diff --git a/web/packages/base/crypto/ente-impl.ts b/web/packages/base/crypto/ente-impl.ts
index ad14f93d2f..bb7c6d77a2 100644
--- a/web/packages/base/crypto/ente-impl.ts
+++ b/web/packages/base/crypto/ente-impl.ts
@@ -2,6 +2,8 @@
 import * as libsodium from "./libsodium";
 import type {
     DecryptBlobB64,
+    DecryptBoxB64,
+    DecryptBoxBytes,
     EncryptB64,
     EncryptBytes,
     EncryptedBlobB64,
@@ -41,6 +43,19 @@ export const _encryptMetadataJSON = ({ jsonValue, keyB64 }: EncryptJSON) =>
         keyB64,
     });
 
+const DecryptBoxB64ToBytes = async ({
+    encryptedDataB64,
+    nonceB64,
+    keyB64,
+}: DecryptBoxB64): Promise<DecryptBoxBytes> => ({
+    encryptedData: await libsodium.fromB64(encryptedDataB64),
+    nonceB64,
+    keyB64,
+});
+
+export const _decryptBoxB64 = (r: DecryptBoxB64) =>
+    DecryptBoxB64ToBytes(r).then((rb) => libsodium.decryptBox(rb));
+
 export const _decryptAssociatedData = libsodium.decryptBlob;
 
 export const _decryptThumbnail = _decryptAssociatedData;
diff --git a/web/packages/base/crypto/ente.ts b/web/packages/base/crypto/ente.ts
index 494656763f..dce6dc1050 100644
--- a/web/packages/base/crypto/ente.ts
+++ b/web/packages/base/crypto/ente.ts
@@ -54,6 +54,7 @@ import * as ei from "./ente-impl";
 import type {
     DecryptBlobB64,
     DecryptBlobBytes,
+    DecryptBoxB64,
     EncryptB64,
     EncryptBytes,
     EncryptJSON,
@@ -139,6 +140,19 @@ export const encryptMetadataJSON = async (r: EncryptJSON) =>
         ? ei._encryptMetadataJSON(r)
         : sharedCryptoWorker().then((w) => w.encryptMetadataJSON(r));
 
+/**
+ * Decrypt arbitrary data, provided as a base64 string, using the given key and
+ * the provided nonce.
+ *
+ * This is the sibling of {@link encryptBoxB64}.
+ *
+ * See {@link decryptBox} for the implementation details.
+ */
+export const decryptBoxB64 = (r: DecryptBoxB64) =>
+    inWorker()
+        ? ei._decryptBoxB64(r)
+        : sharedCryptoWorker().then((w) => w.decryptBoxB64(r));
+
 /**
  * Decrypt arbitrary data associated with an Ente object (file, collection or
  * entity) using the object's key.
diff --git a/web/packages/base/crypto/libsodium.ts b/web/packages/base/crypto/libsodium.ts
index 6d3c0f5d7d..5f57c459b8 100644
--- a/web/packages/base/crypto/libsodium.ts
+++ b/web/packages/base/crypto/libsodium.ts
@@ -329,7 +329,7 @@ export async function encryptFileChunk(
 /**
  * Decrypt the result of {@link encryptBox}.
  */
-const decryptBox = async ({
+export const decryptBox = async ({
     encryptedData,
     nonceB64,
     keyB64,
diff --git a/web/packages/base/crypto/worker.ts b/web/packages/base/crypto/worker.ts
index d7c8a68503..72ae1fb332 100644
--- a/web/packages/base/crypto/worker.ts
+++ b/web/packages/base/crypto/worker.ts
@@ -15,6 +15,7 @@ export class CryptoWorker {
     encryptBoxB64 = ei._encryptBoxB64;
     encryptThumbnail = ei._encryptThumbnail;
     encryptMetadataJSON = ei._encryptMetadataJSON;
+    decryptBoxB64 = ei._decryptBoxB64;
     decryptThumbnail = ei._decryptThumbnail;
     decryptAssociatedDataB64 = ei._decryptAssociatedDataB64;
     decryptMetadataJSON = ei._decryptMetadataJSON;