Retrieve of data

[akshitababel]

Why are we using the sender public key to retrieve the data in enclave Retrieve function. Why are not using the private key of recipient to retrieve it?

[0zAND1z]

Hi @akshitababel , can you share some more context on this from a coding point of view?

A few citings shall help.

[akshitababel]

The following is the retrieve function from enclave package:

func (s *SecureEnclave) Retrieve(digestHash *[]byte, to *[]byte) ([]byte, error) {

	encoded, err := s.Db.Read(digestHash)
	if err != nil {
		return nil, err
	}

	epl, recipients := api.DecodePayloadWithRecipients(*encoded)

	masterKey := new([nacl.KeySize]byte)

	var senderPubKey, senderPrivKey, recipientPubKey, sharedKey nacl.Key

	if len(recipients) == 0 {
		// This is a payload originally sent to us by another node
		recipientPubKey = epl.Sender
		senderPubKey, err = utils.ToKey(*to)
		if err != nil {
			return nil, err
		}
	} else {
		// This is a payload that originated from us
		senderPubKey = epl.Sender
		recipientPubKey, err = utils.ToKey(recipients[0])
		if err != nil {
			return nil, err
		}
	}

	senderPrivKey, err = s.resolvePrivateKey(senderPubKey)
	if err != nil {
		return nil, err
	}

	// we might not have the key in our cache if constellation was restarted, hence we may
	// need to recreate
	sharedKey = s.resolveSharedKey(senderPrivKey, senderPubKey, recipientPubKey)

	_, ok := secretbox.Open(masterKey[:0], epl.RecipientBoxes[0], epl.RecipientNonce, sharedKey)
	if !ok {
		return nil, errors.New("unable to open master key secret box")
	}

	var payload []byte
	payload, ok = secretbox.Open(payload[:0], epl.CipherText, epl.Nonce, masterKey)
	if !ok {
		return payload, errors.New("unable to open payload secret box")
	}

	return payload, nil
}

we are using the public key of sender in the arguments at the place of to. Is there any function in enclave package which retrieves the encrypted data using private key of recipient and not public key of sender.