What's the best way to handle offline decryption?

[elliot-sawyer]

I'm using File::seal to encrypt an uploaded file with a public key. I would like to decrypt it with File::unseal in a separate application using the correct private key, but I'm not able to run a server in the decryption environment. I'd like to create an offline application that replicates what File::unseal does... I attempted to decrypt the cipher with a x25519 Javascript library, but there seems to be more to it than a simple decryption with the private key. Can you outline what steps Halite does, and which ciphers are used, as part of the decryption process?

This library is excellent, thanks so much for creating it!

[paragonie-scott]

It's using crypto_box_seal_open() internally:

halite/src/Asymmetric/Crypto.php

Lines 358 to 388 in 2879a0e

	// Get a box keypair (needed by crypto_box_seal_open)
	$secret_key = $privateKey->getRawKeyMaterial();
	$public_key = \sodium_crypto_box_publickey_from_secretkey($secret_key);
	$key_pair = \sodium_crypto_box_keypair_from_secretkey_and_publickey(
	$secret_key,
	$public_key
	);
	// Wipe these immediately:
	\sodium_memzero($secret_key);
	\sodium_memzero($public_key);
	// Now let's open that sealed box
	$message = \sodium_crypto_box_seal_open(
	$ciphertext,
	$key_pair
	);
	// Always memzero after retrieving a value
	\sodium_memzero($key_pair);
	if (!\is_string($message)) {
	// @codeCoverageIgnoreStart
	throw new InvalidKey(
	'Incorrect secret key for this sealed message'
	);
	// @codeCoverageIgnoreEnd
	}
	// We have our encrypted message here
	return new HiddenString($message);
	}

[larowlan]

File:seal seems to be doing something different to Crypto:seal eg adding the version tag, public key and salt - is libsodium's crypto_box_seal_open able to unseal content sealed with File::seal?

[elliot-sawyer]

The JS library I was looking at required some knowledge of the nonce. I don't think Halite exposes it directly, but you might be able to extract it from beginning of the ciphertext