From 7484c933aab704222d923b56ce134d2728ec2da9 Mon Sep 17 00:00:00 2001 From: Ken Manheimer Date: Fri, 26 Nov 2010 16:34:17 -0500 Subject: [PATCH] Elide passphrase caching provisions in preparation for migration from PGG to EPA. Doing elisions with ";;PGG " so they can be found and removed when i'm ready to finalize the transition. (allout-toggle-current-subtree-encryption): Mark docstring references to passphrase cache. (The marker is not effective as a comment within the docstring, but they purpose is to be found and removed before release, so tidiness is not necessary.) Conform to changing allout-encrypt-string call signature. (allout-encrypt-string): Remove fetch-pass argument from call signature. Mark description for removal from docstring. Require 'epa. Establish not-yet-used epg-context with armoring. Use epg-protocol as basis for the key description, instead of pgg-scheme or pgg-default-scheme. Elide all references to target-cache-id, and replace with value of for-key where appropriate. Elide all uses of fetch-pass. Elide all passphrase cache evictions. (allout-obtain-passphrase): Remove passphrase-cache-related parameters - cache-id and fetch-pass - from signature and from docstring. Use for-key instead of cache-id in pgg-read-passphrase. Elide all passphrase cache evictions. Adjust for allout-encrypt-string call signature changes. (allout-create-encryption-passphrase-verifier): Adjust for allout-encrypt-string call signature changes. (allout-verify-passphrase): Adjust for allout-encrypt-string call signature changes. --- lisp/allout.el | 160 ++++++++++++++++++++++++++++--------------------- 1 file changed, 91 insertions(+), 69 deletions(-) diff --git a/lisp/allout.el b/lisp/allout.el index fa940528b59..50c2bb194a1 100644 --- a/lisp/allout.el +++ b/lisp/allout.el @@ -44,8 +44,8 @@ ;; mnemonic support, with verification against an established passphrase ;; (using a stashed encrypted dummy string) and user-supplied hint ;; maintenance. (See allout-toggle-current-subtree-encryption docstring. -;; Currently only GnuPG encryption is supported, and integration -;; with gpg-agent is not yet implemented.) +;; Currently only GnuPG encryption is supported +;;PGG and integration with gpg-agent is not yet implemented.) ;; - Automatic topic-number maintenance ;; - "Hot-spot" operation, for single-keystroke maneuvering and ;; exposure control (see the allout-mode docstring) @@ -6006,10 +6006,8 @@ it forces prompting for the passphrase regardless of availability from the passphrase cache. With no universal argument, the appropriate passphrase is obtained from the cache, if available, else from the user. -Only GnuPG encryption is supported. - -\*NOTE WELL* that the encrypted text must be ascii-armored. For gnupg -encryption, include the option ``armor'' in your ~/.gnupg/gpg.conf file. +Allout uses emacs 'epg' libary to perform encryption. Allout +encrypts with ascii armoring. Both symmetric-key and key-pair encryption is implemented. Symmetric is the default, use a single (x4) universal argument for keypair mode. @@ -6035,8 +6033,8 @@ encrypted. If you want to encrypt the contents of a top-level topic, use The encryption passphrase is solicited if not currently available in the passphrase cache from a recent encryption action. -The solicited passphrase is retained for reuse in a cache, if enabled. See -`pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' for details. +;;PGG The solicited passphrase is retained for reuse in a cache, if enabled. See +;;PGG `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' for details. Symmetric Passphrase Hinting and Verification @@ -6079,8 +6077,7 @@ is obtained from the cache, if available, else from the user. Currently only GnuPG encryption is supported, and integration with gpg-agent is not yet implemented. -\**NOTE WELL** that the encrypted text must be ascii-armored. For