find the key-identifier. + (pgg-gpg-lookup-key-owner): New function to return the + human-readable identifier of a key owner. + (pgg-gpg-key-id-from-key-owner): Make it easy to identify the key + itself. + (pgg-gpg-decrypt-region): Prompt with the key owner (rather than + the key value) if we have a key and can match it against a secret + key. Also, added a note pointing out fact that the prompt only + indicates the first matching key. + + * pgg.el (pgg-decrypt): Passing along 'passphrase' in call to + pgg-decrypt-region. + (pgg-add-passphrase-to-cache): Rename from + `pgg-add-passphrase-cache' to reduce confusion (all callers + changed). + (pgg-remove-passphrase-from-cache): Rename from + `pgg-remove-passphrase-cache' to reduce confusion (all callers + changed). + (pgg-read-passphrase) (pgg-add-passphrase-cache) + (pgg-remove-passphrase-cache): Add informative docstrings. + (pgg-decrypt): Convey provided passphrase in subordinate call to + pgg-decrypt-region. + +2005-10-20 Ken Manheimer + + * pgg.el (pgg-encrypt-region, pgg-encrypt-symmetric-region) + (pgg-encrypt-symmetric, pgg-encrypt, pgg-decrypt-region) + (pgg-decrypt, pgg-sign-region, pgg-sign): Add optional + 'passphrase' argument, so the passphrase can be managed externally + and then passed in to the system. + + * pgg.el (pgg-read-passphrase, pgg-add-passphrase-cache) + (pgg-remove-passphrase-cache): Add optional 'notruncate' argument, + so the passphrase cache can be used reliably with identifiers + besides a pgp packet's key id. + + * pgg-gpg.el (pgg-gpg-encrypt-region) + (pgg-gpg-encrypt-symmetric-region, pgg-gpg-decrypt-region) + (pgg-gpg-sign-region): Add optional 'passphrase' argument to all + these routines, so the passphrase can be managed externally and + passed in to the system. + + * pgg-gpg.el (pgg-gpg-possibly-cache-passphrase): Add optional + 'notruncate' argument, so the passphrase cache can be used + reliably with identifiers besides a pgp packet's key id. + +2005-10-29 Sascha Wilde + + * pgg-gpg.el (pgg-gpg-encrypt-symmetric-region): New function for + symmetric encryption. + (pgg-gpg-symmetric-key-p): New function to check for an symmetric + encrypted session key. + (pgg-gpg-decrypt-region): When decrypting a symmetric encrypted + message ask for the passphrase in a proper way. + + * pgg.el (pgg-encrypt-symmetric, pgg-encrypt-symmetric-region): + New user commands for symmetric encryption. + 2006-01-19 Katsumi Yamaoka * mm-bodies.el (mm-decode-body): Don't decode decoded body. diff --git a/lisp/pgg-gpg.el b/lisp/pgg-gpg.el index dfa9784fd..781df1227 100644 --- a/lisp/pgg-gpg.el +++ b/lisp/pgg-gpg.el @@ -4,6 +4,7 @@ ;; 2005, 2006 Free Software Foundation, Inc. ;; Author: Daiki Ueno +;; Symmetric encryption added by: Sascha Wilde ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG @@ -96,19 +97,20 @@ (delete-file output-file-name)) (set-default-file-modes orig-mode)))) -(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key) +(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key notruncate) (if (and pgg-cache-passphrase (progn (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] \\(GOOD_PASSPHRASE\\>\\)\\|\\(SIG_CREATED\\)" nil t))) - (pgg-add-passphrase-cache + (pgg-add-passphrase-to-cache (or key (progn (goto-char (point-min)) (if (re-search-forward "^\\[GNUPG:] NEED_PASSPHRASE\\(_PIN\\)? \\w+ ?\\w*" nil t) (substring (match-string 0) -8)))) - passphrase))) + passphrase + notruncate))) (defvar pgg-gpg-all-secret-keys 'unknown) @@ -139,15 +141,48 @@ nil t) (substring (match-string 2) 8))))) -(defun pgg-gpg-encrypt-region (start end recipients &optional sign) +(defun pgg-gpg-lookup-key-owner (string &optional all) + "Search keys associated with STRING and return owner of identified key. + +The value may be just the bare key id, or it may be a combination of the +user name associated with the key and the key id, with the key id enclosed +in \"<...>\" angle brackets. + +Optional ALL non-nil means search all keys, including secret keys." + (let ((args (list "--with-colons" "--no-greeting" "--batch" + (if all "--list-secret-keys" "--list-keys") + string)) + (key-regexp (concat "^\\(sec\\|pub\\)" + ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):[^:]*" + ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):"))) + (with-temp-buffer + (apply #'call-process pgg-gpg-program nil t nil args) + (goto-char (point-min)) + (if (re-search-forward key-regexp + nil t) + (match-string 3))))) + +(defun pgg-gpg-key-id-from-key-owner (key-owner) + (cond ((not key-owner) nil) + ;; Extract bare key id from outermost paired angle brackets, if any: + ((string-match "[^<]*<\\(.