On Tue, 20 Jul 2010, Bram Moolenaar wrote:
I have just submitted a patch that changes the 'cryptmethod' option
from local to a buffer to global-local. This makes it possible to
set a default value for new files in your vimrc file.
This works for me, thank you.
Since the number value was cryptic anyway, I changed the
'cryptmethod' option to a string, with values "zip" and "blowfish".
I noticed this when I got an error after doing a pull/update and
recompile this morning. I definitely prefer it this way.
I just noticed a potential problem--I'm not sure whether to call it a
bug:
- Create a new buffer with some content
- With 'cryptmethod' set to "blowfish" (I did not test with "zip")
encrypt the file (:X)
- Write the file
- Do ":X" again and enter a new password
- Without writing, do ":e"
It appears Vim attempts to decrypt the file with the new key, but it
hasn't actually been written with that key so you just see garbage.
Before I realized what had happened I thought I'd lost a file (no big
deal, I just went to my backup).
It would be my preference that the buffer gets tagged as modified
whenever the encryption key gets changed, but I realize there may have
been a reason for the existing behavior.
Also, the information for the "file" command's magic file under ":help
:X" needs to be updated. This worked for me (without the leading
spaces, of course):
0 string VimCrypt~ Vim encrypted file
>9 string 01 - "zip" cryptmethod
>9 string 02 - "blowfish" cryptmethod
The descriptions should perhaps be more explanatory, possibly
including Vim version compatibility.
Now that this appears to be working fairly well, I intend to switch
from using GPG/PGP to encrypt some of my "secure" files to Vim's
blowfish cryptmethod. It's a lot more convenient and "good enough"
for most things.
I realize it hasn't had time to be thoroughly vetted for problems, but
I'm only switching for stuff that isn't "too" important, the rest will
remain encrypted with GPG. (I certainly wasn't willing to trust the
zip cryptmethod even for fairly trivial stuff; if I'm going to encrypt
anything at all, I at least want to avoid an encryption scheme that is
known to be "broken".)
- Christian
--
Christian J. Robinson <[email protected]> -- http://christianrobinson.name/
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
