Skip to main content

decrypt_secrets

sanitize_engine::secrets

Function decrypt_secrets 

Source 
pub fn decrypt_secrets(
    encrypted: &[u8],
    password: &str,
) -> Result<Zeroizing<Vec<u8>>>
Expand description

Decrypt an encrypted secrets blob in memory.

Returns the plaintext wrapped in Zeroizing so it is scrubbed on drop.

§Arguments

  • encryptedsalt (32) || nonce (12) || ciphertext.
  • password — user-supplied password.

§Errors

  • [SanitizeError::SecretsError] if the blob is too short, the password is wrong, or the ciphertext has been tampered with.