The problem#

There's a handy Vim plugin openssl.vim that allows you to easily edit encrypted files with Vim simply by giving the file an extension like .aes. Then Vim will ask for a password upon loading and saving the file in order to decrypt and encrypt it with openssl.

Unfortunately, the plugin was last updated in 2008 and makes some assumptions about openssl's defaults which are no longer valid. The most pressing issue is that the plugin now outputs a warning message when encrypting. By itself, that's worrisome, but, worse, that warning message gets output into the file along with the ciphertext. Needless to say, the resulting file cannot be decrypted without manually removing the warning text.

The solution#

Simply fixing the options the script passes to openssl is a good start, but I also wanted to make sure any files encrypted with the old settings could be decrypted. My updated openssl.vim¹ does both in addition to fixing some other annoyances.

The details#