// Decrypt takes the incoming ciphertext and decrypts it. func (skey *SessionKey) Decrypt(in []byte) ([]byte, error) { var ephem struct { Pub []byte CT []byte } _, err := asn1.Unmarshal(in, &ephem) if err != nil { return nil, err } pub, err := dhkam.ImportPublic(ephem.Pub) if err != nil { return nil, err } shared, err := skey.key.SharedKey(PRNG, pub, sharedKeyLen) if err != nil { return nil, err } symkey := shared[:authsym.SymKeyLen] mackey := shared[authsym.SymKeyLen:] out, err := authsym.Decrypt(symkey, mackey, ephem.CT) if err != nil { return nil, err } return out, nil }
// PeerSessionKey reads the session key passed and checks the // signature on it; if the signature is valid, it returns the peer's // DH public key. On failure, it returns nil. func (skey *SessionKey) PeerSessionKey(peer *rsa.PublicKey, session []byte) error { var signedKey signedDHKey _, err := asn1.Unmarshal(session, &signedKey) if err != nil { return err } if err = pks.Verify(peer, signedKey.Public, signedKey.Signature); err != nil { return err } pub, err := dhkam.ImportPublic(signedKey.Public) if err != nil { return err } skey.peer = pub return nil }