-- coding: utf-8 --
Pure Plain Text Notes... with optional encryption.
https://github.com/clach04/puren_tonbo/
IMPORTANT before using the optionally encryption features, ensure that it is legal in your country to use the specific encryption ciphers. Some countries have also have restrictions on import, export, and usage see http://www.cryptolaw.org/cls-sum.htm
Ensure you have backups, these tools could destroy/delete/corrupt your notes! NO WARRANTY - see the LICENSE
- Background
- Features
- Getting Started
- Microsoft Windows
- Examples
- ptcat/ptcipher with text editors like vim
- Development and testing
- Thanks
- TODO
Table of contents generated with markdown-toc
Plain text notes search/edit tool that supports encrypted files, formats:
- AES-256 ZIP AE-1/AE-2 created with 7z (does NOT support encrypted 7z files), WinZIP, WinRAR - AES256 (under Python 3 can also read (but not write) the original ZipCrypto zip format)
- AES-256-CTR PBKDF2 (iterations 1000)
- ccrypt - Rijndael-256 (no authentication)
- GnuPG (OpenPGP, gpg) - symmetric see https://tutonics.com/articles/gpg-encryption-guide-part-4-symmetric-encryption/#:~:text=Another%20type%20of%20cryptographic%20solution,also%20called%20a%20shared%20secret.
- OpenSSL 1.1.0 aes-256-cbc - symmetric AES-256-CBC encryption with pbkdf2.
- Tombo (chi) - blowfish-ECB
- vim VimCrypt encrypted files READ ONLY - VimCrypt (1-3) zip, blowfish, and blowfish2
プレーン トンボ Purēntonbo
平易 蜻蛉
- http://tombo.sourceforge.jp/En/
- https://github.com/clach04/chi_io
- https://hg.sr.ht/~clach04/pytombo - NOTE Puren Tonbo is intended to replace PyTombo
- Plain text files notes (potentially with no formatting or in Markdown, reStructuredText, etc.)
- Nested directories of notes
- Supports reading and writing from/to encrypted files that are compatible with other formats/tools (there is no intention to create a new crypto format/algorithm in this tool)
- Currently limited to local file system and stdin/out for files
- Command line tools;
ptcat
andptcipher
to encrypt/decrypt and view plain text filesptcipher
- process raw binary files, controlled via command line and environment variablesptcat
- in addition to command line and environment variables, also has an (optional) config file and the concept of a root directory of notes
ptgrep
- a grep, ack, ripgrep, silver-searcher, pss like tool that works on encrypted (and plain text) filesptig
an interactive grep like tool that can also view/editptrecrypt
a TODOptpyvim
a vim-like editor that works on encrypted (and plain text) filesptdiff3merge
3-way diff/merge too that can works with encrypted (and plain text) files
sudo apt-get install python-tk
sudo apt-get install ccrypt
pip install "puren_tonbo[all]"
Picking up the latest version
pip uninstall puren_tonbo ; python -m pip install --upgrade git+https://github.com/clach04/chi_io.git git+https://github.com/clach04/puren_tonbo.git
# sanity check, and dump sample config to stdout
ptconfig
python -m puren_tonbo.tools.ptconfig
# pip uninstall puren_tonbo
# python -m pip install -r requirements.txt
# TODO requirements_optional.txt
python -m pip install -e .
python -m pip install -e .[all]
# sanity check, and dump sample config to stdout
ptconfig
python -m puren_tonbo.tools.ptconfig
- NOTE "start" can help with spawning exes that wait, and do not exit. BUT ensure command being started is in path (do not use full path), causes issues with multiple edit ("en") in ptig.
- Unicode support, CMD.exe has limited Unicode support, instead use a GUI terminal with Unicode support (see below)
Using an alternative to CMD.exe allows full Unicode support, including Emoji Recommend mintty (or in a pinch Windows Terminal).
Do NOT recommend Fluent Terminal (FluentTerminal).
Untested alternatives; Windows Terminal 2, ConEMu (https://conemu.github.io/ https://github.com/Maximus5/ConEmu)
https://github.com/mintty/mintty
mintty is included with Git for Windows, msys2, cygwin.
Examples:
mintty --title ptig --hold error --size 120,35 -e python -m puren_tonbo.tools.ptig
mintty --title ptig --hold error --size 120,35 -e C:\full\path\to\ptig.exe
mintty --title ptig --hold error --size 120,35 -e ptig.exe
"C:\Program Files\Git\usr\bin\mintty.exe" --title ptig --hold error --size 120,35 -e python -m puren_tonbo.tools.ptig
Support is excellent, can easily change color theme/scheme without changing ALL terminals. Great control over title name.
Out of the box Emoji (Unicode) font is mono, rather than full color.
To enable full color emoji see https://github.com/mintty/mintty/wiki/Tips#emojis
https://github.com/mintty/mintty/wiki/Tips#quick-guide-to-emoji-installation is the least effort option, but slower than manually downloading and extracting.
One emoji are installed (to %APPDATA%\mintty\emojis
) open mintty settings "Options...", Text, then edit the Style content to point to the directory of downloaded images for emoji.
Known to work well with mintty; 3.6.4, 3.7.0, 3.7.4, and 3.7.6 as installed by https://github.com/git-for-windows/git (and Python 3.1x). NOTE odd title (numbers, forward slash, numbers) with mintty 3.7.4 and 3.7.6 (included with Git 2.46.0 and 2.46.2) and Python 3.12.5 - NOT seen with other versions.
Sample config file:
type "%USERPROFILE%\.minttyrc"
cat ~/.minttyrc
ThemeFile=rosipov
Font=Consolas
FontHeight=10
"rosipov" is a built in theme (there are others, and custom ones can also be added too).
https://github.com/alacritty/alacritty
NOTE no scroll bar, and looks like there is no intention to support? Great for keyboard only control.
Examples:
"C:\Program Files\Alacritty\alacritty.exe" --title ptig --hold -e C:\full\path\to\ptig.exe
https://github.com/microsoft/terminal/ https://aka.ms/terminal
Whilst Windows Terminal looks great (out of box emoji is in full color font), it is limited compared to mintty. For example no control over title and color scheme is global.
Windows Terminal (with Unicode support, including emoji) WindowsTerminal https://github.com/microsoft/terminal/releases/tag/v1.20.11381.0 works great (or from AppStore https://apps.microsoft.com/detail/9n0dx20hk701)
wt.exe - `%LOCALAPPDATA%\Microsoft\WindowsApps\wt.exe` or from zip (not AppStore) `WindowsTerminal.exe` (multi color emoji) and `OpenConsole.exe` (single color emoji)
how to get taskbar icon showing up?
Examples:
%LOCALAPPDATA%\Microsoft\WindowsApps\wt.exe C:\full\path\to\ptig.exe
ptconfig
python -m puren_tonbo.tools.ptconfig
ptcat puren_tonbo/tests/data/aesop.txt
ptcat --list-formats
python -m puren_tonbo.tools.ptcat --list-formats
python -m puren_tonbo.tools.ptcat --note-root . puren_tonbo/tests/data/aesop.txt
python -m puren_tonbo.tools.ptcat --note-root . puren_tonbo/tests/data/aesop.chi
python -m puren_tonbo.tools.ptcat puren_tonbo/tests/data/aesop.txt
ptcat -p password puren_tonbo/tests/data/aesop_linux_7z.aes256.zip
python -m puren_tonbo.tools.ptcat -p password puren_tonbo/tests/data/aesop_linux_7z.aes256.zip
A grep, ack, ripgrep, silver-searcher, pss like tool that works on encrypted (and plain text) files.
Has similar parameters for ease of switching.
