dotfiles / vim / bundle / gnupg.vim / README

This is a mirror of http://www.vim.org/scripts/script.php?script_id=3645

This script implements transparent editing of gpg encrypted files. The filename must have a ".gpg", ".pgp" or ".asc" suffix. When opening such a file the content is decrypted, when opening a new file the script will ask for the recipients of the encrypted file. The file content will be encrypted to all recipients before it is written. The script turns off viminfo and swapfile to increase security.

This is a continuation of the work initially done by Markus Braun in vimscript #661.  Development takes place at https://github.com/jamessan/vim-gnupg.

Commands: 

  :GPGEditRecipients 
    Opens a scratch buffer to change the list of recipients. Recipients that 
    are unknown (not in your public key) are highlighted and have 
    a prepended "!". Closing the buffer makes the changes permanent. 

  :GPGViewRecipients 
    Prints the list of recipients. 

  :GPGEditOptions 
    Opens a scratch buffer to change the options for encryption (symmetric, 
    asymmetric, signing). Closing the buffer makes the changes permanent. 
    WARNING: There is no check of the entered options, so you need to know 
    what you are doing. 

  :GPGViewOptions 
    Prints the list of options. 

Variables: 

  g:GPGExecutable 
    If set used as gpg executable, otherwise the system chooses what is run 
    when "gpg" is called. Defaults to "gpg". 

  g:GPGUseAgent 
    If set to 0 a possible available gpg-agent won't be used. Defaults to 1. 

  g:GPGPreferSymmetric 
    If set to 1 symmetric encryption is preferred for new files. Defaults to 0. 

  g:GPGPreferArmor 
    If set to 1 armored data is preferred for new files. Defaults to 0. 

  g:GPGPreferSign 
    If set to 1 signed data is preferred for new files. Defaults to 0. 

  g:GPGDefaultRecipients 
    If set, these recipients are used as defaults when no other recipient is 
    defined. This variable is a Vim list. Default is unset. 

  g:GPGUsePipes
    If set to 1, use pipes instead of temporary files when interacting with
    gnupg.  When set to 1, this can cause terminal-based gpg agents to not
    display correctly when prompting for passwords.  Defaults to 0.

  g:GPGHomedir
    If set, specifies the directory that will be used for GPG's homedir.  This
    corresponds to gpg's --homedir option.  This variable is a Vim string.

Known Issues: 

  In some cases gvim can't decrypt files 

  This is caused by the fact that a running gvim has no TTY and thus gpg is 
  not able to ask for the passphrase by itself. This is a problem for Windows 
  and Linux versions of gvim and could not be solved unless a "terminal 
  emulation" is implemented for gvim. To circumvent this you have to use any 
  combination of gpg-agent and a graphical pinentry program: 

    - gpg-agent only: 
        you need to provide the passphrase for the needed key to gpg-agent 
        in a terminal before you open files with gvim which require this key. 

    - pinentry only: 
        you will get a popup window every time you open a file that needs to 
        be decrypted. 

    - gpgagent and pinentry: 
        you will get a popup window the first time you open a file that 
        needs to be decrypted. 
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.