[bpt/emacs.git] / lisp / org / org-crypt.el

;;; org-crypt.el --- Public key encryption for org-mode entries

;; Copyright (C) 2007, 2009-2011  Free Software Foundation, Inc.

;; Emacs Lisp Archive Entry
;; Filename: org-crypt.el
;; Version: 7.4
;; Keywords: org-mode
;; Author: John Wiegley <johnw@gnu.org>
;; Maintainer: Peter Jones <pjones@pmade.com>
;; Description: Adds public key encryption to org-mode buffers
;; URL: http://www.newartisans.com/software/emacs.html
;; Compatibility: Emacs22

;; This file is part of GNU Emacs.
;;
;; GNU Emacs is free software: you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation, either version 3 of the License, or
;; (at your option) any later version.

;; GNU Emacs is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;; GNU General Public License for more details.

;; You should have received a copy of the GNU General Public License
;; along with GNU Emacs.  If not, see <http://www.gnu.org/licenses/>.

;;; Commentary:

;; Right now this is just a set of functions to play with.  It depends
;; on the epg library.  Here's how you would use it:
;;
;; 1. To mark an entry for encryption, tag the heading with "crypt".
;;    You can change the tag to any complex tag matching string by
;;    setting the `org-crypt-tag-matcher' variable.
;;
;; 2. Set the encryption key to use in the `org-crypt-key' variable,
;;    or use `M-x org-set-property' to set the property CRYPTKEY to
;;    any address in your public keyring.  The text of the entry (but
;;    not its properties or headline) will be encrypted for this user.
;;    For them to read it, the corresponding secret key must be
;;    located in the secret key ring of the account where you try to
;;    decrypt it.  This makes it possible to leave secure notes that
;;    only the intended recipient can read in a shared-org-mode-files
;;    scenario.
;;    If the key is not set, org-crypt will default to symmetric encryption.
;;
;; 3. To later decrypt an entry, use `org-decrypt-entries' or
;;    `org-decrypt-entry'.  It might be useful to bind this to a key,
;;    like C-c C-/.  I hope that in the future, C-c C-r can be might
;;    overloaded to also decrypt an entry if it's encrypted, since
;;    that fits nicely with the meaning of "reveal".
;;
;; 4. To automatically encrypt all necessary entries when saving a
;;    file, call `org-crypt-use-before-save-magic' after loading
;;    org-crypt.el.
;;
;; TODO:
;;   - Allow symmetric encryption as well

;;; Thanks:

;; - Carsten Dominik
;; - Vitaly Ostanin

(require 'org)

;;; Code:

(declare-function epg-decrypt-string "epg" (context cipher))
(declare-function epg-list-keys "epg" (context &optional name mode))
(declare-function epg-make-context "epg"
		  (&optional protocol armor textmode include-certs
			     cipher-algorithm digest-algorithm
			     compress-algorithm))
(declare-function epg-encrypt-string "epg"
		  (context plain recipients &optional sign always-trust))

(defgroup org-crypt nil
  "Org Crypt"
  :tag "Org Crypt" :group 'org)

(defcustom org-crypt-tag-matcher "crypt"
  "The tag matcher used to find headings whose contents should be encrypted.

See the \"Match syntax\" section of the org manual for more details."
  :type 'string :group 'org-crypt)

(defcustom org-crypt-key nil
  "The default key to use when encrypting the contents of a heading.

This setting can also be overridden in the CRYPTKEY property."
  :type 'string :group 'org-crypt)

(defun org-crypt-key-for-heading ()
  "Return the encryption key for the current heading."
  (save-excursion
    (org-back-to-heading t)
    (or (org-entry-get nil "CRYPTKEY" 'selective)
        org-crypt-key
        (and (boundp 'epa-file-encrypt-to) epa-file-encrypt-to)
        (message "No crypt key set, using symmetric encryption."))))

(defun org-encrypt-entry ()
  "Encrypt the content of the current headline."
  (interactive)
  (require 'epg)
  (save-excursion
    (org-back-to-heading t)
    (let ((start-heading (point)))
      (forward-line)
      (when (not (looking-at "-----BEGIN PGP MESSAGE-----"))
        (let ((folded (org-invisible-p))
              (epg-context (epg-make-context nil t t))
              (crypt-key (org-crypt-key-for-heading))
              (beg (point))
              end encrypted-text)
          (goto-char start-heading)
          (org-end-of-subtree t t)
          (org-back-over-empty-lines)
          (setq end (point)
                encrypted-text
                (epg-encrypt-string
                 epg-context
                 (buffer-substring-no-properties beg end)
                 (epg-list-keys epg-context crypt-key)))
          (delete-region beg end)
          (insert encrypted-text)
          (when folded
            (goto-char start-heading)
            (hide-subtree))
          nil)))))