Python 2.7 note for Windows. Non-ascii characters can cause Python exception/crashes UnicodeEncodeError when attempting to print Unicode characters, where as Python 3 does not. ptgrep implements a translation feature/hack which can be disabled (or tweaked) via the Operating System environment variable PTGREP_STDOUT_MODE. Valid options are
disabled,
utf8, and
ascii:backslashreplace. For Python 2.7 under Microsoft Windows **only** (when neither
PYTHONIOENCODINGnor
PYTHONUTF8have been set)
ascii:backslashreplaceis the default and works in a similar fashion to
PYTHONIOENCODING`.
ptgrep better
ptgrep -i better
python -m puren_tonbo.tools.ptgrep -i better
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -i better
python -m puren_tonbo.tools.ptgrep -e -p password Better
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -e -p password Better
Find all instances of "king", case-insensitive (note; matches taking
):
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -i king
Find all words "king", case-insensitive using a regex:
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -i -r \bking\b
Find all instances of "king" but not "aking", "iking", or "lking", case-insensitive using a regex:
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -i -r [^ail]king
find different words with regex
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -r "cruel|better"
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -i -r "cruel|better"
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -r "cru.l|b.tter"
find "-feast" which looks like a command line argument:
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -- -feast
find filenames with regex
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -y -r ^aesop
find filenames that have an ISO date in either dirname or filename
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -y -r "202[0-9]-[0-9][0-9]-[0-9][0-9]"
find filenames encrypted with regex
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -y -e -r ^aesop
find filenames ONLY encrypted with regex
python -m puren_tonbo.tools.ptgrep --note-root=puren_tonbo/tests/data -y -k -r ^aesop
Help:
Usage: ptrecrypt [options] file_or_dir_pattern1 [file_or_dir_pattern2...]
Command line tool to (re-)encrypt files. Any files passed on the command line
WILL BE encrypted (in the requested format, if none requested original format)
unless it is the same format and password. Any directories may have some form
of filtering based on type.
Options:
--version show program's version number and exit
-h, --help show this help message and exit
--list-formats Which encryption/file formats are available
--password-prompt=PASSWORD_PROMPT, --password_prompt=PASSWORD_PROMPT
Comma seperated list of prompt mechanism to use,
options; any,text,gui,win32,tk
--no-prompt, --no_prompt
do not prompt for password
--cipher=CIPHER Which encryption mechanism to use (file extension used
as hint), use existing cipher if ommited
--new-password=NEW_PASSWORD, --new_password=NEW_PASSWORD
new password to use, if omitted use the existing
password
-E ENVVAR, --envvar=ENVVAR
Name of environment variable to get password from
(defaults to PT_PASSWORD) - unsafe
-p PASSWORD, --password=PASSWORD
password, if omitted but OS env PT_PASSWORD is set use
that, if missing prompt
-P PASSWORD_FILE, --password_file=PASSWORD_FILE
file name where password is to be read from, trailing
blanks are ignored
-v, --verbose
-s, --silent if specified do not warn about stdin using
--force-recrypt-same-format-password, --force_recrypt_same_format_password
For re encryption, even if same file format/container
and password is to be used
--destination-directory=DESTINATION_DIRECTORY, --destination_directory=DESTINATION_DIRECTORY
If specified where to write to, if ommited uses same
directory
--new-extension=NEW_EXTENSION, --new_extension=NEW_EXTENSION
file extension to append for new files; 'default'
(default for cipher), 'cipher' (what was passed in on
command line), 'retain' (if not changing formats, use
the original file extension) - and potentially
anything else with a period is the new extension to
use, for example '.zip'
--skip-encrypted, --skip_encrypted
For directories, skip already encrypted files
--skip-unencrypted, --skip_unencrypted
For directories, skip files that are not already
encrypted
--existing-files=EXISTING_FILES, --existing_files=EXISTING_FILES
How to handle existing files; resolving files that
already exist; default error/stop, skip,
overwrite/replace/delete (in safe mode - needed for
same file type, new password), delete (after
successful write)
--simulate Do not write/delete/change files
Command line interactive search tool, that also supports viewing and editing.
Relies on ptgrep, see PTGREP_STDOUT_MODE
note.
