summaryrefslogtreecommitdiff
path: root/lisp/allout.el
diff options
context:
space:
mode:
authorKen Manheimer <ken.manheimer@gmail.com>2010-12-16 02:39:17 -0500
committerKen Manheimer <ken.manheimer@gmail.com>2010-12-16 02:39:17 -0500
commit075746e2c18959705ba7b186657fa84b01e42337 (patch)
treee9552b96da54703ea7ca30a7eb5c41cc2731fde9 /lisp/allout.el
parent29fac3fec1f6d4821b3d1a9e15057fed8cc9d140 (diff)
downloademacs-075746e2c18959705ba7b186657fa84b01e42337.tar.gz
respect epa-file-encrypt-to, defaulting to it when encrypting, if set, and
adjusting the value (as a file local variable and an active buffer setting) with the result of epa-select-keys. note the problem with caching of incorrect symmetric decryption keys. (allout-toggle-current-subtree-encryption), (allout-toggle-subtree-encryption): Adjust docstrings to reflect defaulting policy change. (allout-encrypt-string): keymod-cue rather than keypair-mode, which is interpreted here. Use the epa-passphrase-callback-function, in case the user is using GnuPG v1. Support saving of the selected keypair recipients when invoked with a keymode-cue > 4.
Diffstat (limited to 'lisp/allout.el')
-rw-r--r--lisp/allout.el123
1 files changed, 100 insertions, 23 deletions
diff --git a/lisp/allout.el b/lisp/allout.el
index 53f12095d47..b67f8125a06 100644
--- a/lisp/allout.el
+++ b/lisp/allout.el
@@ -1919,6 +1919,14 @@ exposing the plain text of encrypted topics in the file system.
If the content of the topic containing the cursor was encrypted
for a save, it is automatically decrypted for continued editing.
+PROBLEM: Attempting symmetric decryption with an incorrect key
+not only fails, but the incorrect key seems to be associated with
+the specific entry in the gpg cache, so that you do not get an
+opportunity to override the incorrect key and decrypt that
+entry. (Decryption of other entries is not affected.) To clear
+this problem, clear your gpg-agent's cache by sending it a '-HUP'
+signal.
+
See `allout-toggle-current-subtree-encryption' function docstring
and `allout-encrypt-unencrypted-on-saves' customization variable
for details.
@@ -5975,11 +5983,23 @@ Allout uses emacs 'epg' libary to perform encryption. Symmetric
and keypair encryption are supported. All encryption is ascii
armored.
-When encrypting, optional KEYMODE-CUE universal argument greater
-than 1 causes prompting for recipients for public-key keypair
-encryption. Otherwise a symmetric mode is assumed for
+Entry encryption defaults to symmetric key mode unless keypair
+recipients are associated with the file \(see
+`epa-file-encrypt-to') or the function is invoked with a
+\(KEYMODE-CUE) universal argument greater than 1.
+
+When encrypting, KEYMODE-CUE universal argument greater than 1
+causes prompting for recipients for public-key keypair
+encryption. Selecting no recipients results in symmetric key
encryption.
+Further, encrypting with a KEYMODE-CUE universal argument greater
+than 4 - eg, preceded by a doubled Ctrl-U - causes association of
+the specified recipients with the file, replacing those currently
+associated with it. This can be used to deassociate any
+recipients with the file, by selecting no recipients in the
+dialog.
+
Encrypted topic's bullets are set to a `~' to signal that the
contents of the topic (body and subtopics, but not heading) is
pending encryption or encrypted. `*' asterisk immediately after
@@ -6004,11 +6024,24 @@ encrypted. If you want to encrypt the contents of a top-level topic, use
(defun allout-toggle-subtree-encryption (&optional keymode-cue)
"Encrypt clear text or decrypt encoded topic contents (body and subtopics.)
-When encrypting, optional KEYMODE-CUE universal argument greater than
-1 provokes prompting for recipients for public-key keypair
-encryption, otherwise a symmetric-mode passphrase is solicited.
+Entry encryption defaults to symmetric key mode unless keypair
+recipients are associated with the file \(see
+`epa-file-encrypt-to') or the function is invoked with a
+\(KEYMODE-CUE) universal argument greater than 1.
+
+When encrypting, KEYMODE-CUE universal argument greater than 1
+causes prompting for recipients for public-key keypair
+encryption. Selecting no recipients results in symmetric key
+encryption.
-Encryption depends on the emacs epg library.
+Further, encrypting with a KEYMODE-CUE universal argument greater
+than 4 - eg, preceded by a doubled Ctrl-U - causes association of
+the specified recipients with the file, replacing those currently
+associated with it. This can be used to deassociate any
+recipients with the file, by selecting no recipients in the
+dialog.
+
+Encryption and decryption uses the emacs epg library.
Encrypted text will be ascii-armored.
@@ -6030,7 +6063,6 @@ See `allout-toggle-current-subtree-encryption' for more details."
(progn (if (= (point-max) after-bullet-pos)
(error "no body to encrypt"))
(allout-encrypted-topic-p)))
- (keypair-mode (> (prefix-numeric-value keymode-cue) 1))
(was-collapsed (if (not (search-forward "\n" nil t))
nil
(backward-char 1)
@@ -6074,7 +6106,7 @@ See `allout-toggle-current-subtree-encryption' for more details."
