heilingbrunner / vscode-gnupg-tool Goto Github PK

Can we get a simple vscode setting to point to the key ring?

I often: (1) open encrypted files; (2) decrypt them in the editor; (3) make changes (4) re-encrypt the file; and then (5) save it. Sometimes, I forget to do step (4) before saving the file again. This causes the plaintext data to be saved in the same file that contained the encrypted data.

It would be useful to have the extension prevent this from happening, e.g. via a prompt, when I try to save plaintext to a file with a .asc extension.

Congratulations on this extension! It's very useful. Do you have a plan to support alternate key ring locations because currently it appears to only take the default, trustdb.gpg.

macOS
Catalina 10.15.2 (19C57)

VSCode
Version: 1.41.1
Commit: 26076a4de974ead31f97692a0d32f90d735645c0
Date: 2019-12-18T14:57:51.166Z
Electron: 6.1.5
Chrome: 76.0.3809.146
Node.js: 12.4.0
V8: 7.6.303.31-electron.0
OS: Darwin x64 19.2.0

GnuPG-Tool
v1.3.3

GPG Suite
2019.1

When trying to "Decrypt selection" I get the following error:

GnuPG: Decryption failed! Error: gpg: cannot open '/dev/tty': Device not configured

GPG Suite is installed and I can decrypt the same cipher block on the command line. I uninstalled and reinstalled, restarting VSCode between each, and the issue persists.

I have an offline master key, and defived subkeys stored on a Yubikey.

When I try to decrypt a selection I get the following "error":

GnuPG: Decryption failed! gpg: okay, we are the anonymous recipient.

If I do the same decryption on the command line, I get the same message: gpg: okay, we are the anonymous recipient. and then the decrypted text.

There are a few feature that I not sure how to use, sometime I don't have a lot of time to just poke around :( yeah I know maybe in few days I will use with all the function I need, but just saying...

Can you enable a wiki and add a few basic how to? hmm let me think... maybe a common use like encrypt for all your notes with a single password. Or a FAQ? if something don't work as expect after the installation, with a suggestion of how to fix it.

This will help any new user to user this great extension quickly

thank you

It would be useful to have the extension decrypt the entire contents of a file in the editor. At the moment, when I choose the command "GnuPG: Decrpt File", nothing happens.

This is the behaviour I am looking for:

1. I open an encrypted file Document.md.asc in VSCode.
2. When I run a command "GnuPG: Decrypt Contents" (e.g.), the contents of the file are decrypted in the editor.

At the moment, I achieve this behaviour by selecting all the encrypted text and choose "GnuPG: Decrypt Selection".

The wiki or ReadMe does not document what symmetric key options are being used for the Encrypt File w/ Passphrase feature. Is the default AES-128 being passed automatically and is there anyway to specify something else? Thanks for tool.

Since today, the Check GnuPG command fails with error "GnuPG not available!". GnuPG is installed through Gpg4Win. I tried upgrading GnuPG on my Windows computer to Gpg4Win version 4.1.0. The same error still occurs. When I run Kleopatra or use gpg.exe from the commandline, it works fine. The PATH also, is fine. gpg.exe is found on the PATH.

PS C:\> gpg --version
gpg (GnuPG) 2.4.0
libgcrypt 1.10.1
Copyright (C) 2021 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: <disclosed>
Unterstützte Verfahren:
Öff. Schlüssel: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Verschlü.: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
           CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Komprimierung: nicht komprimiert, ZIP, ZLIB, BZIP2
PS C:\> gpg --list-keys
<disclosed>pubring.kbx
-----------------------------------------------
pub   rsa4096 <disclosed>[SCA]
      <disclosed>
uid        [ ultimativ ] <disclosed>
[...]

According to the website only GnuPG 2.2 is supported and I bumped it to 2.4.0. I thought this may be the culprit and attempted a downgrade to Gpg4Win 3.1.16.

PS C:\> gpg --version
gpg (GnuPG) 2.2.28
libgcrypt 1.10.1
Copyright (C) 2021 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: <disclosed>
Unterstützte Verfahren:
Öff. Schlüssel: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Verschlü.: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
           CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Komprimierung: nicht komprimiert, ZIP, ZLIB, BZIP2

Works just fine, but still the extension fails with error "GnuPG not available!". I do suspect now that the the upgrade to 2023-04 broke the extension. Or it was an upgrade of vscode. I can't say for sure. The extension surely was not updated in a while and may need patches.

At this point I am at a loss and ask kindly for assistance.

Hi!

There is a way to enable the the explorer context menu? I don't have it.

GnuPG-Tool 1.3.4
VSCodium 1.44.2

Great extension 👍 😃

I use vscode on a remote linux machine and access from Windows 10. I installed the GnuPG-Tool remotely so I could encrypt/decrypt files from my Windows 10 workstation.

If I highlight some text and select "Encrypt Selection w/Passphrase" it fails and displays:

"GnuPG: Encryption failed! gpg: symmetric encryption of '[stdin]' failed: Operation cancelled"

Is this a supported scenario? I don't see any settings that would impact this, but I'm entirely not sure.

