1 ;;; epa.el --- the EasyPG Assistant
2 ;; Copyright (C) 2006 Daiki Ueno
4 ;; Author: Daiki Ueno <ueno@unixuser.org>
5 ;; Keywords: PGP, GnuPG
7 ;; This file is part of EasyPG.
9 ;; This program is free software; you can redistribute it and/or modify
10 ;; it under the terms of the GNU General Public License as published by
11 ;; the Free Software Foundation; either version 2, or (at your option)
14 ;; This program is distributed in the hope that it will be useful,
15 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
16 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 ;; GNU General Public License for more details.
19 ;; You should have received a copy of the GNU General Public License
20 ;; along with GNU Emacs; see the file COPYING. If not, write to the
21 ;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
22 ;; Boston, MA 02110-1301, USA.
29 (eval-when-compile (require 'wid-edit))
32 "The EasyPG Assistant"
35 (defcustom epa-armor nil
36 "If non-nil, epa commands create ASCII armored output."
40 (defcustom epa-textmode nil
41 "If non-nil, epa commands treat input files as text."
45 (defgroup epa-faces nil
49 (defface epa-validity-high-face
50 '((((class color) (background dark))
51 (:foreground "PaleTurquoise" :bold t))
54 "Face used for displaying the high validity."
56 (defvar epa-validity-high-face 'epa-validity-high-face)
58 (defface epa-validity-medium-face
59 '((((class color) (background dark))
60 (:foreground "PaleTurquoise" :italic t))
63 "Face used for displaying the medium validity."
65 (defvar epa-validity-medium-face 'epa-validity-medium-face)
67 (defface epa-validity-low-face
70 "Face used for displaying the low validity."
72 (defvar epa-validity-low-face 'epa-validity-low-face)
74 (defface epa-validity-disabled-face
76 (:italic t :inverse-video t)))
77 "Face used for displaying the disabled validity."
79 (defvar epa-validity-disabled-face 'epa-validity-disabled-face)
81 (defface epa-string-face
84 (:foreground "lightyellow"))
87 (:foreground "blue4"))
90 "Face used for displaying the string."
92 (defvar epa-string-face 'epa-string-face)
94 (defface epa-mark-face
95 '((((class color) (background dark))
96 (:foreground "orange" :bold t))
98 (:foreground "red" :bold t)))
99 "Face used for displaying the high validity."
101 (defvar epa-mark-face 'epa-mark-face)
103 (defface epa-field-name-face
104 '((((class color) (background dark))
105 (:foreground "PaleTurquoise" :bold t))
107 "Face for the name of the attribute field."
109 (defvar epa-field-name-face 'epa-field-name-face)
111 (defface epa-field-body-face
112 '((((class color) (background dark))
113 (:foreground "turquoise" :italic t))
115 "Face for the body of the attribute field."
117 (defvar epa-field-body-face 'epa-field-body-face)
119 (defcustom epa-validity-face-alist
120 '((unknown . epa-validity-disabled-face)
121 (invalid . epa-validity-disabled-face)
122 (disabled . epa-validity-disabled-face)
123 (revoked . epa-validity-disabled-face)
124 (expired . epa-validity-disabled-face)
125 (none . epa-validity-low-face)
126 (undefined . epa-validity-low-face)
127 (never . epa-validity-low-face)
128 (marginal . epa-validity-medium-face)
129 (full . epa-validity-high-face)
130 (ultimate . epa-validity-high-face))
131 "An alist mapping validity values to faces."
135 (defcustom epa-font-lock-keywords
138 ("^\t\\([^\t:]+:\\)[ \t]*\\(.*\\)$"
139 (1 epa-field-name-face)
140 (2 epa-field-body-face)))
141 "Default expressions to addon in epa-mode."