gnupg -encryption, include the option ``armor'' in your ~/.gnupg/gpg.conf file. +NOTE that the encrypted text will be ascii-armored. See `allout-toggle-current-subtree-encryption' for more details." @@ -6154,7 +6151,9 @@ See `allout-toggle-current-subtree-encryption' for more details." (setq result-text (allout-encrypt-string subject-text was-encrypted (current-buffer) - for-key-type for-key-identity fetch-pass)) + for-key-type for-key-identity + ;;PGG fetch-pass + )) ;; Replace the subtree with the processed product. (allout-unprotected @@ -6186,23 +6185,25 @@ See `allout-toggle-current-subtree-encryption' for more details." (run-hook-with-args 'allout-structure-added-hook bullet-pos subtree-end)))) ;;;_ > allout-encrypt-string (text decrypt allout-buffer key-type for-key -;;; fetch-pass &optional retried verifying +;;; ;;PGG fetch-pass +;;; &optional retried verifying ;;; passphrase) (defun allout-encrypt-string (text decrypt allout-buffer key-type for-key - fetch-pass &optional retried rejected + ;;PGG fetch-pass + &optional retried rejected verifying passphrase) "Encrypt or decrypt message TEXT. If DECRYPT is true (default false), then decrypt instead of encrypt. -FETCH-PASS (default false) forces fresh prompting for the passphrase. - KEY-TYPE, either `symmetric' or `keypair', specifies which type of cypher to use. FOR-KEY is human readable identification of the first of the user's eligible secret keys a keypair decryption targets, or else nil. +;;PGG FETCH-PASS (default false) forces fresh prompting for the passphrase. + Optional RETRIED is for internal use -- conveys the number of failed keys that have been solicited in sequence leading to this current call. @@ -6216,26 +6217,28 @@ rejections due to matches against Returns the resulting string, or nil if the transformation fails." + (require 'epa) (require 'pgg) - (let* ((scheme (upcase - (format "%s" (or pgg-scheme pgg-default-scheme "GPG")))) + (let* ((epg-context (epg-make-context epa-protocol t)) + ;;PGG (scheme (upcase + ;;PGG (format "%s" (or pgg-scheme pgg-default-scheme "GPG")))) (for-key (and (equal key-type 'keypair) (or for-key (split-string (read-string (format "%s message recipients: " - scheme)) + epa-protocol)) "[ \t,]+")))) (target-prompt-id (if (equal key-type 'keypair) (if (= (length for-key) 1) (car for-key) for-key) (buffer-name allout-buffer))) - (target-cache-id (format "%s-%s" - key-type - (if (equal key-type 'keypair) - target-prompt-id - (or (buffer-file-name allout-buffer) - target-prompt-id)))) + ;;PGG (target-cache-id (format "%s-%s" + ;;PGG key-type + ;;PGG (if (equal key-type 'keypair) + ;;PGG target-prompt-id + ;;PGG (or (buffer-file-name allout-buffer) + ;;PGG target-prompt-id)))) (encoding (with-current-buffer allout-buffer buffer-file-coding-system)) (multibyte (with-current-buffer allout-buffer @@ -6254,9 +6257,9 @@ Returns the resulting string, or nil if the transformation fails." result-text status ) - (if (and fetch-pass (not passphrase)) - ;; Force later fetch by evicting passphrase from the cache. - (pgg-remove-passphrase-from-cache target-cache-id t)) + ;;PGG (if (and fetch-pass (not passphrase)) + ;;PGG ;; Force later fetch by evicting passphrase from the cache. + ;;PGG (pgg-remove-passphrase-from-cache target-cache-id t)) (catch 'encryption-failed @@ -6264,11 +6267,13 @@ Returns the resulting string, or nil if the transformation fails." (if (and (not passphrase) (not (equal key-type 'keypair))) (setq passphrase (allout-obtain-passphrase for-key - target-cache-id + ;;PGG target-cache-id target-prompt-id key-type allout-buffer - retried fetch-pass))) + retried + ;;PGG fetch-pass + ))) (with-temp-buffer @@ -6307,7 +6312,7 @@ Returns the resulting string, or nil if the transformation fails." ;; failed -- handle passphrase caching (if verifying (throw 'encryption-failed nil) - (pgg-remove-passphrase-from-cache