Exemple #1
0
// This is an entry point that largely defines "normal" miniLock behaviour.
// If sendToSender is true, then the sender's ID is added to recipients.
func EncryptFileContentsWithStrings(filename string, fileContents []byte, senderEmail, senderPassphrase string, sendToSender bool, recipientIDs ...string) (miniLockContents []byte, err error) {
	var (
		senderKey, this_recipient *taber.Keys
		recipientKeyList          []*taber.Keys
		this_id                   string
	)
	senderKey, err = taber.FromEmailAndPassphrase(senderEmail, senderPassphrase)
	if err != nil {
		return nil, err
	}
	if sendToSender {
		this_id, err = senderKey.EncodeID()
		if err != nil {
			return nil, err
		}
		recipientIDs = append(recipientIDs, this_id)
	}
	recipientKeyList = make([]*taber.Keys, 0, len(recipientIDs))
	// TODO: Randomise iteration here?
	for _, this_id = range recipientIDs {
		this_recipient, err = taber.FromID(this_id)
		if err != nil {
			return nil, err
		}
		recipientKeyList = append(recipientKeyList, this_recipient)
	}
	miniLockContents, err = EncryptFileContents(filename, fileContents, senderKey, recipientKeyList...)
	if err != nil {
		return nil, err
	}
	return miniLockContents, nil
}
Exemple #2
0
// DecryptFileContentsWithStrings is the highest-level API for decryption.
// It uses the recipient's email and passphrase to generate their key, attempts
// decryption, and wipes keys when finished.
func DecryptFileContentsWithStrings(fileContents []byte, recipientEmail, recipientPassphrase string) (senderID, filename string, contents []byte, err error) {
	var recipientKey *taber.Keys
	recipientKey, err = taber.FromEmailAndPassphrase(recipientEmail, recipientPassphrase)
	if err != nil {
		return
	}
	defer recipientKey.Wipe()
	return DecryptFileContents(fileContents, recipientKey)
}
Exemple #3
0
// Generate a key from an email address and passphrase, consistent
// with the miniLock algorithm. Passphrase is *not* currently checked
// for strength so it is, at present, the caller's responsibility to
// provide passphrases that don't suck!
func GenerateKey(email string, passphrase string) (*taber.Keys, error) {
	return taber.FromEmailAndPassphrase(email, passphrase)
}
// Because of the work involved creating keys, they shouldn't be made within
// test cases as they wildly skew the time required.
func init() {
	testKey1, _ = taber.FromEmailAndPassphrase("*****@*****.**", "this is a password that totally works for minilock purposes")
	testKey2, _ = taber.FromEmailAndPassphrase("*****@*****.**", "whatever I write won't be good enough for the NSA")
}