3 EasyPG is yet another GnuPG interface for Emacs. It consists of two parts:
5 epa.el - EasyPG Assistant, a basic GUI of GnuPG
6 epg.el - the EasyPG library which interacts with GnuPG
8 NOTE: EasyPG is not a fork or a re-implementation of Gnus/PGG.
12 ** GNU Emacs 21.4 or later, XEmacs 21.4 or later
14 ** GnuPG 1.4.3 or later
23 Add the following line to your ~/.emacs
27 * Advantages over other competitors
29 There are many competitors of EasyPG such as Mailcrypt, Gnus/PGG,
30 gpg.el, etc. EasyPG has some advantages over them.
32 ** EasyPG avoides potential security flaws of Emacs
34 See "Security consideration" section.
36 ** GnuPG features are directly accessible from Emacs
38 Other competitors provide only specific features of GnuPG since they
39 still support PGP 2.*, 5.*, 6.*. As the name indicates, EasyPG is
40 inspired by GPGME (GnuPG Made Easy), and the library interface is
41 close to GPGME. With EasyPG you can benefit from a lot of features of
44 * Security consideration
46 ** `call-process-region' writes data in region to a temporary file
48 `call-process-region' writes data in region to a temporary file.
49 EasyPG does *not* use `call-process-region' to communicate with a gpg
52 ** `(fillarray string 0)' is not enough to clear passphrases
54 If Emacs crashed and dumps core, passphrase strings in memory are also
55 dumped within the core file. `read-passwd' function clears passphrase
56 strings by `(fillarray string 0)'. However, Emacs performs compaction
57 in gc_sweep phase. If GC happens before `fillarray', passphrase
58 strings may be moved elsewhere in memory.
60 Fortunately, there is gpg-agent to cache passphrases in more secure
61 way, so the EasyPG library dares *not* to cache passphrase by itself.
62 Elisp programs can set `epg-context-passphrase-callback' to cache
projects / elisp / epg.git / blob