1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
|
;;; pgg-gpg.el --- GnuPG support for PGG.
;; Copyright (C) 1999, 2000, 2002, 2003, 2004,
;; 2005, 2006 Free Software Foundation, Inc.
;; Author: Daiki Ueno <[email protected]>
;; Symmetric encryption support added by: Sascha Wilde <[email protected]>
;; Created: 1999/10/28
;; Keywords: PGP, OpenPGP, GnuPG
;; This file is part of GNU Emacs.
;; GNU Emacs is free software; you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation; either version 2, or (at your option)
;; any later version.
;; GNU Emacs is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;; You should have received a copy of the GNU General Public License
;; along with GNU Emacs; see the file COPYING. If not, write to the
;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
;; Boston, MA 02110-1301, USA.
;;; Code:
(eval-when-compile
(require 'pgg))
(defgroup pgg-gpg ()
"GnuPG interface."
:group 'pgg)
(defcustom pgg-gpg-program "gpg"
"The GnuPG executable."
:group 'pgg-gpg
:type 'string)
(defcustom pgg-gpg-extra-args nil
"Extra arguments for every GnuPG invocation."
:group 'pgg-gpg
:type '(repeat (string :tag "Argument")))
(defcustom pgg-gpg-recipient-argument "--recipient"
"GnuPG option to specify recipient."
:group 'pgg-gpg
:type '(choice (const :tag "New `--recipient' option" "--recipient")
(const :tag "Old `--remote-user' option" "--remote-user")))
(defcustom pgg-gpg-use-agent nil
"Whether to use gnupg agent for key caching."
:group 'pgg-gpg
:type 'boolean)
(defvar pgg-gpg-user-id nil
"GnuPG ID of your default identity.")
(defvar pgg-gpg-user-id-alist nil
"An alist mapping from key ID to user ID.")
(defvar pgg-gpg-read-point nil)
(defvar pgg-gpg-output-file-name nil)
(defvar pgg-gpg-pending-status-list nil)
(defvar pgg-gpg-key-id nil)
(defvar pgg-gpg-passphrase nil)
(defvar pgg-gpg-debug nil)
(defun pgg-gpg-start-process (args)
(let* ((output-file-name (pgg-make-temp-file "pgg-output"))
(args
(append (list "--no-tty"
"--status-fd" "1"
"--command-fd" "0"
"--yes" ; overwrite
"--output" output-file-name)
(if pgg-gpg-use-agent '("--use-agent"))
pgg-gpg-extra-args
args))
(coding-system-for-write 'binary)
(process-connection-type nil)
(orig-mode (default-file-modes))
default-enable-multibyte-characters
(buffer (generate-new-buffer " *pgg-gpg*"))
process)
(with-current-buffer buffer
(make-local-variable 'pgg-gpg-read-point)
(setq pgg-gpg-read-point (point-min))
(make-local-variable 'pgg-gpg-output-file-name)
(setq pgg-gpg-output-file-name output-file-name)
(make-local-variable 'pgg-gpg-pending-status-list)
(setq pgg-gpg-pending-status-list nil)
(make-local-variable 'pgg-gpg-key-id)
(setq pgg-gpg-key-id nil)
(make-local-variable 'pgg-gpg-passphrase)
(setq pgg-gpg-passphrase nil))
(unwind-protect
(progn
(set-default-file-modes 448)
(setq process
(apply #'start-process "pgg-gpg" buffer pgg-gpg-program args)))
(set-default-file-modes orig-mode))
(set-process-filter process #'pgg-gpg-process-filter)
(set-process-sentinel process #'pgg-gpg-process-sentinel)
process))
(defun pgg-gpg-process-filter (process input)
(save-excursion
(if pgg-gpg-debug
(save-excursion
(set-buffer (get-buffer-create " *pgg-gpg-debug*"))
(goto-char (point-max))
(insert input)))
(set-buffer (process-buffer process))
(goto-char (point-max))
(insert input)
(goto-char pgg-gpg-read-point)
(beginning-of-line)
(while (looking-at ".*\n") ;the input line is finished
(save-excursion
(if (looking-at "\\[GNUPG:] \\([A-Z_]+\\)\\>.*")
(let* ((status (match-string 1))
(symbol (intern-soft (concat "pgg-gpg-status-" status)))
(entry (member status pgg-gpg-pending-status-list)))
(if entry
(setq pgg-gpg-pending-status-list
(delq (car entry)
pgg-gpg-pending-status-list)))
(if (and symbol
(fboundp symbol))
(funcall symbol process (buffer-substring (match-beginning 1)
(match-end 0)))))))
(forward-line))
(setq pgg-gpg-read-point (point))))
(defun pgg-gpg-process-sentinel (process status)
(set-process-filter process nil)
(save-excursion
;; Copy the contents of process-buffer to pgg-errors-buffer.
