* org-crypt.el --- Public key encryption for org-mode entries
@ 2007-09-29 3:48 John Wiegley
2007-09-29 17:53 ` Jason F. McBrayer
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: John Wiegley @ 2007-09-29 3:48 UTC (permalink / raw)
To: emacs-orgmode
The following code is preliminary, but gets the job done in my simple tests.
Now's the time to beat down on, and refine, the user interface and behavior.
John
;;; org-crypt.el --- Public key encryption for org-mode entries
;; Copyright (C) 2007 John Wiegley <johnw@gnu.org>
;; Emacs Lisp Archive Entry
;; Filename: org-crypt.el
;; Version: 0.1
;; Keywords: org-mode
;; Author: John Wiegley <johnw@gnu.org>
;; Maintainer: John Wiegley <johnw@gnu.org>
;; Description: Adds public key encryption to org-mode buffers
;; URL: http://www.newartisans.com/software/emacs.html
;; Compatibility: Emacs22
;; This file is not part of GNU Emacs.
;; This is free software; you can redistribute it and/or modify it under
;; the terms of the GNU General Public License as published by the Free
;; Software Foundation; either version 2, or (at your option) any later
;; version.
;;
;; This is distributed in the hope that it will be useful, but WITHOUT
;; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
;; FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
;; for more details.
;;
;; You should have received a copy of the GNU General Public License
;; along with GNU Emacs; see the file COPYING. If not, write to the
;; Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
;; MA 02111-1307, USA.
;;; Commentary:
;; Right now this is just a set of functions to play with. It depends on the
;; epg library. Here's how you would use it:
;;
;; 1. To mark an entry for encryption, use `M-x org-set-property' to set the
;; property CRYPTKEY to any address in your public keyring. The text of
;; the entry (but not its properties or headline) will be encrypted for
;; this user. For them to read it, the corresponding secret key must be
;; located in the secret key ring of the account where you try to decrypt
;; it. This makes it possible to leave secure notes that only the intended
;; recipient can read in a shared-org-mode-files scenario.
;;
;; 2. Next, at the top of your org-mode buffer, add this line:
;;
;; -*- mode: org; after-save-hook: (org-encrypt-entries) -*-
;;
;; This ensures that entries marked for encryption are encrypted whenever
;; the file is saved. If you want encryption to be manual, use `M-x
;; org-encrypt-entries'. Note that in this version -- mainly because I
;; don't know epg.el better -- you will be asked for your password for
;; every entry that needs encryption.
;;
;; 3. To later decrypt an entry, use `M-x org-decrypt-entry'. It might be
;; useful to bind this to a key, like C-c C-/. I hope that in the future,
;; C-c C-r can be might overloaded to also decrypt an entry if it's
;; encrypted, since that fits nicely with the meaning of "reveal".
(require 'epg)
(defun org-encrypt-entries ()
(interactive)
(save-excursion
(goto-char (point-min))
(while (not (eobp))
(outline-next-heading)
(let* ((props (org-entry-properties))
(crypt-key (and props (cdr (assoc "CRYPTKEY" props)))))
(when (and crypt-key (stringp crypt-key))
(forward-line)
(unless (looking-at "-----BEGIN PGP MESSAGE-----")
(let* ((begin (point))
(end (save-excursion
(goto-char (car (org-get-property-block begin)))
(forward-line -1)
(point)))
(epg-context (epg-make-context nil t t))
(encrypted-text
(epg-encrypt-string
epg-context
(buffer-substring-no-properties begin end)
(epg-list-keys epg-context crypt-key) t)))
(delete-region begin end)
(insert encrypted-text))))))))
(defun org-decrypt-entry ()
(interactive)
(save-excursion
(let* ((props (org-entry-properties))
(crypt-key (and props (cdr (assoc "CRYPTKEY" props)))))
(when (and crypt-key (stringp crypt-key))
(org-back-to-heading t)
(forward-line)
(when (looking-at "-----BEGIN PGP MESSAGE-----")
(let* ((begin (point))
(end (save-excursion
(goto-char (car (org-get-property-block begin)))
(forward-line -1)
(point)))
(epg-context (epg-make-context nil t t))
(decrypted-text
(epg-decrypt-string
epg-context
(buffer-substring-no-properties begin end))))
(delete-region begin end)
(insert decrypted-text)))))))
(provide 'org-crypt)
;;; org-crypt.el ends here
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: org-crypt.el --- Public key encryption for org-mode entries
2007-09-29 3:48 org-crypt.el --- Public key encryption for org-mode entries John Wiegley
@ 2007-09-29 17:53 ` Jason F. McBrayer
2007-09-29 23:38 ` John Wiegley
2007-12-29 20:19 ` Adam Spiers
2010-03-21 7:18 ` Carsten Dominik
2 siblings, 1 reply; 5+ messages in thread
From: Jason F. McBrayer @ 2007-09-29 17:53 UTC (permalink / raw)
To: John Wiegley; +Cc: emacs-orgmode
John Wiegley <johnw@newartisans.com> writes:
> The following code is preliminary, but gets the job done in my
> simple tests. Now's the time to beat down on, and refine, the user
> interface and behavior.
This is a very nifty idea. It might be an idea for someone setting up
org-crypt to do something like:
(eval-after-load "org-crypt"
(add-hook 'org-mode-hook
(lambda nil (add-hook
'after-save-hook
'org-encrypt-entries
nil t))))
(This is untested, could be wrong in some way).