(setq result-text
(allout-encrypt-string subject-text was-encrypted
- (current-buffer) keypair-mode))
+ (current-buffer) keymode-cue))
;; Replace the subtree with the processed product.
(allout-unprotected
@@ -6105,9 +6137,9 @@ See `allout-toggle-current-subtree-encryption' for more details."
(insert "*"))))
(run-hook-with-args 'allout-structure-added-hook
bullet-pos subtree-end))))
-;;;_ > allout-encrypt-string (text decrypt allout-buffer keypair-mode
+;;;_ > allout-encrypt-string (text decrypt allout-buffer keymode-cue
;;; &optional rejected)
-(defun allout-encrypt-string (text decrypt allout-buffer keypair-mode
+(defun allout-encrypt-string (text decrypt allout-buffer keymode-cue
&optional rejected)
"Encrypt or decrypt message TEXT.
@@ -6117,8 +6149,22 @@ If DECRYPT is true (default false), then decrypt instead of encrypt.
ALLOUT-BUFFER identifies the buffer containing the text.
-If KEYPAIR-MODE is non-nil, encryption involves prompting for
-keypair recipients.
+Entry encryption defaults to symmetric key mode unless keypair
+recipients are associated with the file \(see
+`epa-file-encrypt-to') or the function is invoked with a
+\(KEYMODE-CUE) universal argument greater than 1.
+
+When encrypting, KEYMODE-CUE universal argument greater than 1
+causes prompting for recipients for public-key keypair
+encryption. Selecting no recipients results in symmetric key
+encryption.
+
+Further, encrypting with a KEYMODE-CUE universal argument greater
+than 4 - eg, preceded by a doubled Ctrl-U - causes association of
+the specified recipients with the file, replacing those currently
+associated with it. This can be used to deassociate any
+recipients with the file, by selecting no recipients in the
+dialog.
Optional REJECTED is for internal use, to convey the number of
rejections due to matches against
@@ -6128,7 +6174,10 @@ rejections due to matches against
(require 'epg)
(require 'epa)
- (let* ((epg-context (epg-make-context nil t))
+ (let* ((epg-context (let* ((context (epg-make-context nil t)))
+ (epg-context-set-passphrase-callback
+ context #'epa-passphrase-callback-function)
+ context))
(encoding (with-current-buffer allout-buffer
buffer-file-coding-system))
(multibyte (with-current-buffer allout-buffer
@@ -6145,9 +6194,17 @@ rejections due to matches against
(rejected (or rejected 0))
(rejections-left (- allout-encryption-ciphertext-rejection-ceiling
rejected))
- (keypair-message (concat "Select encryption recipients.\n Not"
- " selecting any causes"
- " symmetric encryption. "))
+ (keypair-mode (cond (decrypt 'decrypting)
+ ((<= (prefix-numeric-value keymode-cue) 1)
+ 'default)
+ ((<= (prefix-numeric-value keymode-cue) 4)
+ 'prompt)
+ ((> (prefix-numeric-value keymode-cue) 4)
+ 'prompt-save)))
+ (keypair-message (concat "Select encryption recipients.\n"
+ "Symmetric encryption is done if no"
+ " recipients are selected. "))
+ (encrypt-to (and (boundp 'epa-file-encrypt-to) epa-file-encrypt-to))
recipients
massaged-text
result-text
@@ -6174,6 +6231,18 @@ rejections due to matches against
(replace-match replacement nil nil))))))
(setq massaged-text (buffer-substring-no-properties (point-min)
(point-max))))
+ ;; determine key mode and, if keypair, recipients:
+ (setq recipients
+ (case keypair-mode
+
+ (decrypting nil)
+
+ (default (if encrypt-to (epg-list-keys epg-context encrypt-to)))
+
+ ((prompt prompt-save)
+ (save-window-excursion
+ (epa-select-keys epg-context keypair-message)))))
+
(setq result-text
(if decrypt
(epg-decrypt-string epg-context
@@ -6182,15 +6251,23 @@ rejections due to matches against
(epg-encrypt-string epg-context
(encode-coding-string massaged-text
(or encoding 'utf-8))
- (and keypair-mode
- (epa-select-keys epg-context
- keypair-message)))))
+ recipients)))
;; validate result -- non-empty
- (cond
- ((not result-text)
- (error "%scryption failed." (if decrypt "De" "En")))
+ (if (not result-text)
+ (error "%scryption failed." (if decrypt "De" "En")))
+
+ (when (eq keypair-mode 'prompt-save)
+ ;; set epa-file-encrypt-to in the buffer:
+ (setq epa-file-encrypt-to (mapcar (lambda (key)
+ (epg-user-id-string
+ (car (epg-key-user-id-list key))))
+ recipients))
+ ;; change the file variable:
+ (allout-adjust-file-variable "epa-file-encrypt-to" epa-file-encrypt-to))
+
+ (cond
;; Retry (within limit) if ciphertext contains rejections:
((and (not decrypt)
;; Check for disqualification of this ciphertext: