[−][src]Function tox_encryptsave::pass_decrypt

pub fn pass_decrypt(
    data: &[u8], 
    passphrase: &[u8]
) -> Result<Vec<u8>, DecryptionError>

Try to decrypt given TES data with provided passphrase.

Note that passphrase memory is not being zeroed after it has been used. Code that provides passphrase should take care of zeroing that memory.

Decrypted data is smaller by EXTRA_LENGTH than encrypted data.

Fails when:

provided data is empty
size of provided data is less than EXTRA_LENGTH
format of provided data is wrong
decrypting data fails
- could be due to OOM or by providing bytes that aren't encrypted after encrypted part
passphrase is empty

use tox_encryptsave::*;

// with an empty data
assert_eq!(pass_decrypt(&[], &[0]), Err(DecryptionError::Null));

// when there's not enough data to decrypt
assert_eq!(pass_decrypt(MAGIC_NUMBER, &[0]), Err(DecryptionError::InvalidLength));

let encrypted = pass_encrypt(&[0, 0], &[0]).expect("Failed to pass_encrypt!");

// when passphrase is empty
assert_eq!(pass_decrypt(&encrypted, &[]), Err(KeyDerivationError::Null.into()));

// when data format is wrong
for pos in 0..MAGIC_LENGTH {
    let mut enc = encrypted.clone();
    if enc[pos] == 0 { enc[pos] = 1; } else { enc[pos] = 0; }
    assert_eq!(pass_decrypt(&enc, &[0]), Err(DecryptionError::BadFormat));
}

{ // there are more or less bytes than the encrypted ones
    let mut enc = encrypted.clone();
    enc.push(0);
    assert_eq!(pass_decrypt(&enc, &[0]), Err(DecryptionError::Failed));

    // less
    enc.pop();
    enc.pop();
    assert_eq!(pass_decrypt(&enc, &[0]), Err(DecryptionError::Failed));
}