1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
use crateparse_recipients;
use crateResult;
use crateEncryptError;
use crateEncryptedData;
use Write;
/// Encrypts plaintext for one or more recipients using age.
///
/// # Parameters
/// - `plaintext`: Data to encrypt.
/// - `recipients`: Slice of recipient public keys (each starts with `age1...`).
///
/// # Returns
/// `Ok(EncryptedData)` containing the encrypted bytes.
///
/// # Errors
/// | Condition | Error variant |
/// |-----------|---------------|
/// | Empty recipient list | [`EncryptError::NoRecipients`] |
/// | Invalid recipient string | [`EncryptError::InvalidRecipient`] |
/// | Internal encryption failure | [`EncryptError::Failed`] |
/// | I/O error during writing | [`EncryptError::Io`] |
///
/// # Panics
/// **No.** All failure paths are handled gracefully.
///
/// # Example
/// ```
/// use age_crypto::encrypt;
/// use age_setup::build_keypair;
///
/// # fn main() -> age_crypto::errors::Result<()> {
/// // Create two identities
/// let alice = build_keypair().expect("key generation failed");
/// let bob = build_keypair().expect("key generation failed");
///
/// let recipients = [alice.public.expose(), bob.public.expose()];
///
/// let data = b"Multi-recipient secret";
/// let encrypted = encrypt(data, &recipients)?;
///
/// assert!(!encrypted.as_bytes().is_empty());
/// # Ok(())
/// # }
/// ```