]> git.eshelyaron.com Git - emacs.git/commitdiff
Add pinentry.el for better GnuPG integration
authorDaiki Ueno <ueno@gnu.org>
Thu, 18 Jun 2015 01:08:04 +0000 (10:08 +0900)
committerDaiki Ueno <ueno@gnu.org>
Thu, 18 Jun 2015 01:22:38 +0000 (10:22 +0900)
* lisp/pinentry.el: New file.
* etc/NEWS: Add entry about pinentry.el.
* lisp/epg.el (epg--start): Set INSIDE_EMACS envvar.

Fixes: debbugs:20550
etc/NEWS
lisp/epg.el
lisp/net/pinentry.el [new file with mode: 0644]

index 0ed739cb6063a2667304c13152150077ea3d167c..313e1f781bb9d539236e44028ec21651de772d6b 100644 (file)
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -771,6 +771,12 @@ use [:multibyte:] instead.
 \f
 * New Modes and Packages in Emacs 25.1
 
+** pinentry.el allows GnuPG passphrase to be prompted through the
+minibuffer instead of a graphical dialog, depending on whether the gpg
+command is called from Emacs (i.e., INSIDE_EMACS environment variable
+is set).  This feature requires newer versions of GnuPG (2.1.5 or
+later) and Pinentry (0.9.5 or later).
+
 ** cl-generic.el provides CLOS-style multiple-dispatch generic functions.
 
 ** scss-mode (a minor variant of css-mode)
index 601504882e60a94ffbcdda37b378666f10c0b3de..b3d39bb85053f72e230261368716ac3abe6f9b0c 100644 (file)
@@ -602,6 +602,9 @@ callback data (if any)."
       (setq process-environment
            (cons (concat "GPG_TTY=" terminal-name)
                  (cons "TERM=xterm" process-environment))))
+    (setq process-environment
+          (cons (format "INSIDE_EMACS=%s,epg" emacs-version)
+                process-environment))
     ;; Record modified time of gpg-agent socket to restore the Emacs
     ;; frame on text terminal in `epg-wait-for-completion'.
     ;; See
diff --git a/lisp/net/pinentry.el b/lisp/net/pinentry.el
new file mode 100644 (file)
index 0000000..7cbe9f5
--- /dev/null
@@ -0,0 +1,397 @@
+;;; pinentry.el --- GnuPG Pinentry server implementation -*- lexical-binding: t -*-
+
+;; Copyright (C) 2015 Free Software Foundation, Inc.
+
+;; Author: Daiki Ueno <ueno@gnu.org>
+;; Version: 0.1
+;; Keywords: GnuPG
+
+;; This file is part of GNU Emacs.
+
+;; GNU Emacs is free software: you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
+
+;; GNU Emacs is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with GNU Emacs.  If not, see <http://www.gnu.org/licenses/>.
+
+;;; Commentary:
+
+;; This package allows GnuPG passphrase to be prompted through the
+;; minibuffer instead of graphical dialog.
+;;
+;; To use, add allow-emacs-pinentry to ~/.gnupg/gpg-agent.conf, and
+;; start the server with M-x pinentry-start.
+;;
+;; The actual communication path between the relevant components is
+;; as follows:
+;;
+;;   gpg --> gpg-agent --> pinentry --> Emacs
+;;
+;; where pinentry and Emacs communicate through a Unix domain socket
+;; created at:
+;;
+;;   ${TMPDIR-/tmp}/emacs$(id -u)/pinentry
+;;
+;; under the same directory which server.el uses.  The protocol is a
+;; subset of the Pinentry Assuan protocol described in (info
+;; "(pinentry) Protocol").
+;;
+;; NOTE: As of June 2015, this feature requires newer versions of
+;; GnuPG (2.1.5+) and Pinentry (not yet released, possibly 0.9.5+).
+;; For details, see the discussion on gnupg-devel mailing list:
+;; <https://lists.gnupg.org/pipermail/gnupg-devel/2015-May/029875.html>.
+
+;;; Code:
+
+(defvar pinentry--server-process nil)
+(defvar pinentry--connection-process-list nil)
+
+(defvar pinentry--labels nil)
+(put 'pinentry-read-point 'permanent-local t)
+(defvar pinentry--read-point nil)
+(put 'pinentry--read-point 'permanent-local t)
+
+;; We use the same location as `server-socket-dir', when local sockets
+;; are supported.
