func encryptFile(inFile, outFile, passphrase string) (err error) {
key := hash.DeriveKey(passphrase)
inReader, err := os.Open(inFile)
if err != nil {
return
}
defer inReader.Close()
outWriter, err := os.Create(outFile)
if err != nil {
return
}
defer outWriter.Close()
n, err := outWriter.Write(key.Salt)
if err != nil {
return
} else if n != len(key.Salt) {
err = ErrWrite
return
}
err = symmetric.EncryptReader(key.Key, inReader, outWriter)
return
}
func encrypt(w http.ResponseWriter, upload *Upload) {
key := hash.DeriveKey(upload.Password)
if key == nil {
serverError(w, "failed to generate key")
return
}
out := key.Salt
enc, err := symmetric.Encrypt(key.Key, upload.Data)
if err != nil {
serverError(w, "encryption failure: "+err.Error())
return
}
out = append(out, enc...)
w.Header().Add("content-type", "application/octet-stream")
w.Header().Add("content-disposition", "attachment; filename="+upload.Name)
w.Write(out)
}
func (mk *MetaKey) Export(password, filename string) (err error) {
buf := new(bytes.Buffer)
err = mk.Write(buf)
if err != nil {
return
}
pk := hash.DeriveKey(password)
out := hash.New(buf.Bytes()).Digest()
out = append(out, buf.Bytes()...)
enc, err := armour.Encrypt(binaryKeyFromDerivedKey(pk), out, false)
if err != nil {
return
}
out = pk.Salt
out = append(out, enc...)
err = ioutil.WriteFile(filename, armour.EncodeBase64(out), 0644)
return
}