Beispiel #1
0
func Import(password, filename string) (mk *MetaKey, err error) {
	b64in, err := ioutil.ReadFile(filename)
	if err != nil {
		return
	}

	in, err := armour.DecodeBase64(b64in)
	if err != nil {
		return
	}

	salt := in[:hash.SaltLength]
	in = in[hash.SaltLength:]
	key := binaryKeyFromDerivedKey(
		hash.DeriveKeyWithSalt(password, salt))
	dec, err := armour.Decrypt(key, in)
	if err != nil {
		return
	}

	h := dec[:hash.HashLen]
	dec = dec[hash.HashLen:]
	if !bytes.Equal(h, hash.New(dec).Digest()) {
		err = fmt.Errorf("invalid digest")
		return
	}

	buf := bytes.NewBuffer(dec)
	return Read(buf)
}
Beispiel #2
0
func (mk *MetaKey) Decrypt(algo int, ct []byte) (pt []byte, err error) {
	var keySize int
	switch algo {
	case AES128:
		keySize = AES128KeyLength
	case AES192:
		keySize = AES192KeyLength
	case AES256:
		keySize = AES256KeyLength
	default:
		return ct, ErrKeySizeNotSupported
	}

	key, err := mk.GetKey(keySize)
	if err != nil {
		return
	}

	return armour.Decrypt(key, ct)
}