142 :type '(repeat (list string))
145 (defconst epa-pubkey-algorithm-letter-alist
153 (defvar epa-keys-buffer nil)
154 (defvar epa-key-buffer-alist nil)
156 (defvar epa-list-keys-arguments nil)
158 (defvar epa-keys-mode-map
159 (let ((keymap (make-sparse-keymap)))
160 (define-key keymap "m" 'epa-mark)
161 (define-key keymap "u" 'epa-unmark)
162 (define-key keymap "d" 'epa-decrypt-file)
163 (define-key keymap "v" 'epa-verify-file)
164 (define-key keymap "s" 'epa-sign-file)
165 (define-key keymap "S" 'epa-sign-keys)
166 (define-key keymap "e" 'epa-encrypt-file)
167 (define-key keymap "r" 'epa-delete-keys)
168 (define-key keymap "i" 'epa-import-keys)
169 (define-key keymap "o" 'epa-export-keys)
170 (define-key keymap "g" 'epa-list-keys)
171 (define-key keymap "n" 'next-line)
172 (define-key keymap "p" 'previous-line)
173 (define-key keymap " " 'scroll-up)
174 (define-key keymap [delete] 'scroll-down)
175 (define-key keymap "q" 'epa-exit-buffer)
178 (defvar epa-exit-buffer-function #'bury-buffer)
180 (define-widget 'epa-key 'push-button
181 "Button for representing a epg-key object."
183 :button-face-get 'epa-key-widget-button-face-get
184 :value-create 'epa-key-widget-value-create
185 :action 'epa-key-widget-action
186 :help-echo 'epa-key-widget-help-echo)
188 (defun epa-key-widget-action (widget &optional event)
189 (epa-show-key (widget-get widget :value)))
191 (defun epa-key-widget-value-create (widget)
192 (let* ((key (widget-get widget :value))
193 (primary-sub-key (car (epg-key-sub-key-list key)))
194 (primary-user-id (car (epg-key-user-id-list key))))
195 (insert (format "%c "
196 (if (epg-sub-key-validity primary-sub-key)
197 (car (rassq (epg-sub-key-validity primary-sub-key)
198 epg-key-validity-alist))
200 (epg-sub-key-id primary-sub-key)
202 (if (stringp (epg-user-id-string primary-user-id))
203 (epg-user-id-string primary-user-id)
204 (epg-decode-dn (epg-user-id-string primary-user-id))))))
206 (defun epa-key-widget-button-face-get (widget)
207 (let ((validity (epg-sub-key-validity (car (epg-key-sub-key-list
208 (widget-get widget :value))))))
210 (cdr (assq validity epa-validity-face-alist))
213 (defun epa-key-widget-help-echo (widget)
215 (epg-sub-key-id (car (epg-key-sub-key-list
216 (widget-get widget :value))))))
218 (defun epa-keys-mode ()
219 "Major mode for `epa-list-keys'."
220 (kill-all-local-variables)
221 (buffer-disable-undo)
222 (setq major-mode 'epa-keys-mode
226 (use-local-map epa-keys-mode-map)
227 (set-keymap-parent (current-local-map) widget-keymap)
228 (make-local-variable 'font-lock-defaults)
229 (setq font-lock-defaults '(epa-font-lock-keywords t))
230 ;; In XEmacs, auto-initialization of font-lock is not effective
231 ;; if buffer-file-name is not set.
232 (font-lock-set-defaults)
234 (make-local-variable 'epa-exit-buffer-function)
235 (run-hooks 'epa-keys-mode-hook))
237 (defvar epa-key-mode-map
238 (let ((keymap (make-sparse-keymap)))
239 (define-key keymap "q" 'bury-buffer)
242 (defun epa-key-mode ()
243 "Major mode for `epa-show-key'."
244 (kill-all-local-variables)
245 (buffer-disable-undo)
246 (setq major-mode 'epa-key-mode
250 (use-local-map epa-key-mode-map)
251 (make-local-variable 'font-lock-defaults)
252 (setq font-lock-defaults '(epa-font-lock-keywords t))
253 ;; In XEmacs, auto-initialization of font-lock is not effective
254 ;; if buffer-file-name is not set.