+\\)>[^>]*" key-owner) + (substring key-owner (match-beginning 1)(match-end 1))) + (key-owner))) + +(defun pgg-gpg-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END. -If optional argument SIGN is non-nil, do a combined sign and encrypt." + +If optional argument SIGN is non-nil, do a combined sign and encrypt. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (when sign - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id))) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " + pgg-gpg-user-id) + pgg-gpg-user-id)))) (args (append (list "--batch" "--textmode" "--armor" "--always-trust" "--encrypt") @@ -169,19 +204,46 @@ If optional argument SIGN is non-nil, do a combined sign and encrypt." (pgg-gpg-possibly-cache-passphrase passphrase))) (pgg-process-when-success))) -(defun pgg-gpg-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-gpg-encrypt-symmetric-region (start end &optional passphrase) + "Encrypt the current region between START and END with symmetric cipher. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." + (let* ((passphrase (or passphrase + (pgg-read-passphrase + "GnuPG passphrase for symmetric encryption: "))) + (args + (append (list "--batch" "--textmode" "--armor" "--symmetric" )))) + (pgg-as-lbt start end 'CRLF + (pgg-gpg-process-region start end passphrase pgg-gpg-program args)) + (pgg-process-when-success))) + +(defun pgg-gpg-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((current-buffer (current-buffer)) (message-keys (with-temp-buffer (insert-buffer-substring current-buffer) (pgg-decode-armor-region (point-min) (point-max)))) (secret-keys (pgg-gpg-lookup-all-secret-keys)) + ;; XXX the user is stuck if they need to use the passphrase for + ;; any but the first secret key for which the message is + ;; encrypted. ideally, we would incrementally give them a + ;; chance with subsequent keys each time they fail with one. (key (pgg-gpg-select-matching-key message-keys secret-keys)) - (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id)) + (key-owner (and key (pgg-gpg-lookup-key-owner key t))) + (key-id (pgg-gpg-key-id-from-key-owner key-owner)) + (pgg-gpg-user-id (or key-id key + pgg-gpg-user-id pgg-default-user-id)) + (passphrase (or passphrase + (pgg-read-passphrase + (format (if (pgg-gpg-symmetric-key-p message-keys) + "Passphrase for symmetric decryption: " + "GnuPG passphrase for %s: ") + (or key-owner "??")) + pgg-gpg-user-id))) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) (with-current-buffer pgg-errors-buffer @@ -189,21 +251,31 @@ If optional argument SIGN is non-nil, do a combined sign and encrypt." (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) +;;;###autoload +(defun pgg-gpg-symmetric-key-p (message-keys) + "True if decoded armor MESSAGE-KEYS has symmetric encryption indicator." + (let (result) + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key))))) + (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." (loop for message-key in message-keys for message-key-id = (and (equal (car message-key) 1) - (cdr (assq 'key-identifier message-key))) + (cdr (assq 'key-identifier + (cdr message-key)))) for key = (and message-key-id (pgg-lookup-key message-key-id 'encrypt)) when (and key (member key secret-keys)) return key)) -(defun pgg-gpg-sign-region (start end &optional cleartext) +(defun pgg-gpg-sign-region (start end &optional cleartext passphrase) "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id)) + (passphrase (or passphrase + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + pgg-gpg-user-id))) (args (list (if cleartext "--clearsign" "--detach-sign") "--armor" "--batch" "--verbose" diff --git a/lisp/pgg-pgp.el b/lisp/pgg-pgp.el index 2735a0b7b..d786df6fd 100644 --- a/lisp/pgg-pgp.el +++ b/lisp/pgg-pgp.el @@ -132,41 +132,57 @@ Bourne shell or its equivalent \(not tcsh) is needed for \"2>\"." (buffer-substring (point)(progn (end-of-line) (point))))) 2)))))) -(defun pgg-pgp-encrypt-region (start end recipients) +(defun pgg-pgp-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END." (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id)) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "PGP passphrase for %s: " + pgg-pgp-user-id) + pgg-pgp-user-id)))) (args - `("+encrypttoself=off +verbose=1" "+batchmode" - "+language=us" "-fate" - ,@(if recipients - (mapcar (lambda (rcpt) (concat "\"" rcpt "\"")) - (append recipients - (if pgg-encrypt-for-me - (list pgg-pgp-user-id)))))))) + (append + `("+encrypttoself=off +verbose=1" "+batchmode" + "+language=us" "-fate" + ,@(if recipients + (mapcar (lambda (rcpt) (concat "\"" rcpt "\"")) + (append recipients + (if pgg-encrypt-for-me + (list pgg-pgp-user-id)))))) + (if sign '("-s" "-u" pgg-pgp-user-id))))) (pgg-pgp-process-region start end nil pgg-pgp-program args) (pgg-process-when-success nil))) -(defun pgg-pgp-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-pgp-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id)) (key (pgg-pgp-lookup-key pgg-pgp-user-id 'encrypt)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp-user-id) key)) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp-user-id) key))) (args '("+verbose=1" "+batchmode" "+language=us" "-f"))) (pgg-pgp-process-region start end passphrase pgg-pgp-program args) (pgg-process-when-success (if pgg-cache-passphrase - (pgg-add-passphrase-cache key passphrase))))) + (pgg-add-passphrase-to-cache key passphrase))))) + +(defun pgg-pgp-sign-region (start end &optional clearsign passphrase) + "Make detached signature from text between START and END. -(defun pgg-pgp-sign-region (start end &optional clearsign) - "Make detached signature from text between START and END." +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp-user-id) - (pgg-pgp-lookup-key pgg-pgp-user-id 'sign))) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp-user-id) + (pgg-pgp-lookup-key pgg-pgp-user-id 'sign)))) (args (list (if clearsign "-fast" "-fbast") "+verbose=1" "+language=us" "+batchmode" @@ -181,7 +197,7 @@ Bourne shell or its equivalent \(not tcsh) is needed for \"2>\"." (point)) (point-max)))))) (if pgg-cache-passphrase - (pgg-add-passphrase-cache + (pgg-add-passphrase-to-cache (cdr (assq 'key-identifier packet)) passphrase))))))) diff --git a/lisp/pgg-pgp5.el b/lisp/pgg-pgp5.el index ffe467ec0..75c96e599 100644 --- a/lisp/pgg-pgp5.el +++ b/lisp/pgg-pgp5.el @@ -1,7 +1,7 @@ ;;; pgg-pgp5.el --- PGP 5.* support for PGG. ;; Copyright (C) 1999, 2000, 2002, 2003, 2004, -;; 2005 Free Software Foundation, Inc. +;; 2005, 2006 Free Software Foundation, Inc. ;; Author: Daiki Ueno ;; Created: 1999/11/02 @@ -143,41 +143,51 @@ Bourne shell or its equivalent \(not tcsh) is needed for \"2>\"." (buffer-substring (match-end 0)(progn (end-of-line)(point))))) 2))))) -(defun pgg-pgp5-encrypt-region (start end recipients &optional sign) +(defun pgg-pgp5-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END." (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id)) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "PGP passphrase for %s: " + pgg-pgp5-user-id) + pgg-pgp5-user-id)))) (args - `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1" - ,@(if recipients - (apply #'append - (mapcar (lambda (rcpt) - (list "-r" - (concat "\"" rcpt "\""))) - (append recipients - (if pgg-encrypt-for-me - (list pgg-pgp5-user-id))))))))) + (append + `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1" + ,@(if recipients + (apply #'append + (mapcar (lambda (rcpt) + (list "-r" + (concat "\"" rcpt "\""))) + (append recipients + (if pgg-encrypt-for-me + (list pgg-pgp5-user-id))))))) + (if sign '("-s" "-u" pgg-pgp5-user-id))))) (pgg-pgp5-process-region start end nil pgg-pgp5-pgpe-program args) (pgg-process-when-success nil))) -(defun pgg-pgp5-decrypt-region (start end) +(defun pgg-pgp5-decrypt-region (start end &optional passphrase) "Decrypt the current region between START and END." (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp5-user-id) - (pgg-pgp5-lookup-key pgg-pgp5-user-id 'encrypt))) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp5-user-id) + (pgg-pgp5-lookup-key pgg-pgp5-user-id 'encrypt)))) (args '("+verbose=1" "+batchmode=1" "+language=us" "-f"))) (pgg-pgp5-process-region start end passphrase pgg-pgp5-pgpv-program args) (pgg-process-when-success nil))) -(defun pgg-pgp5-sign-region (start end &optional clearsign) +(defun pgg-pgp5-sign-region (start end &optional clearsign passphrase) "Make detached signature from text between START and END." (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp5-user-id) - (pgg-pgp5-lookup-key pgg-pgp5-user-id 