tGpg is a plugin for Vim that encrypts files with gpg. It provides secure encryption for files with added convenience of being integrated with Vim.
The main purpose of this plugin is to perform symmetric encryption by default, but it is flexible enough to do clearsign and asymmetric encryption as well. You can switch to asymmetric encryption as the default by setting g:tgpgMode or b:tgpgMode to "encrypt". You can also control the use of symmetric and asymmetric encryption by setting g:tgpgPattern_symmetric and g:tgpgPattern_encrypt.
It should be noted that this plugin passes the passphrase on the command line to the gpg program, which could cause the passphrase to show up in some command log. It is also possible that some info, such as the recipients, could be logged in your viminfo file. If you clearsign a message, the plain text will be written to disk, so please keep in mind the vast range of possible consequences.
This plugin uses the (Buf|File)(Read|Write)Cmd autocommand events to write/read the file. If you don't like typing passphrases, this plugin caches all the passphrases entered in a script local variable. However, this means that passphrases are likely to be written to the swapfile, which poses a potential security risk. To change this behavior, you can set g:tgpgCachePW to 1 (buffer-wise caching only) or 0 (no caching).
If you get a message telling you about gpg command line options instead of the decrypted file, please check the value of g:tgpgShellQuote. If writing fails, you may end up with a corrupted or empty file; by default, tGpg makes backups to prevent data loss. However, you can change this behavior by setting g:tgpgBackup to 0.
To use tGpg, you must have GPG and Vim installed. Copy the plugin to ~/.vim/plugin/ or a similar directory to install it. Note that this plugin is currently experimental, so be cautious when using it - the developer cannot be held responsible if you end up with an encrypted file you can't decrypt.
The most recent version of tGpg includes several new features and improvements, such as resetting cached passwords after g:tgpg_timeout seconds without access, checking gpg's checksum via g:tgpg_gpg_md5_check before doing anything, and using predefined values for certain options during read/write with g:tgpg_options. Additionally, this version includes randomized replacement tables for encryption and reset registers when unloading the buffer to prevent information from being copied to the clipboard or written to the viminfo file (you can disable this by setting g:tgpg_registers to "").
Version 0.4: N/A