From mboxrd@z Thu Jan 1 00:00:00 1970 Path: main.gmane.org!not-for-mail From: "Ted Zlatanov" Newsgroups: gmane.emacs.gnus.general,gmane.emacs.devel Subject: encrypt.el (was: pop3.el itegration with netrc.el) Date: 15 Oct 2004 15:14:59 -0400 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Sender: ding-owner@lists.math.uh.edu Message-ID: <4nfz4f94jw.fsf_-_@lifelogs.com> References: <4n7jpu4o7d.fsf@lifelogs.com> <4nis9baoz3.fsf@lifelogs.com> NNTP-Posting-Host: deer.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: sea.gmane.org 1097867735 27434 80.91.229.6 (15 Oct 2004 19:15:35 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Fri, 15 Oct 2004 19:15:35 +0000 (UTC) Cc: "emacs-devel" Original-X-From: ding-owner+M7453@lists.math.uh.edu Fri Oct 15 21:15:29 2004 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13] ident=mail) by deer.gmane.org with esmtp (Exim 3.35 #1 (Debian)) id 1CIXY1-00035x-00 for ; Fri, 15 Oct 2004 21:15:29 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu ident=lists) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 1CIXXi-0003rI-00; Fri, 15 Oct 2004 14:15:10 -0500 Original-Received: from util2.math.uh.edu ([129.7.128.23]) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 1CIXXd-0003rD-00 for ding@lists.math.uh.edu; Fri, 15 Oct 2004 14:15:05 -0500 Original-Received: from justine.libertine.org ([66.139.78.221] ident=postfix) by util2.math.uh.edu with esmtp (Exim 4.30) id 1CIXXb-0000Kx-Ce for ding@lists.math.uh.edu; Fri, 15 Oct 2004 14:15:03 -0500 Original-Received: from mail.bwh.harvard.edu (sysblade0.bwh.harvard.edu [134.174.9.44]) by justine.libertine.org (Postfix) with ESMTP id 6DB703A0035 for ; Fri, 15 Oct 2004 14:15:02 -0500 (CDT) Original-Received: (qmail 17142 invoked from network); 15 Oct 2004 19:05:15 -0000 Envelope-Sender: tzz@lifelogs.com Envelope-Recipients: ding@gnus.org, emacs-devel@gnu.org, Original-Received: from asimov.bwh.harvard.edu (HELO asimov) (internal?.9?user:?tzz@[134.174.9.63]) (envelope-sender ) by mail.bwh.harvard.edu (qmail-ldap-1.03) with SMTP for ; 15 Oct 2004 19:05:14 -0000 Mail-Followup-To: ding@gnus.org, "emacs-devel" Original-To: ding@gnus.org X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" X-Hashcash: 1:10:041015:ding@gnus.org::ea4f60788b0359a2:5b0 X-Hashcash: 1:10:041015:emacs-devel@gnu.org::d43486ae6728dd50:2d3 In-Reply-To: (Reiner Steib's message of "Fri, 15 Oct 2004 20:07:00 +0200") User-Agent: Gnus/5.110003 (No Gnus v0.3) Emacs/21.3.50 (gnu/linux) Precedence: bulk Xref: main.gmane.org gmane.emacs.gnus.general:58915 gmane.emacs.devel:28447 X-Report-Spam: http://spam.gmane.org/gmane.emacs.devel:28447 --=-=-= On Fri, 15 Oct 2004, reinersteib+gmane@imap.cc wrote: > password.el and encrypt.el (tla, ...) are new in No Gnus. So these > files will not be considered now, I think. encrypt.el should be general-purpose enough that it can be outside Gnus itself. I would like it to be part of Emacs, not just Gnus, because encryption is important to users and Emacs doesn't come with much built-in for handling encryption. I'm attaching a copy, the same (as of now) as the one in the Gnus CVS HEAD. Can anyone comment on the likelihood of inclusion in Emacs? The current list of encryption methods is minimal but can be easily expanded. The API is IMHO more important. Thanks Ted --=-=-= Content-Type: application/emacs-lisp Content-Disposition: attachment; filename=encrypt.el Content-Transfer-Encoding: quoted-printable ;;; encrypt.el --- file encryption routines ;; Copyright (C) 2002, 2003, 2004 Free Software Foundation, Inc. ;; Author: Teodor Zlatanov ;; Created: 2003/01/24 ;; Keywords: files ;; This file is part of GNU Emacs. ;; GNU Emacs is free software; you can redistribute it and/or modify ;; it under the terms of the GNU General Public License as published by ;; the Free Software Foundation; either version 2, or (at your option) ;; any later