255 (font-lock-set-defaults)
256 (make-local-variable 'epa-exit-buffer-function)
257 (run-hooks 'epa-key-mode-hook))
260 (defun epa-list-keys (&optional name mode protocol)
262 (if current-prefix-arg
263 (let ((name (read-string "Pattern: "
264 (if epa-list-keys-arguments
265 (car epa-list-keys-arguments)))))
266 (list (if (equal name "") nil name)
267 (y-or-n-p "Secret keys? ")
268 (intern (completing-read "Protocol? "
269 '(("OpenPGP") ("CMS"))
271 (or epa-list-keys-arguments (list nil nil nil))))
272 (unless (and epa-keys-buffer
273 (buffer-live-p epa-keys-buffer))
274 (setq epa-keys-buffer (generate-new-buffer "*Keys*")))
275 (set-buffer epa-keys-buffer)
276 (let ((inhibit-read-only t)
279 (context (epg-make-context protocol)))
280 (unless (get-text-property point 'epa-list-keys)
281 (setq point (next-single-property-change point 'epa-list-keys)))
284 (or (next-single-property-change point 'epa-list-keys)
287 (epa-insert-keys context name mode)
289 (make-local-variable 'epa-list-keys-arguments)
290 (setq epa-list-keys-arguments (list name mode protocol))
291 (goto-char (point-min))
292 (pop-to-buffer (current-buffer)))
294 (defun epa-insert-keys (context name mode)
297 (narrow-to-region (point) (point))
298 (let ((keys (epg-list-keys context name mode))
303 (add-text-properties point (point)
304 (list 'epa-key (car keys)
309 (widget-create 'epa-key :value (car keys))
311 (setq keys (cdr keys))))
312 (add-text-properties (point-min) (point-max)
313 (list 'epa-list-keys t
319 (defun epa-marked-keys ()
321 (set-buffer epa-keys-buffer)
322 (goto-char (point-min))
324 (while (re-search-forward "^\\*" nil t)
325 (if (setq key (get-text-property (match-beginning 0)
327 (setq keys (cons key keys))))
331 (let ((key (get-text-property (point) 'epa-key)))
336 (defun epa-select-keys (context prompt &optional names secret)
337 "Display a user's keyring and ask him to select keys.
338 CONTEXT is an epg-context.
339 PROMPT is a string to prompt with.
340 NAMES is a list of strings to be matched with keys. If it is nil, all
342 If SECRET is non-nil, list secret keys instead of public keys."
344 (unless (and epa-keys-buffer
345 (buffer-live-p epa-keys-buffer))
346 (setq epa-keys-buffer (generate-new-buffer "*Keys*")))
347 (let ((inhibit-read-only t)
350 (set-buffer epa-keys-buffer)
354 :notify (lambda (&rest ignore) (abort-recursive-edit))
356 (substitute-command-keys
357 "Click here or \\[abort-recursive-edit] to cancel")
360 :notify (lambda (&rest ignore) (exit-recursive-edit))
362 (substitute-command-keys
363 "Click here or \\[exit-recursive-edit] to finish")
369 (epa-insert-keys context (car names) secret)
372 (goto-char (point-max))
373 (setq names (cdr names)))
374 (epa-insert-keys context nil secret))
376 (setq epa-exit-buffer-function #'abort-recursive-edit)
377 (goto-char (point-min))
378 (pop-to-buffer (current-buffer)))
383 (if (get-buffer-window epa-keys-buffer)
384 (delete-window (get-buffer-window epa-keys-buffer)))
385 (kill-buffer epa-keys-buffer))))
387 (defun epa-show-key (key)
388 (let* ((primary-sub-key (car (epg-key-sub-key-list key)))
389 (entry (assoc (epg-sub-key-id primary-sub-key)
390 epa-key-buffer-alist))
391 (inhibit-read-only t)
395 (setq entry (cons (epg-sub-key-id primary-sub-key) nil)
