Example #1
0
func decryptFile(ks *store.KeyStore, cfg *config) error {
	message, err := util.ReadFile(cfg.Args[0])
	if err != nil {
		return err
	}

	var needVerify bool
	if len(message) > 10 {
		if bytes.Equal(message[:10], []byte("-----BEGIN")) {
			p, _ := pem.Decode(message)
			if p == nil {
				return errors.New("failed to decode PEM file")
			}

			switch p.Type {
			case public.EncryptedType:
				message = p.Bytes
			case public.SignedAndEncryptedType:
				needVerify = true
				message = p.Bytes
			default:
				return errors.New("invalid message")
			}

		}
	}

	var out []byte
	var ok bool

	if !needVerify {
		out, ok = ks.Decrypt(message)
		if !ok {
			return errors.New("decrypt failed")
		}
	} else {
		out, ok = ks.DecryptAndVerify(cfg.Label, message)
		if !ok {
			return errors.New("decrypt and verify failed")
		}
		fmt.Println("Valid signature.")
	}

	err = util.WriteFile(out, cfg.Args[1])
	if err != nil {
		return err
	}
	return nil
}