1%% This Source Code Form is subject to the terms of the Mozilla Public
2%% License, v. 2.0. If a copy of the MPL was not distributed with this
3%% file, You can obtain one at https://mozilla.org/MPL/2.0/.
4%%
5%% Copyright (c) 2007-2021 VMware, Inc. or its affiliates.  All rights reserved.
6%%
7
8-module(rabbit_pbe).
9
10-export([supported_ciphers/0, supported_hashes/0, default_cipher/0, default_hash/0, default_iterations/0]).
11-export([encrypt_term/5, decrypt_term/5]).
12-export([encrypt/5, decrypt/5]).
13
14-export_type([encryption_result/0]).
15
16supported_ciphers() ->
17    credentials_obfuscation_pbe:supported_ciphers().
18
19supported_hashes() ->
20    credentials_obfuscation_pbe:supported_hashes().
21
22%% Default encryption parameters.
23default_cipher() ->
24    credentials_obfuscation_pbe:default_cipher().
25
26default_hash() ->
27    credentials_obfuscation_pbe:default_hash().
28
29default_iterations() ->
30    credentials_obfuscation_pbe:default_iterations().
31
32%% Encryption/decryption of arbitrary Erlang terms.
33
34encrypt_term(Cipher, Hash, Iterations, PassPhrase, Term) ->
35    credentials_obfuscation_pbe:encrypt_term(Cipher, Hash, Iterations, PassPhrase, Term).
36
37decrypt_term(_Cipher, _Hash, _Iterations, _PassPhrase, {plaintext, Term}) ->
38    Term;
39decrypt_term(Cipher, Hash, Iterations, PassPhrase, {encrypted, _Base64Binary}=Encrypted) ->
40    credentials_obfuscation_pbe:decrypt_term(Cipher, Hash, Iterations, PassPhrase, Encrypted).
41
42-type encryption_result() :: {'encrypted', binary()} | {'plaintext', binary()}.
43
44-spec encrypt(crypto:block_cipher(), crypto:hash_algorithms(),
45    pos_integer(), iodata() | '$pending-secret', binary()) -> encryption_result().
46encrypt(Cipher, Hash, Iterations, PassPhrase, ClearText) ->
47    credentials_obfuscation_pbe:encrypt(Cipher, Hash, Iterations, PassPhrase, ClearText).
48
49-spec decrypt(crypto:block_cipher(), crypto:hash_algorithms(),
50    pos_integer(), iodata(), encryption_result()) -> any().
51decrypt(_Cipher, _Hash, _Iterations, _PassPhrase, {plaintext, Term}) ->
52    Term;
53decrypt(Cipher, Hash, Iterations, PassPhrase, {encrypted, _Base64Binary}=Encrypted) ->
54    credentials_obfuscation_pbe:decrypt(Cipher, Hash, Iterations, PassPhrase, Encrypted).
55