-;;; epa-file.el --- the EasyPG Assistant, transparent file encryption
-;; Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc.
+;;; epa-file.el --- the EasyPG Assistant, transparent file encryption -*- lexical-binding: t -*-
+;; Copyright (C) 2006-2014 Free Software Foundation, Inc.
;; Author: Daiki Ueno <ueno@unixuser.org>
;; Keywords: PGP, GnuPG
+;; Package: epa
;; This file is part of GNU Emacs.
"If non-nil, cache passphrase for symmetric encryption.
For security reasons, this option is turned off by default and
-not recommended to use. Instead, consider using public-key
-encryption with gpg-agent which does the same job in a safer
-way."
+not recommended to use. Instead, consider using gpg-agent which
+does the same job in a safer way. See Info node `(epa) Caching
+Passphrases' for more information.
+
+Note that this option has no effect if you use GnuPG 2.0."
:type 'boolean
:group 'epa-file)
(defcustom epa-file-select-keys nil
- "If non-nil, always asks user to select recipients."
- :type 'boolean
+ "Control whether or not to pop up the key selection dialog.
+
+If t, always asks user to select recipients.
+If nil, query user only when `epa-file-encrypt-to' is not set.
+If neither t nor nil, doesn't ask user. In this case, symmetric
+encryption is used."
+ :type '(choice (const :tag "Ask always" t)
+ (const :tag "Ask when recipients are not set" nil)
+ (const :tag "Don't ask" silent))
:group 'epa-file)
(defvar epa-file-passphrase-alist nil)
(cons entry
epa-file-passphrase-alist)))
(setq passphrase (epa-passphrase-callback-function context
- key-id nil))
+ key-id
+ file))
(setcdr entry (copy-sequence passphrase))
passphrase))))
- (epa-passphrase-callback-function context key-id nil)))
+ (epa-passphrase-callback-function context key-id file)))
;;;###autoload
(defun epa-file-handler (operation &rest args)
(insert (epa-file--decode-coding-string string (or coding-system-for-read
'undecided)))))
+(defvar epa-file-error nil)
+(defun epa-file--find-file-not-found-function ()
+ (let ((error epa-file-error))
+ (save-window-excursion
+ (kill-buffer))
+ (signal 'file-error
+ (cons "Opening input file" (cdr error)))))
+
(defvar last-coding-system-used)
(defun epa-file-insert-file-contents (file &optional visit beg end replace)
(barf-if-buffer-read-only)
(error)))
(local-file (or local-copy file))
(context (epg-make-context))
+ (buf (current-buffer))
string length entry)
(if visit
(setq buffer-file-name file))
context
(cons #'epa-file-passphrase-callback-function
local-file))
- (epg-context-set-progress-callback context
- #'epa-progress-callback-function)
+ (epg-context-set-progress-callback
+ context
+ (cons #'epa-progress-callback-function
+ (format "Decrypting %s" file)))
(unwind-protect
(progn
(if replace
(error
(if (setq entry (assoc file epa-file-passphrase-alist))
(setcdr entry nil))
+ ;; Hack to prevent find-file from opening empty buffer
+ ;; when decryption failed (bug#6568). See the place
+ ;; where `find-file-not-found-functions' are called in
+ ;; `find-file-noselect-1'.
+ (when (file-exists-p local-file)
+ (setq-local epa-file-error error)
+ (add-hook 'find-file-not-found-functions
+ 'epa-file--find-file-not-found-function
+ nil t))
(signal 'file-error
(cons "Opening input file" (cdr error)))))
- (make-local-variable 'epa-file-encrypt-to)
- (setq epa-file-encrypt-to
- (mapcar #'car (epg-context-result-for context 'encrypted-to)))
+ (set-buffer buf) ;In case timer/filter changed/killed it (bug#16029)!
+ (setq-local epa-file-encrypt-to
+ (mapcar #'car (epg-context-result-for
+ context 'encrypted-to)))
(if (or beg end)
(setq string (substring string (or beg 0) end)))
(save-excursion
- (save-restriction
- (narrow-to-region (point) (point))
- (epa-file-decode-and-insert string file visit beg end replace)
- (setq length (- (point-max) (point-min))))
- (if replace
- (delete-region (point) (point-max)))
+ ;; If visiting, bind off buffer-file-name so that
+ ;; file-locking will not ask whether we should
+ ;; really edit the buffer.
+ (let ((buffer-file-name
+ (if visit nil buffer-file-name)))
+ (save-restriction
+ (narrow-to-region (point) (point))
+ (epa-file-decode-and-insert string file visit beg end replace)
+ (setq length (- (point-max) (point-min))))
+ (if replace
+ (delete-region (point) (point-max))))
(if visit
(set-visited-file-modtime))))
(if (and local-copy
(recipients
(cond
((listp epa-file-encrypt-to) epa-file-encrypt-to)
- ((stringp epa-file-encrypt-to) (list epa-file-encrypt-to)))))
+ ((stringp epa-file-encrypt-to) (list epa-file-encrypt-to))))
+ buffer)
(epg-context-set-passphrase-callback
context
(cons #'epa-file-passphrase-callback-function
file))
- (epg-context-set-progress-callback context
- #'epa-progress-callback-function)
+ (epg-context-set-progress-callback
+ context
+ (cons #'epa-progress-callback-function
+ (format "Encrypting %s" file)))
(epg-context-set-armor context epa-armor)
(condition-case error
(setq string
(unless start
(setq start (point-min)
end (point-max)))
- (epa-file--encode-coding-string (buffer-substring start end)
- coding-system))
- (if (or epa-file-select-keys
- (not (local-variable-p 'epa-file-encrypt-to
- (current-buffer))))
+ (setq buffer (current-buffer))
+ (with-temp-buffer
+ (insert-buffer-substring buffer start end)
+ ;; Translate the region according to
+ ;; `buffer-file-format', as `write-region' would.
+ ;; We can't simply do `write-region' (into a
+ ;; temporary file) here, since it writes out
+ ;; decrypted contents.
+ (format-encode-buffer (with-current-buffer buffer
+ buffer-file-format))
+ (epa-file--encode-coding-string (buffer-string)
+ coding-system)))
+ (if (or (eq epa-file-select-keys t)
+ (and (null epa-file-select-keys)
+ (not (local-variable-p 'epa-file-encrypt-to
+ (current-buffer)))))
(epa-select-keys
context
- "Select recipents for encryption.
+ "Select recipients for encryption.
If no one is selected, symmetric encryption will be performed. "
recipients)
(if epa-file-encrypt-to
(defun epa-file-select-keys ()
"Select recipients for encryption."
(interactive)
- (make-local-variable 'epa-file-encrypt-to)
- (setq epa-file-encrypt-to
- (mapcar
- (lambda (key)
- (epg-sub-key-id (car (epg-key-sub-key-list key))))
- (epa-select-keys
- (epg-make-context)
- "Select recipents for encryption.
+ (setq-local epa-file-encrypt-to
+ (mapcar
+ (lambda (key)
+ (epg-sub-key-id (car (epg-key-sub-key-list key))))
+ (epa-select-keys
+ (epg-make-context)
+ "Select recipients for encryption.
If no one is selected, symmetric encryption will be performed. "))))
;;;###autoload
(provide 'epa-file)
-;; arch-tag: 5715152f-0eb1-4dbc-9008-07098775314d
;;; epa-file.el ends here
HCoop / bpt / emacs.git / blobdiff