(defun org-decrypt-entry ()
  "Decrypt the content of the current headline."
  (interactive)
  (require 'epg)
  (unless (org-before-first-heading-p)
    (save-excursion
      (org-back-to-heading t)
      (forward-line)
      (when (looking-at "-----BEGIN PGP MESSAGE-----")
	(let* ((beg (point))
	       (end (save-excursion
		      (search-forward "-----END PGP MESSAGE-----")
		      (forward-line)
		      (point)))
	       (epg-context (epg-make-context nil t t))
	       (decrypted-text
		(decode-coding-string
		 (epg-decrypt-string
		  epg-context
		  (buffer-substring-no-properties beg end))
		 'utf-8)))
	  (delete-region beg end)
	  (insert decrypted-text)
	  nil)))))

(defun org-encrypt-entries ()
  "Encrypt all top-level entries in the current buffer."
  (interactive)
  (org-scan-tags
   'org-encrypt-entry
   (cdr (org-make-tags-matcher org-crypt-tag-matcher))))

(defun org-decrypt-entries ()
  "Decrypt all entries in the current buffer."
  (interactive)
  (org-scan-tags
   'org-decrypt-entry
   (cdr (org-make-tags-matcher org-crypt-tag-matcher))))

(defun org-crypt-use-before-save-magic ()
  "Add a hook to automatically encrypt entries before a file is saved to disk."
  (add-hook
   'org-mode-hook
   (lambda () (add-hook 'before-save-hook 'org-encrypt-entries nil t))))

(add-hook 'org-reveal-start-hook 'org-decrypt-entry)

(provide 'org-crypt)


