This is a mirror of http://www.vim.org/scripts/script.php?script_id=3645 This script implements transparent editing of gpg encrypted files. The filename must have a ".gpg", ".pgp" or ".asc" suffix. When opening such a file the content is decrypted, when opening a new file the script will ask for the recipients of the encrypted file. The file content will be encrypted to all recipients before it is written. The script turns off viminfo and swapfile to increase security. This is a continuation of the work initially done by Markus Braun in vimscript #661. Development takes place at https://github.com/jamessan/vim-gnupg. Commands: :GPGEditRecipients Opens a scratch buffer to change the list of recipients. Recipients that are unknown (not in your public key) are highlighted and have a prepended "!". Closing the buffer makes the changes permanent. :GPGViewRecipients Prints the list of recipients. :GPGEditOptions Opens a scratch buffer to change the options for encryption (symmetric, asymmetric, signing). Closing the buffer makes the changes permanent. WARNING: There is no check of the entered options, so you need to know what you are doing. :GPGViewOptions Prints the list of options. Variables: g:GPGExecutable If set used as gpg executable, otherwise the system chooses what is run when "gpg" is called. Defaults to "gpg". g:GPGUseAgent If set to 0 a possible available gpg-agent won't be used. Defaults to 1. g:GPGPreferSymmetric If set to 1 symmetric encryption is preferred for new files. Defaults to 0. g:GPGPreferArmor If set to 1 armored data is preferred for new files. Defaults to 0. g:GPGPreferSign If set to 1 signed data is preferred for new files. Defaults to 0. g:GPGDefaultRecipients If set, these recipients are used as defaults when no other recipient is defined. This variable is a Vim list. Default is unset. g:GPGUsePipes If set to 1, use pipes instead of temporary files when interacting with gnupg. When set to 1, this can cause terminal-based gpg agents to not display correctly when prompting for passwords. Defaults to 0. g:GPGHomedir If set, specifies the directory that will be used for GPG's homedir. This corresponds to gpg's --homedir option. This variable is a Vim string. Known Issues: In some cases gvim can't decrypt files This is caused by the fact that a running gvim has no TTY and thus gpg is not able to ask for the passphrase by itself. This is a problem for Windows and Linux versions of gvim and could not be solved unless a "terminal emulation" is implemented for gvim. To circumvent this you have to use any combination of gpg-agent and a graphical pinentry program: - gpg-agent only: you need to provide the passphrase for the needed key to gpg-agent in a terminal before you open files with gvim which require this key. - pinentry only: you will get a popup window every time you open a file that needs to be decrypted. - gpgagent and pinentry: you will get a popup window the first time you open a file that needs to be decrypted.