(set-buffer (get-buffer-create pgg-errors-buffer))
(buffer-disable-undo)
(erase-buffer)
(when (buffer-live-p (process-buffer process))
(insert-buffer-substring (process-buffer process))
(goto-char (point-min))
(delete-matching-lines "^\\[GNUPG:] ")
(goto-char (point-min))
(while (re-search-forward "^gpg: " nil t)
(replace-match "")))
;; Read the contents of the output file to pgg-output-buffer.
(set-buffer (get-buffer-create pgg-output-buffer))
(buffer-disable-undo)
(erase-buffer)
(if (and (equal status "finished\n")
(buffer-live-p (process-buffer process)))
(let ((output-file-name (with-current-buffer (process-buffer process)
pgg-gpg-output-file-name)))
(when (file-exists-p output-file-name)
(let ((coding-system-for-read (if pgg-text-mode
'raw-text
'binary)))
(insert-file-contents output-file-name))
(delete-file output-file-name))))))
(defun pgg-gpg-wait-for-status (process status-list)
(with-current-buffer (process-buffer process)
(setq pgg-gpg-pending-status-list status-list)
(while (and (eq (process-status process) 'run)
pgg-gpg-pending-status-list)
(accept-process-output process 1))))
(defun pgg-gpg-wait-for-completion (process &optional status-list)
(process-send-eof process)
(while (eq (process-status process) 'run)
(sit-for 0.1))
(save-excursion
(set-buffer (process-buffer process))
(setq status-list (copy-sequence status-list))
(let ((pointer status-list))
(while pointer
(goto-char (point-min))
(unless (re-search-forward
(concat "^\\[GNUPG:] " (car pointer) "\\>")
nil t)
(setq status-list (delq (car pointer) status-list)))
(setq pointer (cdr pointer))))
(kill-buffer (process-buffer process))
status-list))
(defun pgg-gpg-status-USERID_HINT (process line)
(if (string-match "\\`USERID_HINT \\([^ ]+\\) \\(.*\\)" line)
(let* ((key-id (match-string 1 line))
(user-id (match-string 2 line))
(entry (assoc key-id pgg-gpg-user-id-alist)))
(if entry
(setcdr entry user-id)
(setq pgg-gpg-user-id-alist (cons (cons key-id user-id)
pgg-gpg-user-id-alist))))))
(defun pgg-gpg-status-NEED_PASSPHRASE (process line)
(if (string-match "\\`NEED_PASSPHRASE \\([^ ]+\\)" line)
(setq pgg-gpg-key-id (match-string 1 line))))
(defun pgg-gpg-status-NEED_PASSPHRASE_SYM (process line)
(setq pgg-gpg-key-id 'SYM))
(defun pgg-gpg-status-NEED_PASSPHRASE_PIN (process line)
(setq pgg-gpg-key-id 'PIN))
(defun pgg-gpg-status-GET_HIDDEN (process line)
(let ((entry (assoc pgg-gpg-key-id pgg-gpg-user-id-alist)))
(if (setq pgg-gpg-passphrase
(if (eq pgg-gpg-key-id 'SYM)
(pgg-read-passphrase
"GnuPG passphrase for symmetric encryption: ")
(pgg-read-passphrase
(format "GnuPG passphrase for %s: "
(if entry
(cdr entry)
pgg-gpg-key-id))
(if (eq pgg-gpg-key-id 'PIN)
"PIN"
pgg-gpg-key-id))))
(process-send-string process (concat pgg-gpg-passphrase "\n")))))
(defun pgg-gpg-status-GOOD_PASSPHRASE (process line)
(when (and pgg-gpg-passphrase
(stringp pgg-gpg-key-id))
(pgg-add-passphrase-to-cache pgg-gpg-key-id pgg-gpg-passphrase)
(setq pgg-gpg-passphrase nil)))
(defun pgg-gpg-status-BAD_PASSPHRASE (process line)
(when pgg-gpg-passphrase
(fillarray pgg-gpg-passphrase 0)
(setq pgg-gpg-passphrase nil)))
(defun pgg-gpg-lookup-key (string &optional type)
"Search keys associated with STRING."
