Minimal symmetric crypto support for vim

Jason Holt jason at lunkwill.org
Sun May 25 06:13:02 CEST 2003


I've been trying to make vim more suited to editing sensitive plaintexts; I
just finished patches to create an "mlock" option which calls mlockall().

Unfortunately, vim uses temporary files when piping output to external
programs (eg., :%!gpg -o foo.gpg -c), so it's still not possible to encrypt
data without the plaintext ever touching the disk.  I'm looking into adding
proper pipe support.

But I'm also tempted to add proper crypto to vim itself.  I already hacked in
simple (and insecure) AES-CTR support.  But what I'd really like to do is be
able to do simple gpg -c compatible encryption (with 3DES or AES) as an
integrated feature.  Sure, we'd still need to pipe out for anything more
complicated (like signatures), but at least there'd be simple crypto available
for people who don't have gpg.

So, my question is: how hard would it be to create gpg -c --cipher AES
--enable-mdc compatible files?  Shouldn't I be able to basically hard-code
most of the headers?  Perhaps I can write up a simple implementation as a
framework for anybody else wanting to add minimal gpg-compatible symmetrically
encrypted file support to an application.  (gpgme, of course, looks wonderful,
but it's not exactly common in the wild...)

						-J





More information about the Gnupg-devel mailing list