On Thu, Oct 06, 2005 at 06:41:14PM -0400, Ken Manheimer wrote: > which) involve this pgg code with sascha's most recent symmetric-key > extensions patch (emacs-pgg-symmetric.patch-03) applied (by hand - > couldn't get it to work using 'patch').
hmm, strange, I just applied the patch to a fresh GNU emacs cvs checkout w/o any problems -- only one changelog hunk failed, no wonder, the changelogs are constantly changing... ;-) > 1. my most serious concern is with the unpatched pgg code. the text that > it encrypts is altered from the original, in order to append \r carriage > returns to the text (using pgg-as-lbt / pgg-convert-lbt). > > the problem with this is that decryption on unix-ish platforms with > anything other than pgg will result in text that is different than the > original. This is supposed to be a feature, not a bug. But read on, there actually _is_ a bug in PGG... Please note RfC 2440 5.9.: The last sentence gives a short summary on the subject Text data is stored with <CR><LF> text endings (i.e. network-normal line endings). These should be converted to native line endings by the receiving software. As PGG tries to implement RfC conform OpenPGP, and it handles is text, not binary data, this always applies. Please read also on the `--textmode' option of gpg. THE BUG: pgg does the newline conversion by it self (I'm not quite sure why) but fails to tell the backend (gpg) that it should operate in textmode, so the Data Packet is tagged as binary, not text data... Please try if the appended patch (only against pgg-gpg.el) fixes this issue. [passphrase caching] As I'm short of time, I'll look into this issues later, sorry... > 4. in the patched version, the symmetric encryption does not replace the > original text with the encrypted text - it's only available in the > hidden " *PGG output*" buffer, but not put in place. I think, you want to use `pgg-encrypt-symmetric-region', which encapsulates the backend function `pgg-gpg-encrypt-symmetric-region' and puts the encrypted text in place. cheers sascha -- Sascha Wilde A conclusion is simply the place where someone got tired of thinking.
*** pgg-gpg.el 09 Aug 2005 12:53:45 +0200 1.6
--- pgg-gpg.el 07 Okt 2005 11:47:44 +0200
***************
*** 4,9 ****
--- 4,10 ----
;; 2005 Free Software Foundation, Inc.
;; Author: Daiki Ueno <[EMAIL PROTECTED]>
+ ;; Symmetric encryption added by: Sascha Wilde <[EMAIL PROTECTED]>
;; Created: 1999/10/28
;; Keywords: PGP, OpenPGP, GnuPG
***************
*** 150,156 ****
pgg-gpg-user-id)))
(args
(append
! (list "--batch" "--armor" "--always-trust" "--encrypt")
(if sign (list "--sign" "--local-user" pgg-gpg-user-id))
(if recipients
(apply #'nconc
--- 151,157 ----
pgg-gpg-user-id)))
(args
(append
! (list "--batch" "--textmode" "--armor" "--always-trust" "--encrypt")
(if sign (list "--sign" "--local-user" pgg-gpg-user-id))
(if recipients
(apply #'nconc
***************
*** 169,174 ****
--- 170,185 ----
(pgg-gpg-possibly-cache-passphrase passphrase)))
(pgg-process-when-success)))
+ (defun pgg-gpg-encrypt-symmetric-region (start end)
+ "Encrypt the current region between START and END with symmetric cipher."
+ (let* ((passphrase
+ (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: "))
+ (args
+ (append (list "--batch" "--textmode" "--armor" "--symmetric" ))))
+ (pgg-as-lbt start end 'CRLF
+ (pgg-gpg-process-region start end passphrase pgg-gpg-program args))
+ (pgg-process-when-success)))
+
(defun pgg-gpg-decrypt-region (start end)
"Decrypt the current region between START and END."
(let* ((current-buffer (current-buffer))
***************
*** 180,186 ****
(pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id))
(passphrase
(pgg-read-passphrase
! (format "GnuPG passphrase for %s: " pgg-gpg-user-id)
pgg-gpg-user-id))
(args '("--batch" "--decrypt")))
(pgg-gpg-process-region start end passphrase pgg-gpg-program args)
--- 191,200 ----
(pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id))
(passphrase
(pgg-read-passphrase
! (format (if (pgg-gpg-symmetric-key-p message-keys)
! "Passphrase for symmetric dencryption: "
! "GnuPG passphrase for %s: ")
! pgg-gpg-user-id)
pgg-gpg-user-id))
(args '("--batch" "--decrypt")))
(pgg-gpg-process-region start end passphrase pgg-gpg-program args)
***************
*** 189,194 ****
--- 203,215 ----
(goto-char (point-min))
(re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t))))
+ (defun pgg-gpg-symmetric-key-p (message-keys)
+ "Check if MESSAGE-KEYS contains a symmetric encryption indicator."
+ (dolist (key message-keys result)
+ (when (and (eq (car key) 3)
+ (member '(symmetric-key-algorithm) key))
+ (setq result key))))
+
(defun pgg-gpg-select-matching-key (message-keys secret-keys)
"Choose a key from MESSAGE-KEYS that matches one of the keys in
SECRET-KEYS."
(loop for message-key in message-keys
pgp2InlvZrsP8.pgp
Description: PGP signature
_______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel
