func buildSharedBox(message []byte, peers []PublicKey, btype byte) []byte {
if message == nil {
return nil
}
for _, peer := range peers {
if peer == nil {
return nil
} else if !KeyIsSuitable(nil, peer) {
return nil
}
}
e_priv, e_pub, ok := GenerateKey()
if !ok {
return nil
}
shared, ok := secretbox.GenerateKey()
if !ok {
return nil
}
defer zero(shared)
packPeers := newbw([]byte{peerList})
packPeers.WriteUint32(uint32(len(peers)))
for _, peer := range peers {
packPeers.Write(peer)
pbox, ok := boxForPeer(e_priv, peer, shared)
if !ok {
return nil
}
packPeers.Write(pbox)
}
plist := packPeers.Bytes()
if plist == nil {
return nil
}
packer := newbw([]byte{btype})
packer.Write(e_pub)
packer.Write(plist)
sbox, ok := secretbox.Seal(message, shared)
if !ok {
return nil
}
packer.Write(sbox)
return packer.Bytes()
}
func encryptRSA(in, out string, key *rsa.PublicKey, signkey string, local, armour bool) (err error) {
boxKey, ok := secretbox.GenerateKey()
if !ok {
fmt.Println("[!] failed to generate the box key.")
return
}
hash := sha256.New()
lockedKey, err := rsa.EncryptOAEP(hash, rand.Reader, key, boxKey, nil)
if err != nil {
fmt.Println("[!] RSA encryption failed:", err.Error())
return
}
message, err := ioutil.ReadFile(in)
if err != nil {
fmt.Println("[!]", err.Error())
return
}
box, ok := secretbox.Seal(message, boxKey)
if !ok {
fmt.Println("[!] failed to seal the message.")
err = fmt.Errorf("sealing failure")
return
}
pkg, err := packageBox(lockedKey, box, armour)
if err != nil {
return
}
err = ioutil.WriteFile(out, pkg, 0644)
if err != nil {
fmt.Println("[!]", err.Error())
}
if err != nil {
fmt.Println("[!]", err.Error())
}
return
}