tGpg : Yet another plugin for encrypting files with gpg
| script karma
Downloaded by 1875
Comments, bugs, improvements
|This plugin currently can do the following:
- encrypt symmetrically
- encrypt asymmetrically
- clearsign buffer contents
I couldn't get any of the existing gpg plugins to work properly (windows
Gvim & cygwin gpg) and do all the things I wanted it to do, so I wrote
this one. The main purpose is to perform symmetric encryption (the
default) but it's flexible enough to do also clearsign and asymmetric
encryption. Depending on your version of gpg, this script could also
be used as some kind of password safe.
You can set g:tgpgMode or b:tgpgMode to 'encrypt' for switching to
asymmetric encryption as default. You can also control the use of
symmetric and asymmetric encryption by setting set
g:tgpgPattern_symmetric and g:tgpgPattern_encrypt.
This plugin passes the passphrase on the command line to the gpg
programm. So, it could be possible that somebody makes the passphrase
show up in some command log. Under some circumstances it could also be
possible that some info (eg the recipients) is logged in your viminfo
file. If you clearsign a message, the plain text will be written to
disk. Ie, if you clearsign a gpg encrypted message, the text will
temporarily be written to disk as plain text -- please keep in mind the
vast range of possible consequences.
This plugin uses the (Buf|File)(Read|Write)Cmd autocommand events to
write/read the file. I'm not sure how this works out with other plugins
using these events.
As I don't like typing passphrases, this plugin caches all the
passphrases entered in a script local variable. This means that
passphrases are likely to be written to the swapfile, from where
somebody somehow could possibly do something ... Set g:tgpgCachePW to 1
(buffer-wise caching only) or 0 (no caching) to change this.
This plugin was tested with Windows GVim & cygwin gpg 1.4.5 (using bash
as shell) as well as linux vim & gpg 1.4.5. It's possible that the use
of a pure Windows version of gpg or cmd.exe as shell doesn't work.
(Please report problems.)
If you get a message telling you about gpg command line options instead
of the decrypted file, please check the value of g:tgpgShellQuote.
If writing fails, it's possible that you end up with a corrupted or
empty file. That's why we make backups by default. Set g:tgpgBackup
to 0 to change this.
|Copy to ~/.vim/plugin/ or similar.
This plugin currently is somewhat experimental. Don't blame me if you end up with a file you can't decrypt anymore.
You might also want to try vimscript#661 if you don't like this plugin.
Also available via git
Rating scripts is only available on the
script versions (upload new version)
Click on the package to download.
ip used for rating: 126.96.36.199
||/bb- Reset cached passwords after g:tgpg_timeout seconds without access
- If g:tgpg_gpg_md5_sum is set, check gpg's checksum via
g:tgpg_gpg_md5_check before doing anything.
- The gpg program must be configured via g:tgpg_gpg_cmd.
- Make sure certain options (e.g., verbosefile, verbose) are set to
predefined values during read/write, see g:tgpg_options.
- Reset registers when unloading the buffer (this should prevent
information copied to the clipboard to be written to the viminfo file;
as it may have unintended consequences, you can turn it off by setting
g:tgpg_registers to '')
- randomized replacement tables for encryption
||- Changed command template syntax
- The user is now queried for information only as required by the command template
- Changed default value of g:tgpgTempSuffix
- Removed recipients from the clearsign template
- Make sure we're in the right buffer
- Enable buffer local command line options (eg b:tgpgWrite_symmetric_*_options)
||- Made the cache a script local variable.
- Let user retype passwords when writing a file with a new or changed passphrase.
- Display a warning if the size of the output file is 0 & revert to old file.
- Keep the original when writing.
- Run BufRead autocommands on filename root after reading the buffer.