+(defvar pinentry--socket-dir
+  (format "%s/emacs%d" (or (getenv "TMPDIR") "/tmp") (user-uid))
+  "The directory in which to place the server socket.
+If local sockets are not supported, this is nil.")
+
+(defconst pinentry--set-label-commands
+  '("SETPROMPT" "SETTITLE" "SETDESC"
+    "SETREPEAT" "SETREPEATERROR"
+    "SETOK" "SETCANCEL" "SETNOTOK"))
+
+;; These error codes are defined in libgpg-error/src/err-codes.h.in.
+(defmacro pinentry--error-code (code)
+  (logior (lsh 5 24) code))
+(defconst pinentry--error-not-implemented
+  (cons (pinentry--error-code 69) "not implemented"))
+(defconst pinentry--error-cancelled
+  (cons (pinentry--error-code 99) "cancelled"))
+(defconst pinentry--error-not-confirmed
+  (cons (pinentry--error-code 114) "not confirmed"))
+
+(autoload 'server-ensure-safe-dir "server")
+
+;;;###autoload
+(defun pinentry-start ()
+  "Start a Pinentry service.
+
+Once the environment is properly set, subsequent invocations of
+the gpg command will interact with Emacs for passphrase input."
+  (interactive)
+  (unless (featurep 'make-network-process '(:family local))
+    (error "local sockets are not supported"))
+  (if (process-live-p pinentry--server-process)
+      (message "Pinentry service is already running")
+    (let* ((server-file (expand-file-name "pinentry" pinentry--socket-dir)))
+      (server-ensure-safe-dir pinentry--socket-dir)
+      ;; Delete the socket files made by previous server invocations.
+      (ignore-errors
+        (let (delete-by-moving-to-trash)
+          (delete-file server-file)))
+      (setq pinentry--server-process
+            (make-network-process
+             :name "pinentry"
+             :server t
+             :noquery t
+             :sentinel #'pinentry--process-sentinel
+             :filter #'pinentry--process-filter
+             :coding 'no-conversion
+             :family 'local
+             :service server-file))
+      (process-put pinentry--server-process :server-file server-file))))
+
+(defun pinentry-stop ()
+  "Stop a Pinentry service."
+  (interactive)
+  (when (process-live-p pinentry--server-process)
+    (delete-process pinentry--server-process))
+  (setq pinentry--server-process nil)
+  (dolist (process pinentry--connection-process-list)
+    (when (buffer-live-p (process-buffer process))
+      (kill-buffer (process-buffer process))))
+  (setq pinentry--connection-process-list nil))
+
+(defun pinentry--labels-to-shortcuts (labels)
+  "Convert strings in LABEL by stripping mnemonics."
+  (mapcar (lambda (label)
+            (when label
+              (let (c)
+                (if (string-match "\\(?:\\`\\|[^_]\\)_\\([[:alnum:]]\\)" label)
+                    (let ((key (match-string 1 label)))
+                      (setq c (downcase (aref key 0)))
+                      (setq label (replace-match
+                                   (propertize key 'face 'underline)
+                                   t t label)))
+                  (setq c (if (= (length label) 0)
+                              ??
+                            (downcase (aref label 0)))))
+                ;; Double underscores mean a single underscore.
+                (when (string-match "__" label)
+                  (setq label (replace-match "_" t t label)))
+                (cons c label))))
+          labels))
+
+(defun pinentry--escape-string (string)
+  "Escape STRING in the Assuan percent escape."
+  (let ((length (length string))
+        (index 0)
+        (count 0))
+    (while (< index length)
+      (if (memq (aref string index) '(?\n ?\r ?%))
+          (setq count (1+ count)))
+      (setq index (1+ index)))
+    (setq index 0)
+    (let ((result (make-string (+ length (* count 2)) ?\0))
+          (result-index 0)
+          c)
+      (while (< index length)
+        (setq c (aref string index))
+        (if (memq c '(?\n ?\r ?%))
+            (let ((hex (format "%02X" c)))
+              (aset result result-index ?%)
+              (setq result-index (1+ result-index))
+              (aset result result-index (aref hex 0))
+              (setq result-index (1+ result-index))
+              (aset result result-index (aref hex 1))
+              (setq result-index (1+ result-index)))
+          (aset result result-index c)
+          (setq result-index (1+ result-index)))
+        (setq index (1+ index)))
+      result)))
+
+(defun pinentry--unescape-string (string)
+  "Unescape STRING in the Assuan percent escape."
