func unpackSharedBox(box []byte, key PrivateKey, public PublicKey) (btype byte, message []byte, ok bool) {
if box == nil {
return 0, nil, false
} else if !KeyIsSuitable(key, public) {
return 0, nil, false
}
btype = box[0]
unpacker := newbr(box[1:])
e_pub := unpacker.Next()
if e_pub == nil {
return 0, nil, false
}
packedPeers := unpacker.Next()
if packedPeers == nil {
return 0, nil, false
} else if packedPeers[0] != peerList {
return 0, nil, false
}
peerUnpack := newbr(packedPeers[1:])
peerCount, ok := peerUnpack.NextU32()
if !ok {
return 0, nil, false
}
var shared []byte = nil
defer zero(shared)
for i := uint32(0); i < peerCount; i++ {
peer := peerUnpack.Next()
if peer == nil {
return 0, nil, false
}
sbox := peerUnpack.Next()
if sbox == nil {
return 0, nil, false
} else if !bytes.Equal(peer, public) {
continue
}
skey, ok := ecdh(key, e_pub)
if !ok {
return 0, nil, false
}
shared, ok = secretbox.Open(sbox, skey)
if !ok {
return 0, nil, false
}
break
}
if shared == nil {
return 0, nil, false
}
sbox := unpacker.Next()
if sbox == nil {
return 0, nil, false
}
message, ok = secretbox.Open(sbox, shared)
return btype, message, ok
}
func decryptRSA(in, out string, key *rsa.PrivateKey, verifykey string, armour bool) (err error) {
pkg, err := ioutil.ReadFile(in)
if err != nil {
fmt.Println("[!]", err.Error())
return
}
lockedKey, box, err := unpackageBox(pkg)
if err != nil {
return
}
hash := sha256.New()
boxKey, err := rsa.DecryptOAEP(hash, rand.Reader, key, lockedKey, nil)
if err != nil {
fmt.Println("[!] RSA decryption failed:", err.Error())
return
}
message, ok := secretbox.Open(box, boxKey)
if !ok {
fmt.Println("[!] failed to open box.")
err = fmt.Errorf("opening box failed")
return
}
err = ioutil.WriteFile(out, message, 0644)
return
}
func openBox(box []byte, key PrivateKey) (btype byte, message []byte, ok bool) {
if box == nil {
return 0, nil, false
} else if !KeyIsSuitable(key, nil) {
return 0, nil, false
}
btype = box[0]
unpacker := newbr(box[1:])
eph_pub := unpacker.Next()
sbox := unpacker.Next()
shared, ok := ecdh(key, eph_pub)
if !ok {
return 0, nil, false
}
message, ok = secretbox.Open(sbox, shared)
if !ok {
return 0, nil, false
}
return btype, message, true
}