Vim Tips Wiki
Don't have an account?
Register
Advertisement
Register
in: VimTipProposed

Edit gpg encrypted files

Revision as of 00:47, 22 March 2009 by JohnBeckett (talk | contribs) (Vim Gpg moved to Edit gpg encrypted files: as decided at 200802)
Edit

Proposed tip Please edit this page to improve it, or add your comments below (do not use the discussion page).

Please use new tips to discuss whether this page should be a permanent tip, or whether it should be merged to an existing tip.
created February 16, 2008 · complexity basic · author Metacosm · version 7.0

Here's an example of some vimrc commands to add to enable editing of GPG encrypted files. 

" Transparent editing of gpg encrypted files.
" By Wouter Hanegraaff <wouter@blub.net>
augroup encrypted
au!
" First make sure nothing is written to ~/.viminfo while editing
" an encrypted file.
autocmd BufReadPre,FileReadPre      *.gpg set viminfo=
" We don't want a swap file, as it writes unencrypted data to disk
autocmd BufReadPre,FileReadPre      *.gpg set noswapfile
" Switch to binary mode to read the encrypted file
autocmd BufReadPre,FileReadPre      *.gpg set bin
autocmd BufReadPre,FileReadPre      *.gpg let ch_save = &ch|set ch=2
autocmd BufReadPre,FileReadPre      *.gpg let shsave=&sh
autocmd BufReadPre,FileReadPre      *.gpg let &sh='sh'
autocmd BufReadPre,FileReadPre      *.gpg let ch_save = &ch|set ch=2
autocmd BufReadPost,FileReadPost    *.gpg '[,']!gpg --decrypt --default-recipient-self 2> /dev/null
autocmd BufReadPost,FileReadPost    *.gpg let &sh=shsave
" Switch to normal mode for editing
autocmd BufReadPost,FileReadPost    *.gpg set nobin
autocmd BufReadPost,FileReadPost    *.gpg let &ch = ch_save|unlet ch_save
autocmd BufReadPost,FileReadPost    *.gpg execute ":doautocmd BufReadPost " . expand("%:r")
" Convert all text to encrypted text before writing
autocmd BufWritePre,FileWritePre    *.gpg set bin
autocmd BufWritePre,FileWritePre    *.gpg let shsave=&sh
autocmd BufWritePre,FileWritePre    *.gpg let &sh='sh'
autocmd BufWritePre,FileWritePre    *.gpg '[,']!gpg --encrypt --default-recipient-self 2>/dev/null
autocmd BufWritePre,FileWritePre    *.gpg let &sh=shsave
" Undo the encryption so we are back in the normal text, directly
" after the file has been written.
autocmd BufWritePost,FileWritePost  *.gpg   silent u
autocmd BufWritePost,FileWritePost  *.gpg set nobin
augroup END

Related plugins

See also

Comments

An improved version

It is a bad idea to change 'shell' and 'cmdheight', however temporary, in tips like these, because it distracts the user from the important parts of the script. Also, setting 'shell' to "sh" renders this tip unusable for Windows.

It is also quite silly to use several autocmds, and inadvertently depending on Vim executing them in the same order they were defined, to perform a sequence of commands. Use :|s or :functions instead.

Unnecessarily using :set instead of :setlocal is now considered a felony in several countries.

Redirecting stderr to /dev/null seems strange. If gpg runs into any problems, I'd want to know about it. The redirect was, in any case, removed to improve platform independence.

I'm uncertain as to how well the '[,']!gpg commands actually work. It seems like it wouldn't work perfectly in all situations, and that %!gpg would be the way to go, but I've left it as it was. Maybe it does something smart that I haven't thought of.

Note that this script is quite nasty in that it empties the 'viminfo' option. Unfortunately, 'viminfo' is not "local to buffer". It's probably best to keep this script in a separate file, and :source it only when editing encrypted files. 

  " Don't save backups of *.gpg files
  set backupskip+=*.gpg
  
  " To avoid that parts of the file is saved to .viminfo when yanking or
  " deleting, empty the 'viminfo' option.
  set viminfo=
  
  augroup encrypted
      au!
      " Disable swap files, and set binary file format before reading the file
      autocmd BufReadPre,FileReadPre *.gpg
          \ setlocal noswapfile |
          \ setlocal bin
  
      " Decrypt the contents after reading the file, reset binary file format
      " and run any BufReadPost autocmds matching the file name without the .gpg
      " extension
      autocmd BufReadPost,FileReadPost *.gpg
          \ '[,']!gpg --decrypt --default-recipient-self |
          \ setlocal nobin |
          \ execute ":doautocmd BufReadPost " . expand("%:r")
  
      " Set binary file format and encrypt the contents before writing the file
      autocmd BufWritePre,FileWritePre *.gpg
          \ setlocal bin |
          \ '[,']!gpg --encrypt --default-recipient-self
  
      " After writing the file, do an :undo to revert the encryption in the
      " buffer, and reset binary file format
      autocmd BufWritePost,FileWritePost *.gpg
          \ silent u |
          \ setlocal nobin
  augroup END

(Spiiph 17:40, 26 December 2008 (UTC))

Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed