Decrypt decrypts data using 256-bit AES-GCM. This both hides the content of the data and provides a check that it hasn't been altered. Expects input form nonce|ciphertext|tag where '|' indicates concatenation.
(ciphertext []byte, key *[32]byte)
| 58 | // the data and provides a check that it hasn't been altered. Expects input |
| 59 | // form nonce|ciphertext|tag where '|' indicates concatenation. |
| 60 | func Decrypt(ciphertext []byte, key *[32]byte) (plaintext []byte, err error) { |
| 61 | block, err := aes.NewCipher(key[:]) |
| 62 | if err != nil { |
| 63 | return nil, err |
| 64 | } |
| 65 | |
| 66 | gcm, err := cipher.NewGCM(block) |
| 67 | if err != nil { |
| 68 | return nil, err |
| 69 | } |
| 70 | |
| 71 | if len(ciphertext) < gcm.NonceSize() { |
| 72 | return nil, errors.New("malformed ciphertext") |
| 73 | } |
| 74 | |
| 75 | return gcm.Open(nil, |
| 76 | ciphertext[:gcm.NonceSize()], |
| 77 | ciphertext[gcm.NonceSize():], |
| 78 | nil, |
| 79 | ) |
| 80 | } |
no outgoing calls