mirrors/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2024-11-19 18:10:34 +01:00
Code Issues Projects Releases Wiki Activity
a584b7585d
lnd/lnencrypt/crypto.go

159 lines
4.9 KiB
Go
Raw Normal View History

lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
package lnencrypt
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
import (
"crypto/rand"
"crypto/sha256"
"fmt"
"io"
lnencrypt: add ECDHEncryptor With this commit we add a new way to encrypt and decrypt a sensitive payload: By using Diffie-Hellman over a local and remote key to derive at a shared secret key.
2023-11-16 14:59:22 +01:00
"github.com/btcsuite/btcd/btcec/v2"
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
"github.com/lightningnetwork/lnd/keychain"
"golang.org/x/crypto/chacha20poly1305"
)
// baseEncryptionKeyLoc is the KeyLocator that we'll use to derive the base
keychain: change KeyFamilyStaticBackup name to reflect its new, broader role
2022-02-02 22:39:29 +01:00
// encryption key used for encrypting all payloads. We use this to then
// derive the actual key that we'll use for encryption. We do this
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
// rather than using the raw key, as we assume that we can't obtain the raw
// keys, and we don't want to require that the HSM know our target cipher for
// encryption.
//
// TODO(roasbeef): possibly unique encrypt?
var baseEncryptionKeyLoc = keychain.KeyLocator{
keychain: change KeyFamilyStaticBackup name to reflect its new, broader role
2022-02-02 22:39:29 +01:00
Family: keychain.KeyFamilyBaseEncryption,
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
Index: 0,
}
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
// EncrypterDecrypter is an interface representing an object that encrypts or
// decrypts data.
type EncrypterDecrypter interface {
// EncryptPayloadToWriter attempts to write the set of provided bytes
// into the passed io.Writer in an encrypted form.
EncryptPayloadToWriter([]byte, io.Writer) error
// DecryptPayloadFromReader attempts to decrypt the encrypted bytes
// within the passed io.Reader instance using the key derived from
// the passed keyRing.
DecryptPayloadFromReader(io.Reader) ([]byte, error)
}
// Encrypter is a struct responsible for encrypting and decrypting data.
type Encrypter struct {
encryptionKey []byte
}
// KeyRingEncrypter derives an encryption key to encrypt all our files that are
// written to disk and returns an Encrypter object holding the key.
//
// The key itself, is the sha2 of a base key that we get from the keyring. We
// derive the key this way as we don't force the HSM (or any future
// abstractions) to be able to derive and know of the cipher that we'll use
// within our protocol.
func KeyRingEncrypter(keyRing keychain.KeyRing) (*Encrypter, error) {
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
// key = SHA256(baseKey)
baseKey, err := keyRing.DeriveKey(
baseEncryptionKeyLoc,
)
if err != nil {
return nil, err
}
encryptionKey := sha256.Sum256(
baseKey.PubKey.SerializeCompressed(),
)
// TODO(roasbeef): throw back in ECDH?
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
return &Encrypter{
encryptionKey: encryptionKey[:],
}, nil
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
}
lnencrypt: add ECDHEncryptor With this commit we add a new way to encrypt and decrypt a sensitive payload: By using Diffie-Hellman over a local and remote key to derive at a shared secret key.
2023-11-16 14:59:22 +01:00
// ECDHEncrypter derives an encryption key by performing an ECDH operation on
// the passed keys. The resulting key is used to encrypt or decrypt files with
// sensitive content.
func ECDHEncrypter(localKey *btcec.PrivateKey,
remoteKey *btcec.PublicKey) (*Encrypter, error) {
ecdh := keychain.PrivKeyECDH{
PrivKey: localKey,
}
encryptionKey, err := ecdh.ECDH(remoteKey)
if err != nil {
return nil, fmt.Errorf("error deriving encryption key: %w", err)
}
return &Encrypter{
encryptionKey: encryptionKey[:],
}, nil
}
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
// EncryptPayloadToWriter attempts to write the set of provided bytes into the
// passed io.Writer in an encrypted form. We use a 24-byte chachapoly AEAD
// instance with a randomized nonce that's pre-pended to the final payload and
// used as associated data in the AEAD.
func (e Encrypter) EncryptPayloadToWriter(payload []byte,
w io.Writer) error {
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
// Before encryption, we'll initialize our cipher with the target
// encryption key, and also read out our random 24-byte nonce we use
// for encryption. Note that we use NewX, not New, as the latter
// version requires a 12-byte nonce, not a 24-byte nonce.
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
cipher, err := chacha20poly1305.NewX(e.encryptionKey)
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
if err != nil {
return err
}
var nonce [chacha20poly1305.NonceSizeX]byte
if _, err := rand.Read(nonce[:]); err != nil {
return err
}
// Finally, we encrypted the final payload, and write out our
// ciphertext with nonce pre-pended.
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
ciphertext := cipher.Seal(nil, nonce[:], payload, nonce[:])
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
if _, err := w.Write(nonce[:]); err != nil {
return err
}
if _, err := w.Write(ciphertext); err != nil {
return err
}
return nil
}
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
// DecryptPayloadFromReader attempts to decrypt the encrypted bytes within the
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
// passed io.Reader instance using the key derived from the passed keyRing. For
// further details regarding the key derivation protocol, see the
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
// KeyRingEncrypter function.
func (e Encrypter) DecryptPayloadFromReader(payload io.Reader) ([]byte,
error) {
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
// Next, we'll read out the entire blob as we need to isolate the nonce
// from the rest of the ciphertext.
lnencrypt: add ECDHEncryptor With this commit we add a new way to encrypt and decrypt a sensitive payload: By using Diffie-Hellman over a local and remote key to derive at a shared secret key.
2023-11-16 14:59:22 +01:00
packedPayload, err := io.ReadAll(payload)
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
if err != nil {
return nil, err
}
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
if len(packedPayload) < chacha20poly1305.NonceSizeX {
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
return nil, fmt.Errorf("payload size too small, must be at "+
"least %v bytes", chacha20poly1305.NonceSizeX)
}
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
nonce := packedPayload[:chacha20poly1305.NonceSizeX]
ciphertext := packedPayload[chacha20poly1305.NonceSizeX:]
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
// Now that we have the cipher text and the nonce separated, we can go
lnencrypt: Moves the crypto functions in the chanbackup package into its own package called lnencrypt The functions inside of the crypto.go file in chanbackup (like EncryptPayloadToWriter and DecryptPayloadFromReader) can be used by a lot of things outside of just the chanbackup package. We can't just reference them directly from the chanbackup package because it's likely that it would generate circular dependencies. Therefore we need to move these functions into their own package to be referenced by chanbackup and whatever new functionality that needs them
2020-07-12 05:29:00 +02:00
// ahead and decrypt the final blob so we can properly serialize.
cipher, err := chacha20poly1305.NewX(e.encryptionKey)
chanbackup: implement crypto operations for serialized static channel baackups In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address.
2018-12-10 03:39:31 +01:00
if err != nil {
return nil, err
}
plaintext, err := cipher.Open(nil, nonce, ciphertext, nonce)
if err != nil {
return nil, err
}
return plaintext, nil
}
Reference in New Issue Copy Permalink