+ let cipher_text_bytes =\r
+ base64::decode(&cipher_text.as_bytes()[1..])\r
+ .map_err(|_e| DecryptError::UnableToDecodeBase64Message)?;\r
+\r
+ if cipher_text_bytes.len() <= 48 { return Err(DecryptError::MessageToShort) }\r
+\r
+ let iv = &cipher_text_bytes[0..16];\r
+\r
+ let (plain_message_bytes, hash) =\r
+ if version == 1 {\r
+ let encrypted_message = &cipher_text_bytes[48..];\r
+ (\r
+ symm::decrypt(symm::Cipher::aes_128_cbc(), &key_as_bytes, Some(iv), encrypted_message)\r
+ .map_err(|_e| DecryptError::UnableToDecrypt)?,\r
+ cipher_text_bytes[16..48].to_vec()\r
+ )\r
+ } else {\r
+ let encrypted_message = &cipher_text_bytes[16..];\r
+ let plain_text =\r
+ symm::decrypt(symm::Cipher::aes_128_cbc(), &key_as_bytes, Some(iv), encrypted_message)\r
+ .map_err(|_e| DecryptError::UnableToDecrypt)?;\r
+ (\r
+ plain_text[32..].to_vec(),\r
+ plain_text[0..32].to_vec()\r
+ )\r
+ };\r
+\r
+ if sha256(&plain_message_bytes) != hash[..] { return Err(DecryptError::HashMismatch) }\r
+\r
+ let plain_message =\r
+ String::from_utf8(plain_message_bytes)\r
+ .map_err(|_e| DecryptError::UnableToDecodeMessageAsUTF8String)?;\r
+\r
+ Ok(plain_message)\r