Please recommend encryption plug-in

Tony F

I need to encrypt some text files. I note that there is more than one plug-in to do this. I really don’t want to make the wrong choice here so:

• Do you know which is best?
• Or have an opinion on which is best?
• Or just found one that works ok?
  Thanks

PeterJones

@Tony-F ,

“Best” is in the eye of the beholder, depending on what features you need and what workflow you prefer.

A few years ago, I played a little with NppCrypt, and it seemed reasonable to me. (There was a slight kerfluffle because v1.0.6 was incompatible with the earlier versions – but since you won’t be starting with an older version, and the author hasn’t made a new release since v1.0.1.6 in 2019, you shouldn’t have to worry about that for now). But since the Notepad++ plugin interface has changed somewhat over the last couple years, I cannot guarantee that NppCrypt will still work with modern Notepad++ versions.

I see that SecurePad has been more active over the last couple years (it’s most recent release was 2022, compared to NppCrypt’s 2019) – that doesn’t mean it’s necessarily “better”, but it might improve the chances of getting bug fixes and feature requests incorporated into new releases (and it might not).

Personally, for the rare times I’ve wanted to encrypt a file inside Notepad++ (rather than just using a right-click context action), I have a script for the NppExec plugin that runs the active file through my command-line gpg.exe:

encrypt

cls
cmd.exe /c exit %RANDOM%								// cannot access $(SYS.RANDOM) directly through NppExec, but can tell cmd.exe to return it as a value
set tempfile = $(SYS.TEMP)\NppGpgFile_$(EXITCODE).tmp					// create random tempfile name
set ascfile = $(SYS.TEMP)\NppGpgFile_$(EXITCODE).asc					// create associated ascfile name
sci_sendmsg SCI_SELECTALL								// select all
sel_saveto $(tempfile) :a								// save selection to the tempfile	(use :a to save as ansi, to prevent unicode prefix ÿþ getting embedded)
INPUTBOX "Recipients (use -r between multiple): " : XXXXX@XXXXX.XXX -r XXXX@XXXX.XXX // get the recipients
gpg.exe --output "$(ascfile)" -ase -r $(INPUT) "$(tempfile)"					// armor+sign+encrypt to recipient(s)
sel_loadfrom $(ascfile)								// replace selection with results
sci_sendmsg SCI_DOCUMENTSTART							// deselect
//rm -rf "$(tempfile)" "$(ascfile)"							// cleanup temp files
npp_save

decrypt

cls
cmd.exe /c exit %RANDOM%							// cannot access $(SYS.RANDOM) directly through NppExec, but can tell cmd.exe to return it as a value
set tempfile = $(SYS.TEMP)\NppGpgFile_$(EXITCODE).tmp				// create random tempfile name
set ascfile = $(SYS.TEMP)\NppGpgFile_$(EXITCODE).asc				// create associated ascfile name
sci_sendmsg SCI_SELECTALL							// select all
sel_saveto $(ascfile) :a							// save selection to the ascfile	(use :a to save as ansi, to prevent unicode prefix ÿþ getting embedded)
gpg.exe --output "$(tempfile)" --decrypt "$(ascfile)"				// decrypt
sel_loadfrom $(tempfile)							// replace selection with results
sci_sendmsg SCI_DOCUMENTSTART						// deselect
rm -rf "$(tempfile)" "$(ascfile)"						// cleanup temp files
npp_save

(and I have similar ones for gpg-sign and gpg-verify – though honestly, I haven’t used any of them much in the past year or two)

Tony F

@PeterJones thanks v much

Justin Brown

@PeterJones I know this is an old thread, but it is precisely what I was looking for. But I am curious if you are concerned about the ability to “undelete” the temp file when you use your script. Does rm fully remove the file, including overwriting bits? Or has Windows improved it’s undelete such that it is no longer a concern?

PeterJones

@Justin-Brown said in Please recommend encryption plug-in:

@PeterJones I know this is an old thread, but it is precisely what I was looking for. But I am curious if you are concerned about the ability to “undelete” the temp file when you use your script. Does rm fully remove the file, including overwriting bits? Or has Windows improved it’s undelete such that it is no longer a concern?

I hadn’t noticed I used rm. That’s an old win32 port of the gnu linux rm command (from the gnuwin32 bundle; hasn’t been updated in years). I have never looked into the source code, so I don’t know for sure if it overwrites first, but it’s doubtful.

I also no nothing about the advanced features of windows del or the powershell equivalent. However, I don’t know whether microsoft has made those secure deletes, either. (A Notepad++ forum isn’t the best place to research about windows features, especially the more esoteric aspects.)

If research in appropriate places doesn’t give you the answers you want or hope for with regard to windows file deletion, you might look into installing a secure command-line-based file deleter; it would very much surprise me if such a utility didn’t exist, but I have never gone looking for it, so I have no specific recommendations. But if you find such a utility that you trust, then use it (with its appropriate command-line options) in place of the rm -rf that I used in the script