Also see https://github.com/clach04/puren_tonbo/wiki/tool-ptig
ptig
python -m puren_tonbo.tools.ptig
$ ptig --note-root=puren_tonbo/tests/data
3.8.10 (default, Mar 15 2022, 12:22:08)
[GCC 9.4.0]
Puren Tonbo puren_tonbo version 0.0.3.git
Formats:
txt - RawFile - Raw file, no encryption support
md - RawFile - Raw file, no encryption support
chi - TomboBlowfish - Tombo Blowfish ECB (not recommended)
gpg - GnuPG - gpg (GnuPG) symmetric 1.x and 2.x, does NOT uses keys
asc - GnuPGascii - gpg (GnuPG) symmetric 1.x and 2.x, does NOT uses keys
cpt - Ccrypt - ccrypt symmetric Rijndael
aes.zip - ZipAES - AES-256 ZIP AE-1 DEFLATED (regular compression)
aes256.zip - ZipAES - AES-256 ZIP AE-1 DEFLATED (regular compression)
aeszip - ZipAES - AES-256 ZIP AE-1 DEFLATED (regular compression)
old.zip - ZipAES - AES-256 ZIP AE-1 DEFLATED (regular compression)
openssl_aes256cbc_pbkdf2_10k - OpenSslEnc10k - OpenSSL 1.1.0 pbkdf2 iterations 10000 aes-256-cbc
aes256stored.zip - ZipNoCompressionAES - AES-256 ZIP AE-1 STORED (uncompressed)
oldstored.zip - ZipNoCompressionAES - AES-256 ZIP AE-1 STORED (uncompressed)
aes256lzma.zip - ZipLzmaAES - AES-256 ZIP AE-1 LZMA
aes256bzip2.zip - ZipBzip2AES - AES-256 ZIP AE-1 BZIP2
vimcrypt - VimDecrypt - vimcrypt 1, 2, 3
vimcrypt1 - VimDecrypt - vimcrypt 1, 2, 3
vimcrypt2 - VimDecrypt - vimcrypt 1, 2, 3
vimcrypt3 - VimDecrypt - vimcrypt 1, 2, 3
Libs:
chi_io.implementation: using PyCrypto 3.15.0
python-gnupg version: 0.5.0
gpg version: (2, 2, 19)
pyzipper version: 0.3.6
ptig: 🔎 rg better
Query time: 0.01 seconds
ptig: 🔎 set ic
ptig: 🔎 rg better
[1] puren_tonbo/tests/data/aesop.txt
7:Better no rule than cruel rule.
Query time: 0.01 seconds
ptig: 🔎 find ccrypt
[1] puren_tonbo/tests/data/aesop_win_ccrypt.cpt
Query time: 0.00 seconds
ptig: 🔎 f ccrypt
[1] puren_tonbo/tests/data/aesop_win_ccrypt.cpt
Query time: 0.00 seconds
ptig: 🔎 cat 0
Password for file aesop_win_ccrypt.cpt:
ptig: 🔎 set search_encrypted=True
ptig: 🔎 rg better
[1] puren_tonbo/tests/data/aesop.chi
7:Better no rule than cruel rule.
..... Truncated
[21] puren_tonbo/tests/data/aesop_win_winrar.aes256stored.zip
7:Better no rule than cruel rule.
Query time: 0.32 seconds
ptig: 🔎 help
Documented commands (type help <topic>):
========================================
EOF c config edit f g help ptpyvim quit rg ver vi
bye cat e exit find grep info pyvim results set version vim
ptig: 🔎 exit
Quitting...
Config for ptig is the regular config file pt.json
, with additional (optional) ptig section:
{
"_version_created_with": "0.0.dev3",
"codec": [
"utf8",
"cp1252"
],
"default_encryption_ext": "chi",
"default_text_ext": "txt",
"note_root": "C:\\Users\\yourname\\tombo",
"ptig": {
"#init": ["set ic", "set enc"],
"init": ["set ic"],
"editor": "start scite",
"editors": {
"encscite": "C:\\programs\\encscite\\prog\\encscite.bat",
"pttkview": "pttkview",
"scite": "scite",
"gvim": "gvim",
"vim": "vim"
},
"file_browser": "explorer",
"prompt": "ptig: ? ",
"use_pager": false
}
}
NOTE options for editor along with init
which is a list of commands to issue on start up.
For example, enabling case insensitive search. There is a commented out example which enables encrypted file search.
