// DecryptFile - Given a ciphertext, walk it into length prefixed chunks and decrypt/reassemble
// each chunk, then validate the hash of the file against the hash given in FileInfo.
// The result is a validated, decrypted filename and file contents byte-slice.
func (fi *FileInfo) DecryptFile(ciphertext []byte) (filename string, contents []byte, err error) {
var (
hash [32]byte
DI taber.DecryptInfo
)
hash = blake2s.Sum256(ciphertext)
if !bytes.Equal(fi.FileHash, hash[:]) {
return "", nil, ErrCTHashMismatch
}
DI = taber.DecryptInfo{Key: fi.FileKey, BaseNonce: fi.FileNonce}
return DI.Decrypt(ciphertext)
}
// Separated from the above for testing purposes; deterministic ciphertext.
func encryptFileToFileInfo(DI *taber.DecryptInfo, filename string, filecontents []byte) (FI *FileInfo, ciphertext []byte, err error) {
var hash [32]byte
ciphertext, err = DI.Encrypt(filename, filecontents)
if err != nil {
return nil, nil, err
}
hash = blake2s.Sum256(ciphertext)
FI = new(FileInfo)
FI.FileKey = DI.Key
FI.FileNonce = DI.BaseNonce
FI.FileHash = hash[:]
return FI, ciphertext, nil
}
func Harden(salt, passphrase string) ([]byte, error) {
pp_blake := blake2s.Sum256([]byte(passphrase))
return scrypt.Key(pp_blake[:], []byte(salt), 131072, 8, 1, 32)
}