Expand description
End-to-end encryption for cloud sync.
Provides passphrase-based key derivation using Argon2id and symmetric encryption using AES-256-GCM. Session message content is encrypted before upload and decrypted after download, ensuring that the cloud service cannot read session contents.
Constants§
- KEY_
SIZE - Size of the encryption key in bytes (256 bits for AES-256).
- NONCE_
SIZE - Size of the nonce in bytes (96 bits for AES-GCM).
- SALT_
SIZE - Size of the salt for key derivation.
Functions§
- decode_
base64 - Decodes base64 data to binary.
- decode_
key_ hex - Decodes a hexadecimal key.
- decrypt_
data - Decrypts data that was encrypted with
encrypt_data. - derive_
key - Derives an encryption key from a passphrase and salt using Argon2id.
- encode_
base64 - Encodes binary data as base64.
- encode_
key_ hex - Encodes a key as hexadecimal for storage.
- encrypt_
data - Encrypts data using AES-256-GCM.
- generate_
salt - Generates a random salt for key derivation.