Rather than rely on setting a local variable list in their org-mode
files.
--
+-----------------------------------------------------------+
| Jason F. McBrayer jmcbray@carcosa.net |
| If someone conquers a thousand times a thousand others in |
| battle, and someone else conquers himself, the latter one |
| is the greatest of all conquerors. --- The Dhammapada |
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: org-crypt.el --- Public key encryption for org-mode entries
2007-09-29 17:53 ` Jason F. McBrayer
@ 2007-09-29 23:38 ` John Wiegley
0 siblings, 0 replies; 5+ messages in thread
From: John Wiegley @ 2007-09-29 23:38 UTC (permalink / raw)
To: emacs-orgmode
jmcbray@carcosa.net (Jason F. McBrayer) writes:
> This is a very nifty idea. It might be an idea for someone setting up
> org-crypt to do something like:
>
> (eval-after-load "org-crypt"
> (add-hook 'org-mode-hook
> (lambda nil (add-hook
> 'after-save-hook
> 'org-encrypt-entries
> nil t))))
>
> (This is untested, could be wrong in some way).
You just need to change the top:
(eval-after-load "org-crypt"
'(add-hook 'org-mode-hook
John
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: org-crypt.el --- Public key encryption for org-mode entries
2007-09-29 3:48 org-crypt.el --- Public key encryption for org-mode entries John Wiegley
2007-09-29 17:53 ` Jason F. McBrayer
@ 2007-12-29 20:19 ` Adam Spiers
2010-03-21 7:18 ` Carsten Dominik
2 siblings, 0 replies; 5+ messages in thread
From: Adam Spiers @ 2007-12-29 20:19 UTC (permalink / raw)
To: emacs-orgmode
On Fri, Sep 28, 2007 at 11:48:34PM -0400, John Wiegley wrote:
> The following code is preliminary, but gets the job done in my simple tests.
> Now's the time to beat down on, and refine, the user interface and behavior.
[snipped]
I gave this a go and the basic functionality works fine for me,
thanks! As you are obviously aware from the above, there are issues
with the interface; here's an independent perspective on the gaps
which I would personally prefer to see prioritised first:
- Only text before, not after, the CRYPTKEY property gets encrypted.
- I couldn't get property inheritance to work at all via
(setq org-use-property-inheritance '("CRYPTKEY"))
(as per my other post in the last hour, this is not possible via
the normal Customization UI) but maybe I'm misunderstanding
something about how it's supposed to work. The goal would be to
support encryption of a whole subtree, e.g.
* PROJECT top s3kr1t!
:PROPERTIES:
:CRYPTKEY: 7A2F2DDC
:END:
Here beginneth the classified dossier.
** If anyone sees this it means Global Thermonuclear War
*** How about a nice game of chess?
** (and the universe might implode too)
- org-decrypt-entry leaves a PGP block in there - is that necessary?
- Local variable-based customisation of `after-save-hook' is not
ideal because it overrides any global hooks.
- Unless I'm missing something, shouldn't it be `before-save-hook'
instead? Currently, you save the buffer, it encrypts entries,
then you have to hit save again.
- Ideally the user would never see the PGP blocks from within emacs,
only by looking at the raw file saved on disk. Could a first
appromixation to this could be achieved by having
`before-save-hook' encrypt all entries, and `after-save-hook'
decrypt them all again?
It may be worth observing that despite your comment:
;; If you want encryption to be manual, use `M-x
;; org-encrypt-entries'. Note that in this version -- mainly because I
;; don't know epg.el better -- you will be asked for your password for
;; every entry that needs encryption.
I did not experience this; this is almost certainly because I already
had a GPG agent daemon running, `use-agent' in my ~/.gnupg/options,
and emacs was invoked from a shell in such a way as to guarantee that
it inherited the correct value of $GPG_AGENT_INFO. So from a
usability perspective it is not a particularly pressing issue that you
have coded it this way.
Hope this is of use, and thanks again for putting 0.1 out there!
Adam
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: org-crypt.el --- Public key encryption for org-mode entries
2007-09-29 3:48 org-crypt.el --- Public key encryption for org-mode entries John Wiegley
2007-09-29 17:53 ` Jason F. McBrayer
2007-12-29 20:19 ` Adam Spiers
@ 2010-03-21 7:18 ` Carsten Dominik
2 siblings, 0 replies; 5+ messages in thread
From: Carsten Dominik @ 2010-03-21 7:18 UTC (permalink / raw)
To: John Wiegley; +Cc: emacs-orgmode
On Sep 29, 2007, at 5:48 AM, John Wiegley wrote:
> The following code is preliminary, but gets the job done in my
> simple tests.
> Now's the time to beat down on, and refine, the user interface and
> behavior.
[...]
> ;; 3. To later decrypt an entry, use `M-x org-decrypt-entry'. It
> might be
> ;; useful to bind this to a key, like C-c C-/. I hope that in
> the future,
> ;; C-c C-r can be might overloaded to also decrypt an entry if it's
> ;; encrypted, since that fits nicely with the meaning of "reveal".
This is now the case, when org-crypt is loaded, C-c C-r will also
decrypt.
- Carsten
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2010-03-21 7:18 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-09-29 3:48 org-crypt.el --- Public key encryption for org-mode entries John Wiegley
2007-09-29 17:53 ` Jason F. McBrayer
2007-09-29 23:38 ` John Wiegley
2007-12-29 20:19 ` Adam Spiers
2010-03-21 7:18 ` Carsten Dominik
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).