// SessionAnchor returns the decrypted and verified session anchor for KeyInit. func (ki *KeyInit) SessionAnchor(sigPubKey string) (*SessionAnchor, error) { // SIGKEYHASH corresponds to the SIGKEY of the Identity pubKey, err := base64.Decode(sigPubKey) if err != nil { return nil, err } keyHash := cipher.SHA512(pubKey) if ki.Contents.SIGKEYHASH != base64.Encode(cipher.SHA512(keyHash)) { log.Error(ErrWrongSigKeyHash) return nil, ErrWrongSigKeyHash } // verify that SESSIONANCHORHASH matches decrypted SESSIONANCHOR enc, err := base64.Decode(ki.Contents.SESSIONANCHOR) if err != nil { return nil, err } txt := cipher.AES256CTRDecrypt(keyHash[:32], enc) var sa SessionAnchor if err := json.Unmarshal(txt, &sa); err != nil { return nil, log.Error(err) } if ki.Contents.SESSIONANCHORHASH != base64.Encode(cipher.SHA512(sa.json())) { log.Error(ErrSessionAnchor) return nil, ErrSessionAnchor } return &sa, nil }
// Decrypt decrypts the message reply and returns the resulting UIDIndex and // UIDMesssage. func (reply *MessageReply) Decrypt(UIDHash []byte) ([]byte, *Message, error) { UIDMessageEncrypted, err := base64.Decode(reply.ENTRY.UIDMESSAGEENCRYPTED) if err != nil { return nil, nil, log.Error(err) } UIDIndex := UIDMessageEncrypted[:sha256.Size] enc := UIDMessageEncrypted[sha256.Size:] Message := cipher.AES256CTRDecrypt(UIDHash, enc) uid, err := NewJSON(string(Message)) if err != nil { return nil, nil, log.Error(err) } return UIDIndex, uid, nil }