sponsor Vim development Vim logo Vim Book Ad

tGpg : Yet another plugin for encrypting files with gpg

 script karma  Rating 14/5, Downloaded by 2505  Comments, bugs, improvements  Vim wiki

created by
Tom Link
script type
This plugin currently can do the following:
    - encrypt symmetrically
    - encrypt asymmetrically
    - clearsign buffer contents

I couldn't get any of the existing gpg plugins to work properly (windows
Gvim & cygwin gpg) and do all the things I wanted it to do, so I wrote
this one. The main purpose is to perform symmetric encryption (the
default) but it's flexible enough to do also clearsign and asymmetric
encryption. Depending on your version of gpg, this script could also
be used as some kind of password safe.

You can set g:tgpgMode or b:tgpgMode to 'encrypt' for switching to
asymmetric encryption as default. You can also control the use of
symmetric and asymmetric encryption by setting set
g:tgpgPattern_symmetric and g:tgpgPattern_encrypt.

This plugin passes the passphrase on the command line to the gpg
programm. So, it could be possible that somebody makes the passphrase
show up in some command log. Under some circumstances it could also be
possible that some info (eg the recipients) is logged in your viminfo
file. If you clearsign a message, the plain text will be written to
disk. Ie, if you clearsign a gpg encrypted message, the text will
temporarily be written to disk as plain text -- please keep in mind the
vast range of possible consequences.

This plugin uses the (Buf|File)(Read|Write)Cmd autocommand events to
write/read the file. I'm not sure how this works out with other plugins
using these events.

As I don't like typing passphrases, this plugin caches all the
passphrases entered in a script local variable. This means that
passphrases are likely to be written to the swapfile, from where
somebody somehow could possibly do something ... Set g:tgpgCachePW to 1
(buffer-wise caching only) or 0 (no caching) to change this.

This plugin was tested with Windows GVim & cygwin gpg 1.4.5 (using bash
as shell) as well as linux vim & gpg 1.4.5. It's possible that the use
of a pure Windows version of gpg or cmd.exe as shell doesn't work.
(Please report problems.)

If you get a message telling you about gpg command line options instead
of the decrypted file, please check the value of g:tgpgShellQuote.

If writing fails, it's possible that you end up with a corrupted or
empty file. That's why we make backups by default. Set g:tgpgBackup
to 0 to change this.
install details
Copy to ~/.vim/plugin/ or similar.

This plugin currently is somewhat experimental. Don't blame me if you end up with a file you can't decrypt anymore.

You might also want to try vimscript#661 if you don't like this plugin.

Also available via git

rate this script Life Changing Helpful Unfulfilling 
script versions (upload new version)

Click on the package to download.

package script version date Vim version user release notes
tgpg.vba.gz 0.4 2008-01-04 7.0 Tom Link /bb- Reset cached passwords after g:tgpg_timeout seconds without access
- If g:tgpg_gpg_md5_sum is set, check gpg's checksum via
g:tgpg_gpg_md5_check before doing anything.
- The gpg program must be configured via g:tgpg_gpg_cmd.
- Make sure certain options (e.g., verbosefile, verbose) are set to
predefined values during read/write, see g:tgpg_options.
- Reset registers when unloading the buffer (this should prevent
information copied to the clipboard to be written to the viminfo file;
as it may have unintended consequences, you can turn it off by setting
g:tgpg_registers to '')
- randomized replacement tables for encryption
tGpg.vim 0.3 2007-06-12 7.0 Tom Link - Changed command template syntax
- The user is now queried for information only as required by the command template
- Changed default value of g:tgpgTempSuffix
- Removed recipients from the clearsign template
- Make sure we're in the right buffer
- Enable buffer local command line options (eg b:tgpgWrite_symmetric_*_options)
tGpg.vim 0.2 2007-01-03 7.0 Tom Link - Made the cache a script local variable.
- Let user retype passwords when writing a file with a new or changed passphrase.
- Display a warning if the size of the output file is 0 & revert to old file.
- Keep the original when writing.
- Run BufRead autocommands on filename root after reading the buffer.
tGpg.vim 0.1 2007-01-02 7.0 Tom Link Initial upload
ip used for rating:

If you have questions or remarks about this site, visit the vimonline development pages. Please use this site responsibly.
Questions about Vim should go to the maillist. Help Bram help Uganda.