A simple GUI viewer using the tk toolkit:
python -m puren_tonbo.tools.pttkview -h
pttkview -h
If pyvim is available, ptpyvim wraps encryption/decryption support.
ptpyvim
python -m puren_tonbo.tools.ptpyvim
a 3-way diff and merge tool. Defaults to outputing plaintext to stdout, can be an encrypted file output. Each file can be encrypted with differnent methods BUT any encrypted files must all use the same password.
ptdiff3merge
python -m puren_tonbo.tools.ptdiff3merge
ptcipher is a tool for dealing with raw (binary, i.e. bytes rather than characters) files for encryption/decryption. All options are controlled via command line flag and operating system environment variables.
Assuming installed:
ptcipher -h
From source code checkout:
python -m puren_tonbo.tools.ptcipher -h
python -m puren_tonbo.tools.ptcipher --list-formats
python2 -m puren_tonbo.tools.ptcipher -h
python3 -m puren_tonbo.tools.ptcipher -h
Quick demo:
ptcipher --password password --decrypt puren_tonbo/tests/data/aesop.chi
ptcipher --password password --decrypt puren_tonbo/tests/data/aesop_linux_7z.aes256.zip
python -m puren_tonbo.tools.ptcipher --password password --decrypt puren_tonbo/tests/data/aesop.chi
Symmetric Substitution cipher with no passphrase/password/key support. Do not use, this is implemented as a demo and for testing code paths when encryption libraries are not available.
https://en.wikipedia.org/wiki/ROT13
ptcipher -e -p test README.md -o README.rot13
ptcipher -v -p test README.rot13
ptcipher -p password_ignored puren_tonbo/tests/data/aesop.rot13
py -3 -m puren_tonbo.tools.ptcipher puren_tonbo/tests/data/aesop.rot13 -p password_ignored
echo Why did the chicken cross the road?|ptcipher -p ignored_password --encrypt --cipher=rot13
echo Jul qvq gur puvpxra pebff gur ebnq?|ptcipher -p ignored_password --encrypt --cipher=rot13
If using vim, can also use g?
to rot-13 text. For example; selected text, whole file, etc.
Symmetric Substitution cipher with no passphrase/password/key support. Do not use, this is implemented as a demo and for testing code paths when encryption libraries are not available.
https://en.wikipedia.org/wiki/ROT13#Variants
ptcipher -p password_ignored puren_tonbo/tests/data/aesop.rot47
py -3 -m puren_tonbo.tools.ptcipher puren_tonbo/tests/data/aesop.rot47 -p password_ignored
No encryption, gzip compress files - no passphrase/password/key support.
ptcipher -p password_ignored puren_tonbo/tests/data/aesop.txt.gz
py -3 -m puren_tonbo.tools.ptcipher -p password_ignored puren_tonbo/tests/data/aesop.txt.gz
NOTE Python 2 support for gz files is missing do to API differences in zlib.
Symmetric encryption/decryption from passphase.
Format that Markor supports jenc format.
py -3 -m puren_tonbo.tools.ptcipher -p password puren_tonbo/tests/data/test_winnewlines.v001.jenc
py -3 -m puren_tonbo.tools.ptcipher -p password puren_tonbo/tests/data/test_winnewlines.u001.jenc # Old, legacy format
Jenc settings, application.properties contents:
filesearch.depth=10
# paths can be unix, i.e. '/'
# or under Windows, can be either Unix style or Windows. For Windows paths need to escape, for example; 'C:\\some\\\dir'
filesearch.encdir=C:\\code\\java\\jpencconverter\\bins\\jpenc-converter_0.2.1\\enc
#filesearch.decdir=C:\\code\\java\\jpencconverter\\bins\\jpenc-converter_0.2.1\\plain
filesearch.decdir=/code/java/jpencconverter/bins/jpenc-converter_0.2.1/plain
extension.encrypt=.jenc
extensions.plainText=md, markdown
#password=geheim
password=password
# For android-devices before Android 8 use U001
#encryption.version=U001
encryption.version=V001
Command line, note operates on directories NOT file (names) like most command line crypto tools:
java.exe -jar jpencconverter-0.2.1.jar encrypt
java.exe -jar jpencconverter-0.2.1.jar decrypt
Symmetric encryption/decryption from passphase.
Compatible with http://tombo.osdn.jp/En/ (and others, for example, Kumagusu on Android).
ptcipher -e -p test README.md -o README.chi
ptcipher -v -p test README.chi
The chi/chs file can also be read/written by Tombo http://tombo.sourceforge.jp/En/ and clones (for example, Kumagusu).
Symmetric encryption/decryption from passphase.
Tested with ccrypt 1.11 and 1.10 (32-bit and 64-bit Intel x86/x64 and arm).
Requires a ccrypt binary, download from https://ccrypt.sourceforge.net/
(or debian apt). ccrypt binary/executable needs to be in the path or
the environment variable CCRYPT_EXE needs to have the (full) path.
NOTE Under Microsoft Windows, is the ccrypt.exe is in a path with
spaces, do NOT use double quotes in the SET. Example: set CCRYPT_EXE=C:\3rd party bins\ccrypt.exe
python -m puren_tonbo.tools.ptcipher --password password puren_tonbo/tests/data/aesop_win_ccrypt.cpt
ptcipher --cipher=cpt -e -p test README.md -o README.cpt
python -m puren_tonbo.tools.ptcipher --cipher=cpt -e -p test README.md -o README.cpt
ccrypt -c README.cpt
ccrypt -c -K test README.cpt
Symmetric encryption/decryption from passphase, key support not explictly implemented.
Requires a gpg binary, download from https://gnupg.org/download/
python -m puren_tonbo.tools.ptcipher --cipher=asc -e -p test README.md -o README.asc
python -m puren_tonbo.tools.ptcipher --cipher=gpg -e -p test README.md -o README.gpg
gpg --pinentry-mode=loopback --decrypt --passphrase test README.gpg
Also see encryptcli
from https://github.com/evpo/EncryptPad/
OpenSSL 1.1.0+ compatible (with a very small subset of options).
ptcat --note-root=. puren_tonbo/tests/data/aesop_win.openssl_aes256cbc_pbkdf2_10k
Intended to allow decryption of files generated with OpenSSL 1.1.0 and vice-versa. Supported OpenSSL flags/formats, see https://linux.die.net/man/1/openssl:
openssl enc -e aes-256-cbc -salt -pbkdf2 -iter 10000 -in in_file -base64 -out out_file
openssl dec -d aes-256-cbc -salt -pbkdf2 -iter 10000 -in in_file -base64 -out out_file
echo hello| openssl enc -e aes-256-cbc -salt -pbkdf2 -iter 10000 -in - -base64 -out - -pass env:SET_OS_VAR_PASSWORD
echo hello| openssl enc -e aes-256-cbc -salt -pbkdf2 -iter 10000 -in - -base64 -out - -pass pass:password
echo hello| openssl enc -e -aes-256-cbc -in - -out - -salt -pbkdf2 -iter 10000 -pass pass:password
NOTE PBKDF2 iteration count of 10,000 is the default in OpenSSL 1.1.1 and is considered too few in 2023. Older versions of OpenSSL did not support; PBKDF2 (and ergo iterations) and salt and used a much weaker KDF. See https://www.openssl.org/docs/manmaster/man1/openssl-enc.html for more information.
Supports binary/raw and base64 encoded/ASCII armored files. ONLY supports aes-256-cbc with salt and pbkdf2 KDF with 10,000 interations.
Symmetric encryption/decryption from passphase.
ptcipher -e -p test README.md -o README.aes256.zip
ptcipher -p test README.aes256.zip
The aes256.zip file can also be read/written by 7-Zip, WinRAR, WinZIP, etc. that support AES zip files.
For example, 7z can read and write AES zip files:
7z a -tzip -mem=AES256 -ptest README.aes256.zip README.md
7z x -ptest README.aes256.zip
Symmetric encryption/decryption from passphase.
NOTE not implemented in nvim / neovim.
