// Decrypt decrypts the passed data. The must be the output of the Encrypt // function. func (ck *CryptoKey) Decrypt(in []byte) ([]byte, error) { if len(in) < NonceSize { return nil, ErrMalformed } var nonce [NonceSize]byte copy(nonce[:], in[:NonceSize]) blob := in[NonceSize:] opened, ok := secretbox.Open(nil, blob, &nonce, (*[KeySize]byte)(ck)) if !ok { return nil, ErrDecryptFailed } return opened, nil }
// OpenAfterPrecomputation performs the same actions as Open, but takes a // shared key as generated by Precompute. func OpenAfterPrecomputation(out, box []byte, nonce *[24]byte, sharedKey *[32]byte) ([]byte, bool) { return secretbox.Open(out, box, nonce, sharedKey) }
// Open authenticates and decrypts a box produced by Seal and appends the // message to out, which must not overlap box. The output will be Overhead // bytes smaller than box. func Open(out, box []byte, nonce *[24]byte, peersPublicKey, privateKey *[32]byte) ([]byte, bool) { var sharedKey [32]byte Precompute(&sharedKey, peersPublicKey, privateKey) return secretbox.Open(out, box, nonce, &sharedKey) }