// Decrypt decrypt something with mcrypt rijndael-256 PHP-style
func Decrypt(key []byte, iv []byte, data []byte) ([]byte, error) {
// keep track of the size of the input data
length := C.int(len(data))
if length == 0 {
return nil, errors.New("Invalid data size of 0")
}
// keep track of any errors that occur on decryption
err := C.int(0)
// decrypt the data
decryptedData := C.decrypt(unsafe.Pointer(&key[0]), C.int(len(key)), unsafe.Pointer(&iv[0]), C.int(len(iv)), (*C.char)(unsafe.Pointer(&data[0])), (*C.int)(unsafe.Pointer(&length)), (*C.int)(unsafe.Pointer(&err)))
// if err is not 0, there is an error
if int(err) != 0 {
return nil, errors.New(C.GoString(C.getError(err)))
}
// ensure that memory is freed on the decrypted data after it is converted to Go bytes
defer C.free(unsafe.Pointer(decryptedData))
// return the Go bytes of the decrypted data
return C.GoBytes(unsafe.Pointer(decryptedData), length), nil
}
func (c *WindowsCrypt) decrypt(input []byte) string {
var length C.int
decruptedC := C.decrypt((*C.byte)(&input[0]), C.int(len(input)), &length)
decrypted := C.GoStringN(decruptedC, length)
return decrypted
}
func (sc *SecureCell) Unprotect(protectedData []byte, additionalData []byte, context []byte) ([]byte, error) {
if (sc.mode < CELL_MODE_SEAL) || (sc.mode > CELL_MODE_CONTEXT_IMPRINT) {
return nil, errors.New("Invalid mode specified")
}
if nil == sc.key {
return nil, errors.New("Master key was not provided")
}
if nil == protectedData {
return nil, errors.New("Data was not provided")
}
if CELL_MODE_CONTEXT_IMPRINT == sc.mode {
if nil == context {
return nil, errors.New("Context is mandatory for context imprint mode")
}
}
if CELL_MODE_TOKEN_PROTECT == sc.mode {
if nil == additionalData {
return nil, errors.New("Additional data is mandatory for token protect mode")
}
}
var add, ctx unsafe.Pointer
var addLen, ctxLen C.size_t
if nil != additionalData {
add = unsafe.Pointer(&additionalData[0])
addLen = C.size_t(len(additionalData))
}
if nil != context {
ctx = unsafe.Pointer(&context[0])
ctxLen = C.size_t(len(context))
}
var decLen C.size_t
if !bool(C.get_unprotect_size(unsafe.Pointer(&sc.key[0]),
C.size_t(len(sc.key)),
unsafe.Pointer(&protectedData[0]),
C.size_t(len(protectedData)),
add,
addLen,
ctx,
ctxLen,
C.int(sc.mode),
&decLen)) {
return nil, errors.New("Failed to get ouput size")
}
decData := make([]byte, decLen, decLen)
if !bool(C.decrypt(unsafe.Pointer(&sc.key[0]),
C.size_t(len(sc.key)),
unsafe.Pointer(&protectedData[0]),
C.size_t(len(protectedData)),
add,
addLen,
ctx,
ctxLen,
C.int(sc.mode),
unsafe.Pointer(&decData[0]),
decLen)) {
return nil, errors.New("Failed to unprotect data")
}
return decData, nil
}