+  (let ((length (length string))
+        (index 0))
+    (let ((result (make-string length ?\0))
+          (result-index 0)
+          c)
+      (while (< index length)
+        (setq c (aref string index))
+        (if (and (eq c '?%) (< (+ index 2) length))
+           (progn
+             (aset result result-index
+                   (string-to-number (substring string
+                                                (1+ index)
+                                                (+ index 3))
+                                     16))
+             (setq result-index (1+ result-index))
+             (setq index (+ index 2)))
+          (aset result result-index c)
+          (setq result-index (1+ result-index)))
+       (setq index (1+ index)))
+      (substring result 0 result-index))))
+
+(defun pinentry--send-data (process escaped)
+  "Send a string ESCAPED to a process PROCESS.
+ESCAPED will be split if it exceeds the line length limit of the
+Assuan protocol."
+  (let ((length (length escaped))
+        (index 0))
+    (if (= length 0)
+        (process-send-string process "D \n")
+      (while (< index length)
+        ;; 997 = ASSUAN_LINELENGTH (= 1000) - strlen ("D \n")
+        (let* ((sub-length (min (- length index) 997))
+               (sub (substring escaped index (+ index sub-length))))
+          (unwind-protect
+              (progn
+                (process-send-string process "D ")
+                (process-send-string process sub)
+                (process-send-string process "\n"))
+            (clear-string sub))
+          (setq index (+ index sub-length)))))))
+
+(defun pinentry--send-error (process error)
+  (process-send-string process (format "ERR %d %s\n" (car error) (cdr error))))
+
+(defun pinentry--process-filter (process input)
+  (unless (buffer-live-p (process-buffer process))
+    (let ((buffer (generate-new-buffer " *pinentry*")))
+      (set-process-buffer process buffer)
+      (with-current-buffer buffer
+        (if (fboundp 'set-buffer-multibyte)
+            (set-buffer-multibyte nil))
+        (make-local-variable 'pinentry--read-point)
+        (setq pinentry--read-point (point-min))
+        (make-local-variable 'pinentry--labels))))
+  (with-current-buffer (process-buffer process)
+    (save-excursion
+      (goto-char (point-max))
+      (insert input)
+      (goto-char pinentry--read-point)
+      (beginning-of-line)
+      (while (looking-at ".*\n")        ;the input line finished
+        (if (looking-at "\\([A-Z_]+\\) ?\\(.*\\)")
+            (let ((command (match-string 1))
+                  (string (pinentry--unescape-string (match-string 2))))
+              (pcase command
+                ((and set (guard (member set pinentry--set-label-commands)))
+                (when (> (length string) 0)
+                  (let* ((symbol (intern (downcase (substring set 3))))
+                         (entry (assq symbol pinentry--labels))
+                         (label (decode-coding-string string 'utf-8)))
+                    (if entry
+                        (setcdr entry label)
+                      (push (cons symbol label) pinentry--labels))))
+                (ignore-errors
+                  (process-send-string process "OK\n")))
+               ("NOP"
+                (ignore-errors
+                  (process-send-string process "OK\n")))
+                ("GETPIN"
+                 (let ((prompt
+                        (or (cdr (assq 'desc pinentry--labels))
+                            (cdr (assq 'prompt pinentry--labels))
+                            ""))
+                      (confirm (not (null (assq 'repeat pinentry--labels))))
+                       entry)
+                   (if (setq entry (assq 'error pinentry--labels))
+                       (setq prompt (concat "Error: "
+                                            (propertize
+                                             (copy-sequence (cdr entry))
+                                             'face 'error)
+                                            "\n"
+                                            prompt)))
+                   (if (setq entry (assq 'title pinentry--labels))
+                       (setq prompt (format "[%s] %s"
+                                            (cdr entry) prompt)))
+                   (if (string-match ":?[ \n]*\\'" prompt)
+                       (setq prompt (concat
+                                     (substring
+                                      prompt 0 (match-beginning 0)) ": ")))
+                   (let (passphrase escaped-passphrase encoded-passphrase)
+                     (unwind-protect
+                         (condition-case nil
+                             (progn
+                               (setq passphrase
+                                    (read-passwd prompt confirm))
+                               (setq escaped-passphrase
+                                     (pinentry--escape-string
+                                      passphrase))
+                               (setq encoded-passphrase (encode-coding-string
+                                                         escaped-passphrase
+                                                         'utf-8))
+                              (ignore-errors
+                                (pinentry--send-data
+                                 process encoded-passphrase)
+                                (process-send-string process "OK\n")))