target-cache-id t) + ;;PGG (pgg-remove-passphrase-from-cache target-cache-id t) (error "Symmetric-cipher %scryption failed -- %s" (if decrypt "de" "en") "try again with different passphrase")))) @@ -6322,7 +6327,7 @@ Returns the resulting string, or nil if the transformation fails." (if status (pgg-situate-output (point-min) (point-max)) - (error (pgg-remove-passphrase-from-cache target-cache-id t) + (error ;;PGG (pgg-remove-passphrase-from-cache target-cache-id t) (error "encryption failed")))) ;; decrypt `keypair': @@ -6333,7 +6338,7 @@ Returns the resulting string, or nil if the transformation fails." (if status (pgg-situate-output (point-min) (point-max)) - (error (pgg-remove-passphrase-from-cache target-cache-id t) + (error ;;PGG (pgg-remove-passphrase-from-cache target-cache-id t) (error "decryption failed"))))) (setq result-text @@ -6346,9 +6351,10 @@ Returns the resulting string, or nil if the transformation fails." (if verifying nil ;; transform was fruitless, retry w/new passphrase. - (pgg-remove-passphrase-from-cache target-cache-id t) + ;;PGG (pgg-remove-passphrase-from-cache target-cache-id t) (allout-encrypt-string text decrypt allout-buffer - key-type for-key nil + key-type for-key + ;;PGG nil (if retried (1+ retried) 1) rejected verifying nil))) @@ -6369,7 +6375,8 @@ Returns the resulting string, or nil if the transformation fails." allout-encryption-ciphertext-rejection-ceiling 'allout-encryption-ciphertext-rejection-regexps) (allout-encrypt-string text decrypt allout-buffer - key-type for-key nil + key-type for-key + ;;PGG nil retried (1+ rejected) verifying passphrase))) ;; Barf if encryption yields extraordinary control chars: @@ -6381,18 +6388,18 @@ Returns the resulting string, or nil if the transformation fails." ;; valid result and just verifying or non-symmetric: ((or verifying (not (equal key-type 'symmetric))) - (if (or verifying decrypt) - (pgg-add-passphrase-to-cache target-cache-id - passphrase t)) + ;;PGG (if (or verifying decrypt) + ;;PGG (pgg-add-passphrase-to-cache target-cache-id + ;;PGG passphrase t)) result-text) ;; valid result and regular symmetric -- "register" ;; passphrase with mnemonic aids/cache. (t (set-buffer allout-buffer) - (if passphrase - (pgg-add-passphrase-to-cache target-cache-id - passphrase t)) + ;;PGG (if passphrase + ;;PGG (pgg-add-passphrase-to-cache target-cache-id + ;;PGG passphrase t)) (allout-update-passphrase-mnemonic-aids for-key passphrase allout-buffer) result-text) @@ -6400,11 +6407,14 @@ Returns the resulting string, or nil if the transformation fails." ) ) ) -;;;_ > allout-obtain-passphrase (for-key cache-id prompt-id key-type -;;; allout-buffer retried fetch-pass) -(defun allout-obtain-passphrase (for-key cache-id prompt-id key-type - allout-buffer retried fetch-pass) - "Obtain passphrase for a key from the cache or else from the user. +;;;_ > allout-obtain-passphrase (for-key ;;PGG cache-id +;;; prompt-id key-type allout-buffer retried +;;; ;;PGG fetch-pass) +(defun allout-obtain-passphrase (for-key ;;PGG cache-id + prompt-id key-type allout-buffer retried + ;;fetch-pass + ) + "Obtain passphrase for a key from the user. When obtaining from the user, symmetric-cipher passphrases are verified against either, if available and enabled, a random string that was @@ -6413,7 +6423,7 @@ user for corroboration. FOR-KEY is the key for which the passphrase is being obtained. -CACHE-ID is the cache id of the key for the passphrase. +;;PGG CACHE-ID is the cache id of the key for the passphrase. PROMPT-ID is the id for use when prompting the user. @@ -6423,8 +6433,9 @@ ALLOUT-BUFFER is the buffer containing the entry being en/decrypted. RETRIED is the number of this attempt to obtain this passphrase. -FETCH-PASS causes the passphrase to be solicited from the user, regardless -of the availability of a cached copy." +;;PGG FETCH-PASS