1 ;;; epa-file.el --- the EasyPG Assistant, transparent file encryption
2 ;; Copyright (C) 2006 Daiki Ueno
4 ;; Author: Daiki Ueno <ueno@unixuser.org>
5 ;; Keywords: PGP, GnuPG
7 ;; This file is part of EasyPG.
9 ;; This program is free software; you can redistribute it and/or modify
10 ;; it under the terms of the GNU General Public License as published by
11 ;; the Free Software Foundation; either version 2, or (at your option)
14 ;; This program is distributed in the hope that it will be useful,
15 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
16 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 ;; GNU General Public License for more details.
19 ;; You should have received a copy of the GNU General Public License
20 ;; along with GNU Emacs; see the file COPYING. If not, write to the
21 ;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
22 ;; Boston, MA 02110-1301, USA.
28 (defgroup epa-file nil
29 "The EasyPG Assistant hooks for transparent file encryption"
32 (defcustom epa-file-name-regexp "\\.gpg\\'"
33 "Regexp which matches filenames to be encrypted with GnuPG."
37 (defcustom epa-file-cache-passphrase-for-symmetric-encryption nil
38 "If non-nil, cache passphrase for symmetric encryption."
42 (defcustom epa-file-inhibit-auto-save t
43 "If non-nil, disable auto-saving when opening an encrypted file."
47 (defvar epa-file-encrypt-to nil
48 "*Recipient(s) used for encrypting files.
49 May either be a string or a list of strings.")
52 (put 'epa-file-encrypt-to 'safe-local-variable
63 (defvar epa-file-handler
64 (cons epa-file-name-regexp 'epa-file-handler))
66 (defvar epa-file-passphrase-alist nil)
68 (if (fboundp 'encode-coding-string)
69 (defalias 'epa-file--encode-coding-string 'encode-coding-string)
70 (defalias 'epa-file--encode-coding-string 'identity))
72 (if (fboundp 'decode-coding-string)
73 (defalias 'epa-file--decode-coding-string 'decode-coding-string)
74 (defalias 'epa-file--decode-coding-string 'identity))
76 (defun epa-file-passphrase-callback-function (context key-id file)
77 (if (and epa-file-cache-passphrase-for-symmetric-encryption
79 (let ((entry (assoc file epa-file-passphrase-alist))
81 (or (copy-sequence (cdr entry))
84 (setq entry (list file)
85 epa-file-passphrase-alist (cons entry
86 epa-file-passphrase-alist)))
87 (setq passphrase (epa-passphrase-callback-function context
89 (setcdr entry (copy-sequence passphrase))
91 (epa-passphrase-callback-function context key-id nil)))
93 (defun epa-file-handler (operation &rest args)
95 (let ((op (get operation 'epa-file)))
98 (epa-file-run-real-handler operation args)))))
100 (defun epa-file-run-real-handler (operation args)
101 (let ((inhibit-file-name-handlers
102 (cons 'epa-file-handler
103 (and (eq inhibit-file-name-operation operation)
104 inhibit-file-name-handlers)))
105 (inhibit-file-name-operation operation))
106 (apply operation args)))
108 (defun epa-file-decode-and-insert (string file visit beg end replace)
109 (if (fboundp 'decode-coding-inserted-region)
111 (narrow-to-region (point) (point))
112 (let ((multibyte enable-multibyte-characters))
113 (set-buffer-multibyte nil)
115 (set-buffer-multibyte multibyte)
116 (decode-coding-inserted-region
117 (point-min) (point-max)
118 (substring file 0 (string-match epa-file-name-regexp file))
119 visit beg end replace)))
120 (insert (epa-file--decode-coding-string string (or coding-system-for-read
123 (defvar last-coding-system-used)
124 (defun epa-file-insert-file-contents (file &optional visit beg end replace)
125 (barf-if-buffer-read-only)
126 (if (and visit (or beg end))
127 (error "Attempt to visit less than an entire file"))
128 (setq file (expand-file-name file))
129 (let ((local-copy (epa-file-run-real-handler #'file-local-copy (list file)))
130 (context (epg-make-context))
133 (setq buffer-file-name file))
134 (epg-context-set-passphrase-callback
136 (cons #'epa-file-passphrase-callback-function
138 (epg-context-set-progress-callback context
139 #'epa-progress-callback-function)
143 (goto-char (point-min)))
144 (condition-case error
145 (setq string (epg-decrypt-file context file nil))
147 (if (setq entry (assoc file epa-file-passphrase-alist))
150 (cons "Opening input file" (cdr error)))))
152 (setq string (substring string (or beg 0) end)))
155 (narrow-to-region (point) (point))
156 (epa-file-decode-and-insert string file visit beg end replace)
157 (setq length (- (point-max) (point-min))))
159 (delete-region (point) (point-max)))))
161 (file-exists-p local-copy))
162 (delete-file local-copy)))
164 (put 'insert-file-contents 'epa-file 'epa-file-insert-file-contents)
166 (defun epa-file-write-region (start end file &optional append visit lockname
169 (error "Can't append to the file."))