In vim the easiest way to get the newest encryption mode/format, for a file:
vim -c ":setlocal cm=blowfish2" test.vimcrypt3
then issue:
:X
will be prompted for password, can then edit/save as per normal.
To see encryption mode:
:setlocal cm?
ptcipher demo:
python -m puren_tonbo.tools.ptcipher -p test test.vimcrypt3
Quick and easy view/read ONLY of encrypted file with vim, without updating vim config.
NOTE call vim (or neovim) with options to set "private" mode:
-
to read from stdin instead of a filename, avoid plaintext hitting the disk-n
turns off swap file - use memory only-i
turns off .viminfo
TODO disable undo file
-
Use a pipe (cross platform)
ptcat FILE | vim - -n -i "NONE"
-
Use bash shell process substitution feature for editors that don't support stdin (Linux/Unix only, avoids directly calling mkfifo and cleaning up named pipes)
scite < (ptcat FILE) ptcat FILE | scite /dev/stdin scite <(python -m puren_tonbo.tools.ptcat puren_tonbo/tests/data/aesop.txt)
Puren Tonbo will prompt for passwords and the decrypted content should not hit the file system.
Option 1 can be used with other tools that take in stdin, option 2 can be used with any tool that takes in a filename.
Caution!
- don't save the raw file
- ensure now backup, swap, undo file, etc.. get created
https://vi.stackexchange.com/questions/6177/the-simplest-way-to-start-vim-in-private-mode
Tested with versions: v4.0.0, 4.1.5, and 5.3.5
See pt_scite.lua - read and write support (tested Windows). NOTE due to lua popen() any helpful error text/information is missing. Diagnosing failures can be difficult, even for trivial errors like directory/disk does not exist as this is not reported to the lua runtime. Also see SciTE Python plugin for read and write support with stderror support.
By default uses ptcipher
in path, override via PTCIPHER_EXE
environment variable.
Does NOT prompt for password, requires setting PT_PASSWORD
environment variable or use of keyring.
- Can be used standalone or with ParsKorata (http://lua-users.org/wiki/ParsKorata) mini/simple ExtMan compatible script
- Untested with ExtMan - http://lua-users.org/wiki/SciteExtMan
Need to edit SciTEUser.properties:
- Windows
%USERPROFILE%"\SciTEUser.properties
or%APPDATA%\scite\SciTEUser.properties
- Unix
~/.SciTEUser.properties
or$HOME/.SciTEUser.properties
Alternatively, launch scite, then open Options, Open User (or GLobal) Options File.
Windows NOTE to avoid a (typically black) CMD/Command window showing up use SciTE 4.4.4 or later and set create.hidden.console
in SciTEUser.properties:
# https://groups.google.com/g/scite-interest/c/QOhizNSEejU/m/qXslloxnCgAJ
# SciTE 4.4.4 on Windows adds create.hidden.console option to stop console window flashing when Lua script calls os.execute or io.popen.
create.hidden.console=1
# TODO see if this can be set in lua code, to make config easier
If not using a plugin extension manager can simply set pt_scite.lua
as starting lua script.
Edit SciTEUser.properties to set lua script:
...
ext.lua.startup.script=C:\code\py\puren_tonbo\pt_scite.lua
create.hidden.console=1
...
If using an extman like system:
...
# This is a simplified ExtMan
# requires each plugin/add-on to be "registered" or declared, white listed, etc.
ext.lua.startup.script=C:\code\scite\extman\parskorata_extman.lua
...
Then edit parskorata_extman.lua
to add to end:
mgr:load_files{'pt_scite.lua'}
NOTE not needed with original full ExtMan.
See scite with Python README - read and write support, Windows only (needs polishing).
By default uses ptcipher
in path, override via PTCIPHER_EXE
environment variable.
Does NOT prompt for password, requires setting PT_PASSWORD
environment variable.
Tested under Linux with vim 8.0 and 8.1. under x86, x64, and arm 32-bit.
See pt.vim - Linux/Unix/Cygwin only for now.
By default uses ptcipher
in path, override via PTCIPHER_EXE
environment variable.
Will prompt for password, which can be skipped by setting PT_PASSWORD
environment variable.
