iop_keyvault_wasm/encrypt.rs
1use super::*;
2
3/// Encrypts the plaintext with a password. Make sure the password is not weak.
4/// A random nonce is generated for each call so each time the same plaintext is
5/// encrypted with the same password, the result is a different ciphertext. The
6/// ciphertext returned will be 40 bytes longer than the plaintext.
7///
8/// @see decrypt
9#[wasm_bindgen]
10pub fn encrypt(plain_text: &[u8], password: &str) -> Result<Vec<u8>, JsValue> {
11 let nonce = keyvault_encrypt::nonce().map_err_to_js()?;
12 keyvault_encrypt::encrypt(plain_text, password, &nonce).map_err_to_js()
13}
14
15/// Decrypts the ciphertext with a password. The format of the ciphertext is
16/// defined by the {@link encrypt} function. Only the matching password will decrypt
17/// the ciphertext.
18#[wasm_bindgen]
19pub fn decrypt(cipher_text: &[u8], password: &str) -> Result<Vec<u8>, JsValue> {
20 keyvault_encrypt::decrypt(cipher_text, password).map_err_to_js()
21}