'sign))) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp5-user-id) + (pgg-pgp5-lookup-key pgg-pgp5-user-id 'sign)))) (args (list (if clearsign "-fat" "-fbat") "+verbose=1" "+language=us" "+batchmode=1" @@ -191,7 +201,7 @@ Bourne shell or its equivalent \(not tcsh) is needed for \"2>\"." (point)) (point-max)))))) (if pgg-cache-passphrase - (pgg-add-passphrase-cache + (pgg-add-passphrase-to-cache (cdr (assq 'key-identifier packet)) passphrase))))))) diff --git a/lisp/pgg.el b/lisp/pgg.el index c9287ab87..468fbc6cf 100644 --- a/lisp/pgg.el +++ b/lisp/pgg.el @@ -1,9 +1,10 @@ ;;; pgg.el --- glue for the various PGP implementations. ;; Copyright (C) 1999, 2000, 2002, 2003, 2004, -;; 2005 Free Software Foundation, Inc. +;; 2005, 2006 Free Software Foundation, Inc. ;; Author: Daiki Ueno +;; Symmetric encryption added by: Sascha Wilde ;; Created: 1999/10/28 ;; Keywords: PGP @@ -67,29 +68,73 @@ (set-window-buffer window buffer) (shrink-window-if-larger-than-buffer window))) +;; XXX `pgg-display-output-buffer' is a horrible name for this function. +;; It should be something like `pgg-situate-output-or-display-error'. (defun pgg-display-output-buffer (start end status) + "Situate en/decryption results or pop up an error buffer. + +Text from START to END is replaced by contents of output buffer if STATUS +is true, or else the output buffer is displayed." (if status - (progn - (delete-region start end) - (insert-buffer-substring pgg-output-buffer) - (decode-coding-region start (point) buffer-file-coding-system)) - (let ((temp-buffer-show-function - (function pgg-temp-buffer-show-function))) - (with-output-to-temp-buffer pgg-echo-buffer - (set-buffer standard-output) - (insert-buffer-substring pgg-errors-buffer))))) - -(defun pgg-read-passphrase (prompt &optional key) - (when pgg-cache-passphrase - (password-read prompt (setq key (pgg-truncate-key-identifier key))))) - -(defun pgg-add-passphrase-cache (key passphrase) + (pgg-situate-output start end) + (pgg-display-error-buffer))) + +(defun pgg-situate-output (start end) + "Place en/decryption result in place of current text from START to END." + (delete-region start end) + (insert-buffer-substring pgg-output-buffer) + (decode-coding-region start (point) buffer-file-coding-system)) + +(defun pgg-display-error-buffer () + "Pop up an error buffer indicating the reason for an en/decryption failure." + (let ((temp-buffer-show-function + (function pgg-temp-buffer-show-function))) + (with-output-to-temp-buffer pgg-echo-buffer + (set-buffer standard-output) + (insert-buffer-substring pgg-errors-buffer)))) + +(defun pgg-read-passphrase (prompt &optional key notruncate) + "Using PROMPT, obtain passphrase for KEY from cache or user. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + (password-read prompt (if notruncate + key + (pgg-truncate-key-identifier key)))) + +(defun pgg-add-passphrase-to-cache (key passphrase &optional notruncate) + "Associate KEY with PASSPHRASE in time-limited passphrase cache. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." (let ((password-cache-expiry pgg-passphrase-cache-expiry)) - (password-cache-add (setq key (pgg-truncate-key-identifier key)) + (password-cache-add (if notruncate + key + (pgg-truncate-key-identifier key)) passphrase))) -(defun pgg-remove-passphrase-cache (key) - (password-cache-remove key)) +(defun pgg-remove-passphrase-from-cache (key &optional notruncate) + "Omit passphrase associated with KEY in time-limited passphrase cache. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +This is a no-op if there is not entry for KEY (eg, it's already expired. + +The memory for the passphrase is filled with underscores to clear any +references to it. + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + (password-cache-remove (if notruncate + key + (pgg-truncate-key-identifier key)))) (defmacro pgg-convert-lbt-region (start end lbt) `(let ((pgg-conversion-end (set-marker (make-marker) ,end))) @@ -140,93 +185,156 @@ ;;; ;;;###autoload -(defun pgg-encrypt-region (start end rcpts &optional sign) +(defun pgg-encrypt-region (start end rcpts &optional sign passphrase) "Encrypt the current region between START and END for RCPTS. -If optional argument SIGN is non-nil, do a combined sign and encrypt." + +If optional argument SIGN is non-nil, do a combined sign and encrypt. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive (list (region-beginning)(region-end) (split-string (read-string "Recipients: ") "[ \t,]+"))) (let ((status (pgg-save-coding-system start end (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) - (point-min) (point-max) rcpts sign)))) + (point-min) (point-max) rcpts sign passphrase)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric-region (start end &optional passphrase) + "Encrypt the current region between START and END symmetric with passphrase. + +If optional PASSPHRASE is not specified, it will be obtained from the +cache or user." + (interactive "r") + (let ((status + (pgg-save-coding-system start end + (pgg-invoke "encrypt-symmetric-region" + (or pgg-scheme pgg-default-scheme) + (point-min) (point-max) passphrase)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric (&optional start end passphrase) + "Encrypt the current buffer using a symmetric, rather than key-pair, cipher. + +If optional arguments START and END are specified, only encrypt within +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." + (interactive) + (let* ((start (or start (point-min))) + (end (or end (point-max))) + (status (pgg-encrypt-symmetric-region start end passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-encrypt (rcpts &optional sign start end) +(defun pgg-encrypt (rcpts &optional sign start end passphrase) "Encrypt the current buffer for RCPTS. + If optional argument SIGN is non-nil, do a combined sign and encrypt. + If optional arguments START and END are specified, only encrypt within -the region." +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive (list (split-string (read-string "Recipients: ") "[ \t,]+"))) (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-encrypt-region start end rcpts sign))) + (status (pgg-encrypt-region start end rcpts sign passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "r") (let* ((buf (current-buffer)) (status (pgg-save-coding-system start end (pgg-invoke "decrypt-region" (or pgg-scheme pgg-default-scheme) - (point-min) (point-max))))) + (point-min) (point-max) passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-decrypt (&optional start end) +(defun pgg-decrypt (&optional start end passphrase) "Decrypt the current buffer. + If optional arguments START and END are specified, only decrypt within -the region." +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "") (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-decrypt-region start end))) + (status (pgg-decrypt-region start end passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-sign-region (start end &optional cleartext) +(defun pgg-sign-region (start end &optional cleartext passphrase) "Make the signature from text between START and END. + If the optional 3rd argument CLEARTEXT is non-nil, it does not create a detached signature. + If this function is called interactively, CLEARTEXT is enabled -and the the output is displayed." +and the the output is displayed. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "r") (let ((status (pgg-save-coding-system start end (pgg-invoke "sign-region" (or pgg-scheme pgg-default-scheme) (point-min) (point-max) - (or (interactive-p) cleartext))))) + (or (interactive-p) cleartext) + passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-sign (&optional cleartext start end) +(defun pgg-sign (&optional cleartext start end passphrase) "Sign the current buffer. + If the optional argument CLEARTEXT is non-nil, it does not create a detached signature. + If optional arguments START and END are specified, only sign data within the region. + If this function is called interactively, CLEARTEXT is enabled -and the the output is displayed." +and the the output is displayed. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "") (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-sign-region start end (or (interactive-p) cleartext)))) + (status (pgg-sign-region start end + (or (interactive-p) cleartext) + passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) - + ;;;###autoload (defun pgg-verify-region (start end &optional signature fetch) "Verify the current region between START and END. @@ -257,7 +365,7 @@ signer's public key from `pgg-default-keyserver-address'." (or (cdr (assq 'preferred-key-server packet)) pgg-default-keyserver-address)) (pgg-fetch-key keyserver key)) - (setq status + (setq status (pgg-save-coding-system start end (pgg-invoke "verify-region" (or pgg-scheme pgg-default-scheme) (point-min) (point-max) signature))) -- 2.34.1