Assuming puren_tonbo has been installed and ptcipher
is in the
path (and in source code checkout):
vim -u pt.vim puren_tonbo/tests/data/aesop.chi
And enter in the test password, password
.
As per example above, can use the -u
parameter but this overrides existing settings.
Vim 8 supports plugins packs, to install:
If you do not already have any plugin packs, need to create directory, e.g.:
mkdir -p ~/.vim/pack/bundle/start/
Where bundle
is user decided. For the rest of the documentation replace bundle
with your directory name.
Install from checkout:
mkdir -p ~/.vim/pack/bundle/start/puren_tonbo/plugin/
cp pt.vim ~/.vim/pack/bundle/start/puren_tonbo/plugin/
Then can call vim without -u
:
vim puren_tonbo/tests/data/aesop.chi
gvim puren_tonbo/tests/data/aesop.chi
NOTE not working under Windows :-( Appear to be buffered files issues with vim/python interaction.
See linux notes, instead of ~/.vim
use %USERPROFILE%\vimfiles (or $VIM_INSTALLATION_FOLDER\vimfiles
)
mkdir %USERPROFILE%\vimfiles\pack\bundle\start\puren_tonbo\plugin
copy pt.vim %USERPROFILE%\vimfiles\pack\bundle\start\puren_tonbo\plugin
See https://vim.fandom.com/wiki/Encryption for how to configure vim with external tools for (view and edit) of encrypted files with autocmd. NOTE under Windows buffered IO can interfere with vim interactions. TODO consider using (OpenSSL) https://www.vim.org/scripts/script.php?script_id=2012 as a model for vim plugin (uses functions), also see:
- https://aweirdimagination.net/2019/03/24/encrypted-files-in-vim/ https://git.aweirdimagination.net/perelman/openssl.vim
- https://github.com/MoserMichael/vimcrypt2.
Puren Tonbo is implemented in Python, with support for Python 3.x and 2.7.
python -m puren_tonbo.tests.testsuite
python -m puren_tonbo.tests.testsuite -v 2>&1 |grep -i skipped
All encryption/decryption is file object based.
Low level routines (EncryptedFile) use file-like objects, for in-memory encryption/decryption use BytesIO
(see test suite, puren_tonbo/tests/testsuite.py
).
There is also the note abstraction (FileSystemNotes) which is filename based.
Simple file-like API available with:
FileLike
class which wraps a file object using a Puren Tonbo file (encryption) objectpt_open()
which is similar to the regular Python open() function but will read/write encrypted files. File type is determined by file extension. Unrecognized file extension treated as raw (text).
Quick demo:
import os
import puren_tonbo
# read
pt_root_dir = os.path.dirname(puren_tonbo.__file__)
test_filename = os.path.join(pt_root_dir, 'tests', 'data', 'aesop.chi')
print(test_filename)
open = puren_tonbo.pt_open # monkey patch time!
with open(test_filename) as f:
print('%r' % f.read())
f = open(test_filename)
print('%r' % f.read())
f.close()
# write
test_filename = 'test.zip'
f = open(test_filename, 'w')
f.write('hello')
f.close()
Thanks and kudos to:
- Tomohisa Hirami - the original creator of Tombo
- maxpat78 for the Python 2 (and 3) fall back code for AES zip support, relicensed with permission from https://github.com/maxpat78/CryptoPad
- Noah Spurrier who's Public Domain OpenSSL vim plugin is the inspiration for the PT vim support (using functions) https://www.vim.org/scripts/script.php?script_id=2012
TODO padlock and case insensitive ic in prompt - Windows terminal 2, ConEMu (https://conemu.github.io/ https://github.com/Maximus5/ConEmu) etc.? unlocked padlock for password present? key for searching for encrypted files? padlock for NOT searching for crypted files (or reverse?) scite refuses to create new chi files if file was originally missing on open new window/instnace (not tab), copy/paste and then close orig ad save as workaround seems to work if file gets creted and scite reloads, still fails to save - trigger for successful load didn't reset trigger variable ptig - with list of dirs, set shows note_root=None (ptconfig works fine) stripe colors ptgrep/ptig