(let ((args (list "--with-colons" "--no-greeting" "--batch"
(if type "--list-secret-keys" "--list-keys")
string)))
(with-temp-buffer
(apply #'call-process pgg-gpg-program nil t nil args)
(goto-char (point-min))
(if (re-search-forward "^\\(sec\\|pub\\):[^:]*:[^:]*:[^:]*:\\([^:]*\\)"
nil t)
(substring (match-string 2) 8)))))
(defun pgg-gpg-encrypt-region (start end recipients &optional sign passphrase)
"Encrypt the current region between START and END.
If optional argument SIGN is non-nil, do a combined sign and encrypt."
(let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id))
(args
(append
'("--armor" "--always-trust" "--encrypt")
(if pgg-text-mode '("--textmode"))
(if sign (list "--sign" "--local-user" pgg-gpg-user-id))
(if recipients
(apply #'nconc
(mapcar (lambda (rcpt)
(list pgg-gpg-recipient-argument rcpt))
(append recipients
(if pgg-encrypt-for-me
(list pgg-gpg-user-id))))))))
(process (pgg-gpg-start-process args)))
(if (and sign (not pgg-gpg-use-agent))
(pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE")))
(process-send-region process start end)
(pgg-gpg-wait-for-completion process '("SIG_CREATED" "END_ENCRYPTION"))))
(defun pgg-gpg-encrypt-symmetric-region (start end &optional passphrase)
"Encrypt the current region between START and END with symmetric cipher."
(let* ((args
(append '("--armor" "--symmetric")
(if pgg-text-mode '("--textmode"))))
(process (pgg-gpg-start-process args)))
(pgg-gpg-wait-for-status process '("BEGIN_ENCRYPTION"))
(process-send-region process start end)
(pgg-gpg-wait-for-completion process '("END_ENCRYPTION"))))
(defun pgg-gpg-decrypt-region (start end &optional passphrase)
"Decrypt the current region between START and END."
(let* ((args '("--decrypt"))
(process (pgg-gpg-start-process args)))
(process-send-region process start end)
(pgg-gpg-wait-for-status process '("BEGIN_DECRYPTION"))
(pgg-gpg-wait-for-completion process '("GOODSIG" "DECRYPTION_OKAY"))))
(defun pgg-gpg-sign-region (start end &optional cleartext passphrase)
"Make detached signature from text between START and END."
(let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id))
(args
(append (list (if cleartext "--clearsign" "--detach-sign")
"--armor" "--verbose"
"--local-user" pgg-gpg-user-id)
(if pgg-text-mode '("--textmode"))))
(process (pgg-gpg-start-process args)))
(unless pgg-gpg-use-agent
(pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE")))
(process-send-region process start end)
(pgg-gpg-wait-for-completion process '("SIG_CREATED"))))
(defun pgg-gpg-verify-region (start end &optional signature)
"Verify region between START and END as the detached signature SIGNATURE."
(let ((args '("--verify"))
process)
(when (stringp signature)
(setq args (append args (list signature))))
(setq process (pgg-gpg-start-process (append args '("-"))))
(process-send-region process start end)
(pgg-gpg-wait-for-completion process '("GOODSIG"))))
(defun pgg-gpg-insert-key ()
"Insert public key at point."
(let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id))
(args (list "--export" "--armor"
pgg-gpg-user-id))
(process (pgg-gpg-start-process args)))
(pgg-gpg-wait-for-completion process)
(insert-buffer-substring pgg-output-buffer)))
(defun pgg-gpg-snarf-keys-region (start end)
"Add all public keys in region between START and END to the keyring."
(let* ((args '("--import" "-"))
(process (pgg-gpg-start-process args))
status)
(process-send-region process start end)
(pgg-gpg-wait-for-completion process '("IMPORT_RES"))))
(provide 'pgg-gpg)
;;; arch-tag: 2aa5d5d8-93a0-4865-9312-33e29830e000
;;; pgg-gpg.el ends here
|