;;; org-crypt.el ends here
Commit	Line	Data
8d642074 CD	1	;;; org-crypt.el --- Public key encryption for org-mode entries
8d642074 CD	2
73b0cd50	3	;; Copyright (C) 2007, 2009-2011 Free Software Foundation, Inc.
8d642074 CD	4
	5	;; Emacs Lisp Archive Entry
	6	;; Filename: org-crypt.el
acedf35c	7	;; Version: 7.4
8d642074 CD	8	;; Keywords: org-mode
	9	;; Author: John Wiegley <johnw@gnu.org>
	10	;; Maintainer: Peter Jones <pjones@pmade.com>
	11	;; Description: Adds public key encryption to org-mode buffers
	12	;; URL: http://www.newartisans.com/software/emacs.html
	13	;; Compatibility: Emacs22
	14
	15	;; This file is part of GNU Emacs.
	16	;;
	17	;; GNU Emacs is free software: you can redistribute it and/or modify
	18	;; it under the terms of the GNU General Public License as published by
	19	;; the Free Software Foundation, either version 3 of the License, or
	20	;; (at your option) any later version.
	21
	22	;; GNU Emacs is distributed in the hope that it will be useful,
	23	;; but WITHOUT ANY WARRANTY; without even the implied warranty of
	24	;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	25	;; GNU General Public License for more details.
	26
	27	;; You should have received a copy of the GNU General Public License
	28	;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
	29
	30	;;; Commentary:
	31
	32	;; Right now this is just a set of functions to play with. It depends
	33	;; on the epg library. Here's how you would use it:
	34	;;
	35	;; 1. To mark an entry for encryption, tag the heading with "crypt".
	36	;; You can change the tag to any complex tag matching string by
	37	;; setting the `org-crypt-tag-matcher' variable.
	38	;;
	39	;; 2. Set the encryption key to use in the `org-crypt-key' variable,
	40	;; or use `M-x org-set-property' to set the property CRYPTKEY to
	41	;; any address in your public keyring. The text of the entry (but
	42	;; not its properties or headline) will be encrypted for this user.
	43	;; For them to read it, the corresponding secret key must be
	44	;; located in the secret key ring of the account where you try to
	45	;; decrypt it. This makes it possible to leave secure notes that
	46	;; only the intended recipient can read in a shared-org-mode-files
	47	;; scenario.
86fbb8ca	48	;; If the key is not set, org-crypt will default to symmetric encryption.
8d642074 CD	49	;;
	50	;; 3. To later decrypt an entry, use `org-decrypt-entries' or
	51	;; `org-decrypt-entry'. It might be useful to bind this to a key,
	52	;; like C-c C-/. I hope that in the future, C-c C-r can be might
	53	;; overloaded to also decrypt an entry if it's encrypted, since
	54	;; that fits nicely with the meaning of "reveal".
	55	;;
	56	;; 4. To automatically encrypt all necessary entries when saving a
	57	;; file, call `org-crypt-use-before-save-magic' after loading
	58	;; org-crypt.el.
	59	;;
	60	;; TODO:
	61	;; - Allow symmetric encryption as well
	62
	63	;;; Thanks:
	64
	65	;; - Carsten Dominik
	66	;; - Vitaly Ostanin
	67
	68	(require 'org)
	69
86fbb8ca CD	70	;;; Code:
86fbb8ca CD	71
8d642074 CD	72	(declare-function epg-decrypt-string "epg" (context cipher))
	73	(declare-function epg-list-keys "epg" (context &optional name mode))
	74	(declare-function epg-make-context "epg"
	75	(&optional protocol armor textmode include-certs
	76	cipher-algorithm digest-algorithm
	77	compress-algorithm))
	78	(declare-function epg-encrypt-string "epg"
	79	(context plain recipients &optional sign always-trust))
	80
	81	(defgroup org-crypt nil
	82	"Org Crypt"
	83	:tag "Org Crypt" :group 'org)
	84
	85	(defcustom org-crypt-tag-matcher "crypt"
86fbb8ca CD	86	"The tag matcher used to find headings whose contents should be encrypted.
	87
	88	See the \"Match syntax\" section of the org manual for more details."
8d642074 CD	89	:type 'string :group 'org-crypt)
	90
	91	(defcustom org-crypt-key nil
86fbb8ca CD	92	"The default key to use when encrypting the contents of a heading.
	93
	94	This setting can also be overridden in the CRYPTKEY property."
8d642074 CD	95	:type 'string :group 'org-crypt)
	96
	97	(defun org-crypt-key-for-heading ()
86fbb8ca	98	"Return the encryption key for the current heading."
8d642074 CD	99	(save-excursion
8d642074 CD	100	(org-back-to-heading t)
ed21c5c8	101	(or (org-entry-get nil "CRYPTKEY" 'selective)
8d642074 CD	102	org-crypt-key
8d642074 CD	103	(and (boundp 'epa-file-encrypt-to) epa-file-encrypt-to)
86fbb8ca	104	(message "No crypt key set, using symmetric encryption."))))
8d642074 CD	105
	106	(defun org-encrypt-entry ()
	107	"Encrypt the content of the current headline."
	108	(interactive)
	109	(require 'epg)
	110	(save-excursion
	111	(org-back-to-heading t)
86fbb8ca CD	112	(let ((start-heading (point)))
	113	(forward-line)
	114	(when (not (looking-at "-----BEGIN PGP MESSAGE-----"))
	115	(let ((folded (org-invisible-p))
	116	(epg-context (epg-make-context nil t t))
	117	(crypt-key (org-crypt-key-for-heading))
	118	(beg (point))
	119	end encrypted-text)
	120	(goto-char start-heading)
	121	(org-end-of-subtree t t)
	122	(org-back-over-empty-lines)
	123	(setq end (point)
	124	encrypted-text
	125	(epg-encrypt-string
	126	epg-context
	127	(buffer-substring-no-properties beg end)
	128	(epg-list-keys epg-context crypt-key)))
	129	(delete-region beg end)
	130	(insert encrypted-text)
	131	(when folded
	132	(goto-char start-heading)
	133	(hide-subtree))
	134	nil)))))
8d642074 CD	135
8d642074 CD	136	(defun org-decrypt-entry ()
ed21c5c8	137	"Decrypt the content of the current headline."
8d642074 CD	138	(interactive)
8d642074 CD	139	(require 'epg)
86fbb8ca CD	140	(unless (org-before-first-heading-p)
	141	(save-excursion
	142	(org-back-to-heading t)
	143	(forward-line)
	144	(when (looking-at "-----BEGIN PGP MESSAGE-----")
	145	(let* ((beg (point))
	146	(end (save-excursion
	147	(search-forward "-----END PGP MESSAGE-----")
	148	(forward-line)
	149	(point)))
	150	(epg-context (epg-make-context nil t t))
	151	(decrypted-text
	152	(decode-coding-string
	153	(epg-decrypt-string
	154	epg-context
	155	(buffer-substring-no-properties beg end))
	156	'utf-8)))
	157	(delete-region beg end)
	158	(insert decrypted-text)
	159	nil)))))
8d642074 CD	160
8d642074 CD	161	(defun org-encrypt-entries ()
ed21c5c8	162	"Encrypt all top-level entries in the current buffer."
8d642074 CD	163	(interactive)
	164	(org-scan-tags
	165	'org-encrypt-entry
	166	(cdr (org-make-tags-matcher org-crypt-tag-matcher))))
	167
	168	(defun org-decrypt-entries ()
ed21c5c8	169	"Decrypt all entries in the current buffer."
8d642074	170	(interactive)
ed21c5c8	171	(org-scan-tags
8d642074 CD	172	'org-decrypt-entry
	173	(cdr (org-make-tags-matcher org-crypt-tag-matcher))))
	174
	175	(defun org-crypt-use-before-save-magic ()
86fbb8ca	176	"Add a hook to automatically encrypt entries before a file is saved to disk."
ed21c5c8 CD	177	(add-hook
ed21c5c8 CD	178	'org-mode-hook
8d642074	179	(lambda () (add-hook 'before-save-hook 'org-encrypt-entries nil t))))
ed21c5c8 CD	180
	181	(add-hook 'org-reveal-start-hook 'org-decrypt-entry)
	182
8d642074 CD	183	(provide 'org-crypt)
8d642074 CD	184
8d642074 CD	185
8d642074 CD	186	;;; org-crypt.el ends here