+                           (error
+                           (ignore-errors
+                             (pinentry--send-error
+                              process
+                              pinentry--error-cancelled))))
+                       (if passphrase
+                           (clear-string passphrase))
+                       (if escaped-passphrase
+                           (clear-string escaped-passphrase))
+                       (if encoded-passphrase
+                           (clear-string encoded-passphrase))))
+                   (setq pinentry--labels nil)))
+                ("CONFIRM"
+                 (let ((prompt
+                        (or (cdr (assq 'desc pinentry--labels))
+                            ""))
+                       (buttons
+                        (pinentry--labels-to-shortcuts
+                         (list (cdr (assq 'ok pinentry--labels))
+                               (cdr (assq 'notok pinentry--labels))
+                              (cdr (assq 'cancel pinentry--labels)))))
+                       entry)
+                   (if (setq entry (assq 'error pinentry--labels))
+                       (setq prompt (concat "Error: "
+                                            (propertize
+                                             (copy-sequence (cdr entry))
+                                             'face 'error)
+                                            "\n"
+                                            prompt)))
+                   (if (setq entry (assq 'title pinentry--labels))
+                       (setq prompt (format "[%s] %s"
+                                            (cdr entry) prompt)))
+                   (if (remq nil buttons)
+                       (progn
+                         (setq prompt
+                               (concat prompt " ("
+                                       (mapconcat #'cdr (remq nil buttons)
+                                                  ", ")
+                                       ") "))
+                         (condition-case nil
+                             (let ((result (read-char prompt)))
+                               (if (eq result (caar buttons))
+                                  (ignore-errors
+                                    (process-send-string process "OK\n"))
+                                 (if (eq result (car (nth 1 buttons)))
+                                    (ignore-errors
+                                      (pinentry--send-error
+                                       process
+                                       pinentry--error-not-confirmed))
+                                  (ignore-errors
+                                    (pinentry--send-error
+                                     process
+                                     pinentry--error-cancelled)))))
+                           (error
+                           (ignore-errors
+                             (pinentry--send-error
+                              process
+                              pinentry--error-cancelled)))))
+                     (if (string-match "[ \n]*\\'" prompt)
+                         (setq prompt (concat
+                                       (substring
+                                        prompt 0 (match-beginning 0)) " ")))
+                     (if (condition-case nil
+                             (y-or-n-p prompt)
+                           (quit))
+                        (ignore-errors
+                          (process-send-string process "OK\n"))
+                      (ignore-errors
+                        (pinentry--send-error
+                         process
+                         pinentry--error-not-confirmed))))
+                   (setq pinentry--labels nil)))
+                (_ (ignore-errors
+                    (pinentry--send-error
+                     process
+                     pinentry--error-not-implemented))))
+              (forward-line)
+              (setq pinentry--read-point (point))))))))
+
+(defun pinentry--process-sentinel (process _status)
+  "The process sentinel for Emacs server connections."
+  ;; If this is a new client process, set the query-on-exit flag to nil
+  ;; for this process (it isn't inherited from the server process).
+  (when (and (eq (process-status process) 'open)
+            (process-query-on-exit-flag process))
+    (push process pinentry--connection-process-list)
+    (set-process-query-on-exit-flag process nil)
+    (ignore-errors
+      (process-send-string process "OK Your orders please\n")))
+  ;; Kill the process buffer of the connection process.
+  (when (and (not (process-contact process :server))
+            (eq (process-status process) 'closed))
+    (when (buffer-live-p (process-buffer process))
+      (kill-buffer (process-buffer process)))
+    (setq pinentry--connection-process-list
+         (delq process pinentry--connection-process-list)))
+  ;; Delete the associated connection file, if applicable.
+  ;; Although there's no 100% guarantee that the file is owned by the
+  ;; running Emacs instance, server-start uses server-running-p to check
+  ;; for possible servers before doing anything, so it *should* be ours.
+  (and (process-contact process :server)
+       (eq (process-status process) 'closed)
+       (ignore-errors
+        (delete-file (process-get process :server-file)))))
+
+(provide 'pinentry)
+
+;;; pinentry.el ends here