Module encryption 

AES-256-GCM authenticated encryption.

Each call to encrypt generates a fresh random 12-byte nonce and prepends it to the ciphertext. decrypt splits the nonce back out before decrypting.

Layout of the returned byte buffer: [ 12-byte nonce | ciphertext + 16-byte auth tag ]

Functions

decrypt

Decrypt data that was produced by encrypt.

encrypt

Encrypt plaintext with a 32-byte key.