DecryptBytes returns the decrypted bytes, or an error if decryption failed.
(data []byte, key *[keySize]byte)
| 495 | // DecryptBytes returns the decrypted bytes, or an error if decryption |
| 496 | // failed. |
| 497 | func DecryptBytes(data []byte, key *[keySize]byte) ([]byte, error) { |
| 498 | if len(data) < blockOverhead { |
| 499 | return nil, errors.New("data too short") |
| 500 | } |
| 501 | |
| 502 | aead, err := chacha20poly1305.NewX(key[:]) |
| 503 | if err != nil { |
| 504 | // Can only fail if the key is the wrong length |
| 505 | panic("cipher failure: " + err.Error()) |
| 506 | } |
| 507 | |
| 508 | if aead.NonceSize() != nonceSize || aead.Overhead() != tagSize { |
| 509 | // We want these values to be constant for our type declarations so |
| 510 | // we don't use the values returned by the GCM, but we verify them |
| 511 | // here. |
| 512 | panic("crypto parameter mismatch") |
| 513 | } |
| 514 | |
| 515 | return aead.Open(nil, data[:nonceSize], data[nonceSize:], nil) |
| 516 | } |
| 517 | |
| 518 | // randomNonce is a normal, cryptographically random nonce |
| 519 | func randomNonce() *[nonceSize]byte { |