Made it a bit cleaner :)

2025-12-19 16:57:47 -07:00
parent 302979b01a
commit 3822b1813c
7 changed files with 217 additions and 137 deletions
--- a/pkg/engine/decrypt.go
+++ b/pkg/engine/decrypt.go
@@ -0,0 +1,52 @@
+package engine
+
+import (
+	"crypto/ecdh"
+	"errors"
+	"fmt"
+
+	"golang.org/x/crypto/chacha20poly1305"
+)
+
+func (e *Engine) Decrypt(recipientPriv *ecdh.PrivateKey, senderPub *ecdh.PublicKey, encryptedMsg []byte) ([]byte, error) {
+	if len(encryptedMsg) < PubKeySize+NonceSize {
+		return nil, errors.New("message too short")
+	}
+
+	// Unpack
+	ephemeralPubBytes := encryptedMsg[:PubKeySize]
+	nonce := encryptedMsg[PubKeySize : PubKeySize+NonceSize]
+	ciphertext := encryptedMsg[PubKeySize+NonceSize:]
+
+	ephemeralPub, err := e.curve.NewPublicKey(ephemeralPubBytes)
+	if err != nil {
+		return nil, fmt.Errorf("invalid ephemeral public key: %w", err)
+	}
+
+	// Reconstruct secrets
+	ss1, err := recipientPriv.ECDH(ephemeralPub)
+	if err != nil {
+		return nil, fmt.Errorf("ecdh ss1 failed: %w", err)
+	}
+
+	ss2, err := recipientPriv.ECDH(senderPub)
+	if err != nil {
+		return nil, fmt.Errorf("ecdh ss2 failed: %w", err)
+	}
+
+	// Derive key
+	symmetricKey, err := deriveKey(ss1, ss2, nonce)
+	if err != nil {
+		return nil, err
+	}
+
+	aead, err := chacha20poly1305.NewX(symmetricKey)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create aead: %w", err)
+	}
+
+	// Bind ephemeral and sender public keys to ciphertext via AAD
+	aad := buildAAD(ephemeralPubBytes, senderPub.Bytes())
+
+	return aead.Open(nil, nonce, ciphertext, aad)
+}