This extension runs as expected on a Chromebook with Debian Buster's gpg. But when using Windows 10 and WSL installed (using the Ubuntu distro), it claims "gpg (GnuPG) is not available!"

The integrated terminal is configured to use the default shell: WSL Bash - C:\WINDOWS\System32\wsl.exe

$ gpg --version
gpg (GnuPG) 2.2.19
libgcrypt 1.8.5
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/rhurst/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Can this support WSL? We're not used to having developers load Windows binaries from external sources to secure files. :)

I can see that the extension kills the gpg-agent when a session starts or end.

https://github.com/heilingbrunner/vscode-gnupg-tool/blob/9e146a3f4674725a5235589c4cc168d4b442acd2/src/extension.ts#LL1056C11-L1056C31

Why is it doing that? I have one agent running which I use from the outside terminal, and the extension is messing with my setup.
Can't it just use the running gpg-agent, or start one if it doesn't exist?

When I tried to install a more recent release of this extension on a Mac using GPG Suite, the extension fails to detect the version of GPG installed. It displays as undefined.undefined.undefined in the status bar

After some investigating, it appears that the version header from GPG Suite version of GPG is slightly different from a typical installation of GPG. See below for example version returned from GPG Suite GPG:

$ gpg --version | head -n 1
gpg (GnuPG/MacGPG2) 2.2.17

The vscode-gnupg-tool extension assumes a match for a version string header of the following form:

gpg (GnuPG)

This does not match the version returned from the GPG Suite version of GPG. Because the check fails, calls for encrypting and decrypting via the GPG plugin will silently fail.

The following is a suggested patch fix. The other option is to update the documentation to install a version of GPG that returns a version string that is expected:

diff --git a/src/utils.ts b/src/utils.ts
index bfd1cb0..2133ae8 100644
--- a/src/utils.ts
+++ b/src/utils.ts
@@ -147,6 +147,8 @@ export function linesToVersion(lines: string[]): string | undefined {
   for (let line of lines) {
     if (line.startsWith('gpg (GnuPG) ')) {
       return line.substr('gpg (GnuPG) '.length).trim();
+    } else if (line.startsWith('gpg (GnuPG/MacGPG2) ')) {
+      return line.substr('gpg (GnuPG/MacGPG2) '.length).trim();
     }
   }
   return undefined;

Hello!

Since few versions of VSCode, it is impossible to decrypt encoded text (or file) with passphrase:

It does not ask for input and shows an error.

Encrypting with passphrase does not work either:

It does not ask for input, shows a success message and produces an empty file.

I'm not 100% sure, but I think it started with VSCode version 1.35 or 1.36

Allow to select files (Maybe Ctrl or using Shift) from the "Explorer view" and then encrypt the selected files.

Related: #8 (comment)

I set up my global git settings to GPG sign every commit.
I use this plugin to keep track of my GPG install and interface with VSCode.

• gpg (GnuPG) 2.2.22
• git version 2.18.0
• VSCode Version: 1.49.2

Here's what it looks like when the plugin detects my installed GPG

Problem
There are some instances where the gpg-agent and the VSCode plugin will get out of sync.
It will display not available at the bottom and I am unable to commit anything because the git commands fail the gpg check.

I believe this is the message that returns:

Temp Solution

• Open up a separate terminal
• Kill the gpg-agent
• Then start the gpg-agent as a daemon
• Close VSCode
• Reopen VSCode

Is there a way to add an option to the plugin to recheck for a running gpg-agent as opposed to just at VSCode startup?

The perfect solution is to determine why the out-of-sync happens in the first place.

GnuPG version 2.2.23
VS Code version: 1.49.3
GnuPG-Tool version: 1.3.8

Hey, I am trying to encrypt a string. When I select the option Encrypt Selection w/ Recipients it does not allow me to select any recipient.

When I enter the email address it tell me that the recipient cannot be found.

I am able to encrypt via the command line using the email address [email protected].

Note: Despite the warning, the file gets encrypted, and I can also decrypt it.

I have two keys listed with an e-mail address via -list-secret-keys and --list-public-keys, so I assumed they would listed in VS Code as encryption recipients.

Hello, it would be cool to decrypt a file in the buffer and make changes to it similar to easypg for Emacs. So you don't accidentally save the decrypted file into the cloud.

If listing them is not possible, then this extension needs a way to manage trust for stored keys

I often use the extension to read encrypted Markdown files. For example, I open a file Document.md.asc, select all the text and decrypt it using "GnuPG: Decrypt Selection". After this happens, VSCode doesn't automatically reinterpret the file as a Markdown document, which means it doesn't have syntax highlighting and I cannot use Markdown editing shortcuts.

It would be useful to have the extension cause the contents of a file to be re-interpreted if I decrypt all of the file.

It would be great to allow previewing decryption of selection. I keep certain portions of larger documents encrypted. I don't want to accidently save decrypted version, which is now possible due to inline replacement. I keep those documents in git and if commited this is very hard to revert in team environment.