func Import(password, filename string) (mk *MetaKey, err error) {
b64in, err := ioutil.ReadFile(filename)
if err != nil {
return
}
in, err := armour.DecodeBase64(b64in)
if err != nil {
return
}
salt := in[:hash.SaltLength]
in = in[hash.SaltLength:]
key := binaryKeyFromDerivedKey(
hash.DeriveKeyWithSalt(password, salt))
dec, err := armour.Decrypt(key, in)
if err != nil {
return
}
h := dec[:hash.HashLen]
dec = dec[hash.HashLen:]
if !bytes.Equal(h, hash.New(dec).Digest()) {
err = fmt.Errorf("invalid digest")
return
}
buf := bytes.NewBuffer(dec)
return Read(buf)
}
func (mk *MetaKey) Decrypt(algo int, ct []byte) (pt []byte, err error) {
var keySize int
switch algo {
case AES128:
keySize = AES128KeyLength
case AES192:
keySize = AES192KeyLength
case AES256:
keySize = AES256KeyLength
default:
return ct, ErrKeySizeNotSupported
}
key, err := mk.GetKey(keySize)
if err != nil {
return
}
return armour.Decrypt(key, ct)
}
