John Beckett wrote:

> Suggested new feature:
> Make an easy way to encrypt a secret within a line.
> Then you can have a simple text file to document stuff, with
> embedded secrets. On reading, you only need to enter a key if you
> want to see a secret.
> Example lines before encryption:
>  server12 { admin topsecret } any text
>  mybank { account 123456789 pin 1234 }
> Example lines after encryption:
>  server12 {~8vP09fb3+Pn6+/z9/v8AAwocSE9cDYPAYJUThgE} any text
>  mybank {~afSDKoy9saGMCZ91x6F7pHkwdzEcMBoGCSqGSIb3DQEJ}
> When viewing a file with encrypted secrets, it doesn't matter if
> others are shoulder surfing. You only need to get rid of onlookers
> for the short time it would take to enter a key and view a secret in
> the message line (which would not change the file).
> I implemented this scheme in an obsolete editor many years ago,
> and offer the suggestion in case it appeals to Bram. However, as
> noted in my "Suggestions" message, I think new features should be
> resisted in favour of fixups, so I won't be offended if this is
> ignored.
> A more detailed description of the proposal follows.
> A secret is entered between "{ " and "}" on a single line.
> There is a space after the opening brace.
> The encrypted result is stored as base64 text, with "~" inserted as
> the first character. The space (plaintext) and tilde (ciphertext)
> are safety checks so text is not encrypted or decrypted twice.
> These commands would be required:
>  EnterKey - Prompt user to enter a key for encryption/decryption.
>  EncryptLine - Encrypt text inside braces on the current line.
>  DecryptLine - Reverse EncryptLine.
>  ShowSecret - Show decrypted secret in the message line.
> EnterKey prompts the user and allows them to enter a key (no echo).
> The key is hashed, and the hash is retained in memory for this
> session. It can be cleared by using EnterKey to enter a blank key.
> The hashed key is used for any subsequent encryption and decryption.
> EncryptLine checks that the current line contains "{ " (with space),
> followed by "}". It then uses the hashed key to encrypt the text
> between the braces, then replaces that text in the current line with
> a base64 encoded form of the ciphertext.
> EncryptLine inserts a tilde (~) after the first brace. This is a
> safety mechanism so you won't accidentally encrypt a line twice.
> EncryptLine inserts a small amount of random padding (salt). The
> padding is of variable length so the length of the secret is not
> known to intruders. However, there is only a small amount of padding
> so the result is fairly compact.
> ShowSecret decrypts the secret in the current line, and displays the
> plaintext in the message line. The file is not changed. There should
> be an easy way to put the plaintext in the clipboard, and an easy
> way to blank the displayed secret.
> DecryptLine reverses EncryptLine, changing the current line. It does
> nothing (apart from display an error) if the result is not
> reasonable (the ciphertext must be a tilde followed by base64, and
> the decryption should satisfy certain sanity checks, and should
> yield printable text starting with a space). This is a safety check
> to avoid losing data if the wrong key is used to decrypt.

This is very a specific feature.  You should implement this in a script,
this doesn't sound like something Vim should support internally.

A day without sunshine is like, well, night.

 /// Bram Moolenaar -- [EMAIL PROTECTED] --   \\\
///        sponsor Vim, vote for features -- \\\
\\\        download, build and distribute --        ///
 \\\            help me help AIDS victims --    ///

Reply via email to