| 153 | } |
| 154 | |
| 155 | func DecryptHistoryEntry(userSecret string, entry shared.EncHistoryEntry) (HistoryEntry, error) { |
| 156 | if entry.UserId != UserId(userSecret) { |
| 157 | return HistoryEntry{}, fmt.Errorf("refusing to decrypt history entry with mismatching UserId") |
| 158 | } |
| 159 | plaintext, err := Decrypt(userSecret, entry.EncryptedData, []byte(UserId(userSecret)), entry.Nonce) |
| 160 | if err != nil { |
| 161 | return HistoryEntry{}, nil |
| 162 | } |
| 163 | var decryptedEntry HistoryEntry |
| 164 | err = json.Unmarshal(plaintext, &decryptedEntry) |
| 165 | if err != nil { |
| 166 | return HistoryEntry{}, nil |
| 167 | } |
| 168 | if decryptedEntry.EntryId != "" && entry.EncryptedId != "" && decryptedEntry.EntryId != entry.EncryptedId { |
| 169 | return HistoryEntry{}, fmt.Errorf("rejecting encrypted history entry that contains mismatching IDs (outer=%s inner=%s)", entry.EncryptedId, decryptedEntry.EntryId) |
| 170 | } |
| 171 | return decryptedEntry, nil |
| 172 | } |
| 173 | |
| 174 | func ValidateHishtoryPath() error { |
| 175 | hishtoryPath := os.Getenv("HISHTORY_PATH") |