396 epa-key-buffer-alist (cons entry epa-key-buffer-alist)))
397 (unless (and (cdr entry)
398 (buffer-live-p (cdr entry)))
399 (setcdr entry (generate-new-buffer
400 (format "*Key*%s" (epg-sub-key-id primary-sub-key)))))
401 (set-buffer (cdr entry))
402 (make-local-variable 'epa-key)
405 (setq pointer (epg-key-user-id-list key))
408 (if (epg-user-id-validity (car pointer))
410 (car (rassq (epg-user-id-validity (car pointer))
411 epg-key-validity-alist)))
414 (if (stringp (epg-user-id-string (car pointer)))
415 (epg-user-id-string (car pointer))
416 (epg-decode-dn (epg-user-id-string (car pointer))))
418 (setq pointer (cdr pointer)))
419 (setq pointer (epg-key-sub-key-list key))
422 (if (epg-sub-key-validity (car pointer))
424 (car (rassq (epg-sub-key-validity (car pointer))
425 epg-key-validity-alist)))
428 (epg-sub-key-id (car pointer))
431 (epg-sub-key-length (car pointer)))
433 (cdr (assq (epg-sub-key-algorithm (car pointer))
434 epg-pubkey-algorithm-alist))
436 (epg-sub-key-creation-time (car pointer))
437 (if (epg-sub-key-expiration-time (car pointer))
438 (format "\n\tExpires: %s" (epg-sub-key-expiration-time
442 (mapconcat #'symbol-name
443 (epg-sub-key-capability (car pointer))
446 (epg-sub-key-fingerprint (car pointer))
448 (setq pointer (cdr pointer)))
449 (goto-char (point-min))
450 (pop-to-buffer (current-buffer))
453 (defun epa-show-key-notify (widget &rest ignore)
454 (epa-show-key (widget-get widget :value)))
456 (defun epa-mark (&optional arg)
457 "Mark the current line.
458 If ARG is non-nil, unmark the current line."
460 (let ((inhibit-read-only t)
464 (setq properties (text-properties-at (point)))
466 (insert (if arg " " "*"))
467 (set-text-properties (1- (point)) (point) properties)
470 (defun epa-unmark (&optional arg)
471 "Unmark the current line.
472 If ARG is non-nil, mark the current line."
474 (epa-mark (not arg)))
476 (defun epa-exit-buffer ()
477 "Exit the current buffer.
478 `epa-exit-buffer-function' is called if it is set."
480 (funcall epa-exit-buffer-function))
483 (defun epa-decrypt-file (file)
485 (interactive "fFile: ")
486 (let* ((default-name (file-name-sans-extension file))
487 (plain (expand-file-name
489 (concat "To file (default "
490 (file-name-nondirectory default-name)
492 (file-name-directory default-name)
494 (context (epg-make-context)))
495 (message "Decrypting %s..." (file-name-nondirectory file))
496 (epg-decrypt-file context file plain)
497 (message "Decrypting %s...done" (file-name-nondirectory file))
498 (if (epg-context-result-for context 'verify)
500 (epg-verify-result-to-string
501 (epg-context-result-for context 'verify))))))
504 (defun epa-verify-file (file)
506 (interactive "fFile: ")
507 (let* ((context (epg-make-context))
508 (plain (if (equal (file-name-extension file) "sig")
509 (file-name-sans-extension file))))
510 (message "Verifying %s..." (file-name-nondirectory file))
511 (epg-verify-file context file plain)
512 (message "Verifying %s...done" (file-name-nondirectory file))
514 (epg-verify-result-to-string
515 (epg-context-result-for context 'verify)))))
518 (defun epa-sign-file (file signers mode)
519 "Sign FILE by SIGNERS keys selected."
521 (list (expand-file-name (read-file-name "File: "))
522 (epa-select-keys (epg-make-context) "Select keys for signing.
