func sealBox(message []byte, peer PublicKey, boxtype byte) *bw {
if message == nil {
return nil
} else if !KeyIsSuitable(nil, peer) {
return nil
}
eph_key, eph_peer, ok := GenerateKey()
if !ok {
return nil
}
defer zero(eph_key)
skey, ok := ecdh(eph_key, peer)
if !ok {
return nil
}
defer zero(skey)
packer := newbw([]byte{boxtype})
sbox, ok := secretbox.Seal(message, skey)
if !ok {
return nil
}
packer.Write(eph_peer)
packer.Write(sbox)
return packer
}
func boxForPeer(e_priv PrivateKey, peer PublicKey, key secretbox.Key) ([]byte, bool) {
shared, ok := ecdh(e_priv, peer)
if !ok {
return nil, false
}
defer zero(shared)
return secretbox.Seal(key, shared)
}
func buildSharedBox(message []byte, peers []PublicKey, btype byte) []byte {
if message == nil {
return nil
}
for _, peer := range peers {
if peer == nil {
return nil
} else if !KeyIsSuitable(nil, peer) {
return nil
}
}
e_priv, e_pub, ok := GenerateKey()
if !ok {
return nil
}
shared, ok := secretbox.GenerateKey()
if !ok {
return nil
}
defer zero(shared)
packPeers := newbw([]byte{peerList})
packPeers.WriteUint32(uint32(len(peers)))
for _, peer := range peers {
packPeers.Write(peer)
pbox, ok := boxForPeer(e_priv, peer, shared)
if !ok {
return nil
}
packPeers.Write(pbox)
}
plist := packPeers.Bytes()
if plist == nil {
return nil
}
packer := newbw([]byte{btype})
packer.Write(e_pub)
packer.Write(plist)
sbox, ok := secretbox.Seal(message, shared)
if !ok {
return nil
}
packer.Write(sbox)
return packer.Bytes()
}