// RecoverBoxKey retrieves the password-secured box private key. func RecoverBoxKey(password, spriv []byte) (*[box.PrivateKeySize]byte, bool) { rawKey, ok := pwbox.Open(password, spriv) if !ok { return nil, false } var priv = new([box.PrivateKeySize]byte) copy(priv[:], rawKey) Zero(rawKey) return priv, true }
// RecoverSecretboxKey retrieves the password-secured box private key. func RecoverSecretboxKey(password, skey []byte) (*[secretbox.KeySize]byte, bool) { rawKey, ok := pwbox.Open(password, skey) if !ok { return nil, false } var key = new([secretbox.KeySize]byte) copy(key[:], rawKey) Zero(rawKey) return key, true }
func main() { flDecrypt := flag.Bool("d", false, "Decrypt the file.") flUsage := flag.Bool("h", false, "Print a usage message and exit.") flag.Parse() if *flUsage { usage() os.Exit(0) } var outputFile string var inputFile string nargs := flag.NArg() switch nargs { case 0: usage() os.Exit(1) case 1: inputFile = flag.Args()[0] if *flDecrypt { if filepath.Ext(inputFile) == "" { outputFile = inputFile + ".out" } else { outputFile = stripExt(inputFile) if outputFile == inputFile { outputFile = inputFile + ".out" } } } else { outputFile = inputFile + ".enc" } case 2: inputFile = flag.Args()[0] outputFile = flag.Args()[1] default: usage() os.Exit(1) } password, err := readpass.PasswordPromptBytes("Password: "******"[!] Failed to read password.") fmt.Printf("\t%v\n", err) os.Exit(1) } defer zero(password) fileData, err := ioutil.ReadFile(inputFile) if err != nil { fmt.Println("[!] Failed to open", inputFile) fmt.Printf("\t%v\n", err) os.Exit(1) } if *flDecrypt { msg, ok := pwbox.Open(password, fileData) if !ok { fmt.Println("[!] Decryption failure.") os.Exit(1) } err = ioutil.WriteFile(outputFile, msg, 0644) if err != nil { fmt.Println("[!] Failed to write", outputFile) fmt.Printf("\t%v\n", err) os.Exit(1) } fmt.Println("[+] Decrypted file written to", outputFile) fmt.Println("OK") } else { box, ok := pwbox.Seal(password, fileData) if !ok { fmt.Println("[!] Encryption failure.") os.Exit(1) } err = ioutil.WriteFile(outputFile, box, 0644) if err != nil { fmt.Println("[!] Failed to write", outputFile) fmt.Printf("\t%v\n", err) os.Exit(1) } fmt.Println("[+] Encrypted file written to", outputFile) fmt.Println("OK") return } }