causes the passphrase to be solicited from the user, regardless +;;PGG of the availability of a cached copy. +" (if (not (equal key-type 'symmetric)) ;; do regular passphrase read on non-symmetric passphrase: @@ -6435,7 +6446,8 @@ of the availability of a cached copy." (if prompt-id (format " for %s" prompt-id) "")) - cache-id t) + for-key ;;PGG cache-id + t) ;; Symmetric hereon: @@ -6455,10 +6467,12 @@ of the availability of a cached copy." (prompt full-prompt) (verifier-string (allout-get-encryption-passphrase-verifier)) - (cached (and (not fetch-pass) - (pgg-read-passphrase-from-cache cache-id t))) - (got-pass (or cached - (pgg-read-passphrase full-prompt cache-id t))) + ;;PGG (cached (and (not fetch-pass) + ;;PGG (pgg-read-passphrase-from-cache cache-id t))) + (got-pass ;;PGG (or cached + (pgg-read-passphrase full-prompt ;;PGG cache-id + for-key t)) + ;;PGG ) confirmation) (if (not got-pass) @@ -6471,8 +6485,9 @@ of the availability of a cached copy." (cond (verifier-string (save-window-excursion (if (allout-encrypt-string verifier-string 'decrypt - allout-buffer 'symmetric - for-key nil 0 0 'verifying + allout-buffer 'symmetric for-key + ;;PGG nil + 0 0 'verifying (copy-sequence got-pass)) (setq confirmation (format "%s" got-pass)))) @@ -6483,33 +6498,38 @@ of the availability of a cached copy." ;; deactivate password for subsequent ;; confirmation: (progn - (pgg-remove-passphrase-from-cache cache-id t) + ;;PGG (pgg-remove-passphrase-from-cache cache-id t) (setq prompt prompt-sans-hint) nil) t)) - (progn (pgg-remove-passphrase-from-cache cache-id t) - (error "Wrong passphrase")))) + ;;PGG (progn (pgg-remove-passphrase-from-cache cache-id t) + (error "Wrong passphrase"))) + ;;PGG) ;; No verifier string -- force confirmation by repetition of ;; (new) passphrase: - ((or fetch-pass (not cached)) - (pgg-remove-passphrase-from-cache cache-id t)))) + ;;PGG ((or fetch-pass (not cached)) + ;;PGG (pgg-remove-passphrase-from-cache cache-id t))) + ) ;; confirmation vs new input -- doing pgg-read-passphrase will do the ;; right thing, in either case: (if (not confirmation) (setq confirmation (pgg-read-passphrase (concat prompt " ... confirm spelling: ") - cache-id t))) + ;;PGG cache-id + for-key t))) (prog1 (if (equal got-pass confirmation) confirmation (if (yes-or-no-p (concat "spelling of original and" " confirmation differ -- retry? ")) (progn (setq retried (if retried (1+ retried) 1)) - (pgg-remove-passphrase-from-cache cache-id t) + ;;PGG (pgg-remove-passphrase-from-cache cache-id + for-key t) ;; recurse to this routine: - (pgg-read-passphrase prompt-sans-hint cache-id t)) - (pgg-remove-passphrase-from-cache cache-id t) + (pgg-read-passphrase prompt-sans-hint ;;PGG cache-id + for-key t)) + ;;PGG (pgg-remove-passphrase-from-cache cache-id t) (error "Confirmation failed")))))))) ;;;_ > allout-encrypted-topic-p () (defun allout-encrypted-topic-p () @@ -6562,8 +6582,9 @@ An error is raised if the text is not encrypted." (let ((spew (make-string 20 ?\0))) (dotimes (i (length spew)) (aset spew i (1+ (random 254)))) - (allout-encrypt-string spew nil (current-buffer) 'symmetric - nil nil 0 0 passphrase)) + (allout-encrypt-string spew nil (current-buffer) 'symmetric nil + ;;PGG nil + nil 0 0 passphrase)) ) ;;;_ > allout-update-passphrase-mnemonic-aids (for-key passphrase ;;; outline-buffer) @@ -6640,8 +6661,9 @@ Derived from value of `allout-passphrase-verifier-string'." (and (boundp 'allout-passphrase-verifier-string) allout-passphrase-verifier-string (allout-encrypt-string (allout-get-encryption-passphrase-verifier) - 'decrypt allout-buffer 'symmetric - key nil 0 0 'verifying passphrase) + 'decrypt allout-buffer 'symmetric key + ;;PGG nil + 0 0 'verifying passphrase) t))) ;;;_ > allout-next-topic-pending-encryption (&optional except-mark) (defun allout-next-topic-pending-encryption (&optional except-mark) -- 2.39.5