170 (setq file (expand-file-name file))
171 (let* ((coding-system (or coding-system-for-write
172 (if (fboundp 'select-safe-coding-system)
173 ;; This is needed since Emacs 22 has
174 ;; no-conversion setting for *.gpg in
175 ;; `auto-coding-alist'.
176 (let ((buffer-file-name
177 (file-name-sans-extension file)))
178 (select-safe-coding-system
179 (point-min) (point-max)))
180 buffer-file-coding-system)))
181 (context (epg-make-context))
182 (coding-system-for-write 'binary)
184 (epg-context-set-passphrase-callback
186 (cons #'epa-file-passphrase-callback-function
188 (epg-context-set-progress-callback context
189 #'epa-progress-callback-function)
190 (condition-case error
195 (epa-file--encode-coding-string start coding-system)
196 (epa-file--encode-coding-string (buffer-substring start end)
198 (unless (assoc file epa-file-passphrase-alist)
201 "Select recipents for encryption.
202 If no one is selected, symmetric encryption will be performed. "
204 ((listp epa-file-encrypt-to) epa-file-encrypt-to)
205 ((stringp epa-file-encrypt-to) (list epa-file-encrypt-to)))))))
207 (if (setq entry (assoc file epa-file-passphrase-alist))
209 (signal 'file-error (cons "Opening output file" (cdr error)))))
210 (epa-file-run-real-handler
212 (list string nil file append visit lockname mustbenew))
213 (if (boundp 'last-coding-system-used)
214 (setq last-coding-system-used coding-system))
217 (setq buffer-file-name file)
218 (set-visited-file-modtime))
221 (set-visited-file-modtime)
222 (setq buffer-file-name visit))))
226 (message "Wrote %s" buffer-file-name))))
227 (put 'write-region 'epa-file 'epa-file-write-region)
229 (defun epa-file-find-file-hook ()
230 (if (and buffer-file-name
231 (string-match epa-file-name-regexp buffer-file-name)
232 epa-file-inhibit-auto-save)
236 (defun epa-file-enable ()
238 (if (memq epa-file-handler file-name-handler-alist)
239 (message "`epa-file' already enabled")
240 (setq file-name-handler-alist
241 (cons epa-file-handler file-name-handler-alist))
242 (add-hook 'find-file-hooks 'epa-file-find-file-hook)
243 (message "`epa-file' enabled")))
246 (defun epa-file-disable ()
248 (if (memq epa-file-handler file-name-handler-alist)
250 (setq file-name-handler-alist
251 (delq epa-file-handler file-name-handler-alist))
252 (remove-hook 'find-file-hooks 'epa-file-find-file-hook)
253 (message "`epa-file' disabled"))
254 (message "`epa-file' already disabled")))
258 ;;; epa-file.el ends here