version. ;; GNU Emacs is distributed in the hope that it will be useful, ;; but WITHOUT ANY WARRANTY; without even the implied warranty of ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;; GNU General Public License for more details. ;; You should have received a copy of the GNU General Public License ;; along with GNU Emacs; see the file COPYING. If not, write to the ;; Free Software Foundation, Inc., 59 Temple Place - Suite 330, ;; Boston, MA 02111-1307, USA. ;;; Commentary: ;;; This module addresses data encryption. Page breaks are used for ;;; grouping declarations and documentation relating to each ;;; particular aspect. ;;; Code: ;; autoload password (eval-and-compile (autoload 'password-read "password")) (defgroup encrypt nil "File encryption configuration.") (defcustom encrypt-password-cache-expiry 200 "Encryption password timeout. When set, directly sets password-cache-expiry" :type 'integer :group 'encrypt :set (lambda (symbol value) (set symbol value) (setq password-cache-expiry value))) (defcustom encrypt-file-alist nil "List of file names or regexes matched with encryptions. Format example: '((\"beta\" (gpg \"AES\")) (\"/home/tzz/alpha\" (encrypt-xor \"Semi-Secret\")))" :type '(repeat (list :tag "Encryption entry" (radio :tag "What to encrypt" (file :tag "Filename") (regexp :tag "Regular expression match")) (radio :tag "How to encrypt it" (list :tag "GPG Encryption" (const :tag "GPG Program" gpg) (radio :tag "Choose a cipher" (const :tag "3DES Encryption" "3DES") (const :tag "CAST5 Encryption" "CAST5") (const :tag "Blowfish Encryption" "BLOWFISH") (const :tag "AES Encryption" "AES") (const :tag "AES192 Encryption" "AES192") (const :tag "AES256 Encryption" "AES256") (const :tag "Twofish Encryption" "TWOFISH") (string :tag "Cipher Name"))) (list :tag "Built-in simple XOR" (const :tag "XOR Encryption" encrypt-xor) (string :tag "XOR Cipher Value (seed value)"))))) :group 'encrypt) ;; TODO: now, load gencrypt.el and if successful, modify the ;; custom-type of encrypt-file-alist to add the gencrypt.el options ;; (plist-get (symbol-plist 'encrypt-file-alist) 'custom-type) ;; then use plist-put (defcustom encrypt-gpg-path (executable-find "gpg") "Path to the GPG program." :type '(radio (file :tag "Location of the GPG executable") (const :tag "GPG is not installed" nil)) :group 'encrypt) (defvar encrypt-temp-prefix "encrypt" "Prefix for temporary filenames") ;;;###autoload (defun encrypt-find-model (filename) "Given a filename, find a encrypt-file-alist entry" (dolist (entry encrypt-file-alist) (let ((match (nth 0 entry)) (model (nth 1 entry))) (when (or (eq match filename) (string-match match filename)) (return model))))) ;;;###autoload (defun encrypt-insert-file-contents (file &optional model) "Decrypt FILE into the current buffer." (interactive "fFile to insert: ") (let* ((model (or model (encrypt-find-model file))) (method (nth 0 model)) (cipher (nth 1 model)) (password-key (format "encrypt-password-%s-%s %s" (symbol-name method) cipher file)) (passphrase (password-read-and-add (format "%s password for cipher %s? " (symbol-name method) cipher) password-key)) (buffer-file-coding-system 'binary) (coding-system-for-read 'binary) outdata) ;; note we only insert-file-contents if the method is known to be valid (cond ((eq method 'gpg) (insert-file-contents file) (setq outdata (encrypt-gpg-decode-buffer passphrase cipher))) ((eq method 'encrypt-xor) (insert-file-contents file) (setq outdata (encrypt-xor-decode-buffer passphrase cipher)))) (if outdata (progn (gnus-message 9 "%s was decrypted with %s (cipher %s)" file (symbol-name method) cipher) (delete-region (point-min) (point-max)) (goto-char (point-min)) (insert outdata)) ;; the decryption failed, alas (password-cache-remove password-key) (gnus-error 5 "%s was NOT decrypted with %s (cipher %s)" file (symbol-name method) cipher)))) (defun encrypt-get-file-contents (file &optional model) "Decrypt FILE and return the contents." (interactive "fFile to decrypt: ") (with-temp-buffer (encrypt-insert-file-contents file model) (buffer-string))) (defun encrypt-put-file-contents (file data &optional model) "Encrypt the DATA to FILE, then continue normally." (with-temp-buffer (insert data) (encrypt-write-file-contents file model))) (defun encrypt-write-file-contents (file &optional model) "Encrypt the current buffer to FILE, then continue normally." (interactive "fFile to write: ") (let* ((model (or model (encrypt-find-model file))) (method (nth 0 model)) (cipher (nth 1 model)) (password-key (format "encrypt-password-%s-%s %s" (symbol-name method) cipher file)) (passphrase (password-read (format "%s password for cipher %s? " (symbol-name method) cipher) password-key)) outdata) (cond ((eq method 'gpg) (setq outdata (encrypt-gpg-encode-buffer passphrase cipher))) ((eq method 'encrypt-xor) (setq outdata (encrypt-xor-encode-buffer passphrase cipher)))) (if outdata (progn (gnus-message 9 "%s was encrypted with %s (cipher %s)" file (symbol-name method) cipher) (delete-region (point-min) (point-max)) (goto-char (point-min)) (insert outdata) ;; do not confirm overwrites (write-file file nil)) ;; the decryption failed, alas (password-cache-remove password-key) (gnus-error 5 "%s was NOT encrypted with %s (cipher %s)" file (symbol-name method) cipher)))) (defun encrypt-xor-encode-buffer (passphrase cipher) (encrypt-xor-process-buffer passphrase cipher t)) (defun encrypt-xor-decode-buffer (passphrase cipher) (encrypt-xor-process-buffer passphrase cipher nil)) (defun encrypt-xor-process-buffer (passphrase cipher &optional encode) "Given PASSPHRASE, xor-encode or decode the contents of the current buffe= r." (let* ((bs (buffer-substring-no-properties (point-min) (point-max))) ;; passphrase-sum is a simple additive checksum of the ;; passphrase and the cipher (passphrase-sum (when (stringp passphrase) (apply '+ (append cipher passphrase nil)))) new-list) (with-temp-buffer (if encode (progn (dolist (x (append bs nil)) (setq new-list (cons (logxor x passphrase-sum) new-list))) (dolist (x new-list) (insert (format "%d " x)))) (progn (setq new-list (reverse (split-string bs))) (dolist (x new-list) (setq x (string-to-int x)) (insert (format "%c" (logxor x passphrase-sum)))))) (buffer-substring-no-properties (point-min) (point-max))))) (defun encrypt-gpg-encode-buffer (passphrase cipher) (encrypt-gpg-process-buffer passphrase cipher t)) (defun encrypt-gpg-decode-buffer (passphrase cipher) (encrypt-gpg-process-buffer passphrase cipher nil)) (defun encrypt-gpg-process-buffer (passphrase=20 cipher=20 &optional encode) "With PASSPHRASE, use GPG to encode or decode the current buffer." (let* ((program encrypt-gpg-path) (input (buffer-substring-no-properties (point-min) (point-max))) (temp-maker (if (fboundp 'make-temp-file)=20 'make-temp-file=20 'make-temp-name)) (temp-file (funcall temp-maker encrypt-temp-prefix)) (default-enable-multibyte-characters nil) (args `("--cipher-algo" ,cipher "--status-fd" "2" "--logger-fd" "2" "--passphrase-fd" "0" "--no-tty")) exit-status exit-data) =20=20=20=20 (when encode (setq args (append args '("--symmetric" "--armor")))) (if program (with-temp-buffer (when passphrase (insert passphrase "\n")) (insert input) (setq exit-status (apply #'call-process-region (point-min) (point-max) program t `(t ,temp-file) nil args)) (if (equal exit-status 0) (setq exit-data (buffer-substring-no-properties (point-min) (point-max))) (with-temp-buffer (when (file-exists-p temp-file) (insert-file-contents temp-file)) (gnus-error 5 (format "%s exited abnormally: '%s' [%s]" program exit-status (buffer-string))))) (delete-file temp-file)) (gnus-error 5 "GPG is not installed.")) exit-data)) (provide 'encrypt) ;;; encrypt.el ends here ;; arch-tag: d907e4f1-71b5-42b1-a180-fc7b84ff0648 --=-=-=--