523 If no one is selected, default secret key is used. "
525 (if (y-or-n-p "Make a detached signature? ")
527 (if (y-or-n-p "Make a cleartext signature? ")
529 (let ((signature (concat file
531 (not (memq mode '(nil t normal detached))))
533 (if (memq mode '(t detached))
536 (context (epg-make-context)))
537 (epg-context-set-armor context epa-armor)
538 (epg-context-set-textmode context epa-textmode)
539 (epg-context-set-signers context signers)
540 (message "Signing %s..." (file-name-nondirectory file))
541 (epg-sign-file context file signature mode)
542 (message "Signing %s...done" (file-name-nondirectory file))))
545 (defun epa-encrypt-file (file recipients)
546 "Encrypt FILE for RECIPIENTS."
548 (list (expand-file-name (read-file-name "File: "))
549 (epa-select-keys (epg-make-context) "Select recipents for encryption.
550 If no one is selected, symmetric encryption will be performed. ")))
551 (let ((cipher (concat file (if epa-armor ".asc" ".gpg")))
552 (context (epg-make-context)))
553 (epg-context-set-armor context epa-armor)
554 (epg-context-set-textmode context epa-textmode)
555 (message "Encrypting %s..." (file-name-nondirectory file))
556 (epg-encrypt-file context file recipients cipher)
557 (message "Encrypting %s...done" (file-name-nondirectory file))))
560 (defun epa-decrypt-region (start end)
561 "Decrypt the current region between START and END.
563 Don't use this command in Lisp programs!"
566 (let ((context (epg-make-context))
568 (message "Decrypting...")
569 (setq plain (epg-decrypt-string context (buffer-substring start end)))
570 (message "Decrypting...done")
571 (delete-region start end)
573 (insert (decode-coding-string plain coding-system-for-read))
574 (if (epg-context-result-for context 'verify)
576 (epg-verify-result-to-string
577 (epg-context-result-for context 'verify)))))))
580 (defun epa-decrypt-armor-in-region (start end)
581 "Decrypt OpenPGP armors in the current region between START and END.
583 Don't use this command in Lisp programs!"
587 (narrow-to-region start end)
589 (let (armor-start armor-end charset coding-system)
590 (while (re-search-forward "-----BEGIN PGP MESSAGE-----$" nil t)
591 (setq armor-start (match-beginning 0)
592 armor-end (re-search-forward "^-----END PGP MESSAGE-----$"
595 (error "No armor tail"))
596 (goto-char armor-start)
597 (if (re-search-forward "^Charset: \\(.*\\)" armor-end t)
598 (setq charset (match-string 1)))
599 (if coding-system-for-read
600 (setq coding-system coding-system-for-read)
602 (setq coding-system (intern (downcase charset)))
603 (setq coding-system 'utf-8)))
604 (let ((coding-system-for-read coding-system))
605 (epa-decrypt-region start end)))))))
608 (defun epa-verify-region (start end)
609 "Verify the current region between START and END.
611 Don't use this command in Lisp programs!"
613 (let ((context (epg-make-context)))
614 (epg-verify-string context
615 (encode-coding-string
616 (buffer-substring start end)
617 coding-system-for-write))
619 (epg-verify-result-to-string
620 (epg-context-result-for context 'verify)))))
623 (defun epa-verify-armor-in-region (start end)
624 "Verify OpenPGP armors in the current region between START and END.
626 Don't use this command in Lisp programs!"
630 (narrow-to-region start end)
632 (let (armor-start armor-end)
633 (while (re-search-forward "-----BEGIN PGP\\( SIGNED\\)? MESSAGE-----$"
635 (setq armor-start (match-beginning 0))
636 (if (match-beginning 1) ;cleartext signed message
638 (unless (re-search-forward "^-----BEGIN PGP SIGNATURE-----$"
640 (error "Invalid cleartext signed message"))
641 (setq armor-end (re-search-forward
642 "^-----END PGP SIGNATURE-----$"
644 (setq armor-end (re-search-forward
645 "^-----END PGP MESSAGE-----$"
648 (error "No armor tail"))
649 (epa-verify-region armor-start armor-end))))))
652 (defun epa-sign-region (start end signers mode)
653 "Sign the current region between START and END by SIGNERS keys selected.
655 Don't use this command in Lisp programs!"
657 (list (region-beginning) (region-end)
658 (epa-select-keys (epg-make-context) "Select keys for signing.
659 If no one is selected, default secret key is used. "
661 (if (y-or-n-p "Make a detached signature? ")
663 (if (y-or-n-p "Make a cleartext signature? ")
666 (let ((context (epg-make-context))
668 (epg-context-set-armor context epa-armor)
669 (epg-context-set-textmode context epa-textmode)
670 (epg-context-set-signers context signers)
671 (message "Signing...")
672 (setq signature (epg-sign-string context
673 (encode-coding-string
674 (buffer-substring start end)
675 coding-system-for-write)
677 (message "Signing...done")
678 (delete-region start end)
679 (insert (decode-coding-string signature coding-system-for-read)))))
682 (defun epa-encrypt-region (start end recipients)
683 "Encrypt the current region between START and END for RECIPIENTS.
685 Don't use this command in Lisp programs!"
687 (list (region-beginning) (region-end)
688 (epa-select-keys (epg-make-context) "Select recipents for encryption.
689 If no one is selected, symmetric encryption will be performed. ")))
691 (let ((context (epg-make-context))
693 (epg-context-set-armor context epa-armor)
694 (epg-context-set-textmode context epa-textmode)
695 (message "Encrypting...")
696 (setq cipher (epg-encrypt-string context
697 (encode-coding-string
698 (buffer-substring start end)
699 coding-system-for-write)
701 (message "Encrypting...done")
702 (delete-region start end)
706 (defun epa-delete-keys (keys &optional allow-secret)
707 "Delete selected KEYS."
709 (let ((keys (epa-marked-keys)))
711 (error "No keys selected"))
713 (eq (nth 1 epa-list-keys-arguments) t))))
714 (let ((context (epg-make-context)))
715 (message "Deleting...")
716 (epg-delete-keys context keys allow-secret)
717 (message "Deleting...done")
718 (apply #'epa-list-keys epa-list-keys-arguments)))
721 (defun epa-import-keys (file)
722 "Import keys from FILE."
723 (interactive "fFile: ")
724 (let ((context (epg-make-context)))
725 (message "Importing %s..." (file-name-nondirectory file))
726 (epg-import-keys-from-file context (expand-file-name file))
727 (message "Importing %s...done" (file-name-nondirectory file))
728 (apply #'epa-list-keys epa-list-keys-arguments)))
731 (defun epa-export-keys (keys file)
732 "Export selected KEYS to FILE."
734 (let ((keys (epa-marked-keys))
737 (error "No keys selected"))
740 (concat (epg-sub-key-id (car (epg-key-sub-key-list (car keys))))
741 (if epa-armor ".asc" ".gpg"))
746 (concat "To file (default "
747 (file-name-nondirectory default-name)
749 (file-name-directory default-name)
751 (let ((context (epg-make-context)))
752 (epg-context-set-armor context epa-armor)
753 (message "Exporting to %s..." (file-name-nondirectory file))
754 (epg-export-keys-to-file context keys file)
755 (message "Exporting to %s...done" (file-name-nondirectory file))))
758 (defun epa-sign-keys (keys &optional local)
760 If LOCAL is non-nil, the signature is marked as non exportable."
762 (let ((keys (epa-marked-keys)))
764 (error "No keys selected"))
765 (list keys current-prefix-arg)))
766 (let ((context (epg-make-context)))
767 (message "Signing keys...")
768 (epg-sign-keys context keys local)
769 (message "Signing keys...done")))