jamessan / vim-gnupg

This script implements transparent editing of gpg encrypted files.
http://www.vim.org/scripts/script.php?script_id=3645
728 stars 73 forks source link

Implement g:GPGReplaceKeys to automatically replace keys #103

Open ThomasAH opened 5 years ago

ThomasAH commented 5 years ago

I have attached two patches against 2.6.1 (because master currently does not work for me):

fields4-identity.patch: a trivial cleanup patch that replaces multiple uses of fields[4], later followed by let identity = fields[4] with setting identity earlier and using that. The following patch would otherwise introduce another use of fields[4], which I wanted to avoid.

auto-replace-keys.patch: This is the main patch: Implement g:GPGReplaceKeys to automatically replace keys

If set, this dictionary allows to automatically replace keys of recipients with other keys when loading encrypted files (value is the new key id) or to automatically drop those keys (value is an empty string). When searching for recipients by name (e.g. by using :GPGEditRecipients) the keys included in this dictionary will be omitted from search results. Default is unset. Example:

  let g:GPGReplaceKeys = {
    \'5BB3F5195816791A': 'D45DE28FF3A2250C',
    \'79467CE91DF85848': '',
  \}

fields4-identity.patch.txt auto-replace-keys.patch.txt

Not part of the patches just included if someone wants to use it in the same way as we do, our central vimrc contains the following code and uses the same replacekeys.txt file format as used by generate-openpgpkey-hu on https://wiki.gnupg.org/WKDHosting:

function s:parse_replacekeys(index, line)
  " Format of replacekeys.txt:
  " - old_id new_id # to replace
  " - old_id        # to remove
  " for old_id use long (16 hex digits) ids of main key (if the key is still in
  " the common keyring) or subkey (if it has been removed and zugang complains)
  " for new_id you can use 16 hex digits or the fingerprint of the main key
  "
  " 5BB3F5195816791A 0B4E190B70DBACF2BE4D97F0D45DE28FF3A2250C # replace a key
  " 76591CAB0E2063E3 # remove a key
  let old_new = matchlist(a:line, '^\s*\%(0x\)\=\([[:xdigit:]]\{16}\)\s\%(0x\)\=\([[:xdigit:]]\{16}\%([[:xdigit:]]\{24}\)\=\)\s*\%(#.*\)\=$')
  if len(old_new)
    return [old_new[1], old_new[2]]
  endif
  let old = matchlist(a:line, '^\s*\%(0x\)\=\([[:xdigit:]]\{16}\)\s*\%(#.*\)\=$')
  if len(old)
    return [old[1], '']
  endif
  let comment = matchlist(a:line, '^\s*\%(#.*\)\=$')
  if len(comment)
    return ''
  else
    echohl ErrorMsg | echo 'Error parsing line ' . (a:index + 1) . ' of "' . s:replacekeys . '": ' a:line | echohl None
    return ''
  endif
endfunction

let g:GPGReplaceKeys = {}
let s:replacekeys = "/some/central/location/replacekeys.txt"
for s:line in filter(map(readfile(s:replacekeys), function('s:parse_replacekeys')), '!empty(v:val)')
  let g:GPGReplaceKeys[toupper(s:line[0])] = toupper(s:line[1])
endfor

Would you be interested to have this in 2.7? If yes, I could port it as soon as the 2.7/master branch works again for me.

jamessan commented 5 years ago

because master currently does not work for me

That's unfortunate. Would you be able to describe what's not working, either here or in a distinct issue?

Implement g:GPGReplaceKeys to automatically replace keys

That sounds like useful functionality. Thanks for the patch. I can look into integrating it.

ThomasAH commented 5 years ago

because master currently does not work for me

That's unfortunate. Would you be able to describe what's not working, either here or in a distinct issue?

I reported one problem in #104. I don't remember exactly if I encountered more problems. I could try again when #104 is fixed.