- status = gcry_cipher_decrypt(handle, out, in->len - CRYPTO_BLOCK_SIZE,
- in->data + CRYPTO_BLOCK_SIZE,
- in->len - CRYPTO_BLOCK_SIZE);
- if (status) {
- g_error("gcrypt error decrypting: %s\n",
- gcry_strerror(status));
+ if (encrypted) {
+ gcry_cipher_hd_t handle;
+ status = gcry_cipher_open(&handle, GCRY_CIPHER_AES,
+ GCRY_CIPHER_MODE_CTR, 0);
+ if (status) {
+ g_error("gcrypt error setting up encryption: %s\n",
+ gcry_strerror(status));
+ }
+
+ gcry_cipher_setkey(handle, keys->encryption_key, CRYPTO_KEY_SIZE);
+ if (status) {
+ g_error("gcrypt error setting key: %s\n",
+ gcry_strerror(status));
+ }
+
+ status = gcry_cipher_setctr(handle, header->crypt_iv,
+ sizeof(header->crypt_iv));
+ if (status) {
+ g_error("gcrypt error setting IV: %s\n",
+ gcry_strerror(status));
+ }
+
+ status = gcry_cipher_decrypt(handle,
+ cloud_block + sizeof(struct cloudlog_header),
+ GUINT32_FROM_LE(header->size1),
+ NULL, 0);
+ if (status) {
+ g_error("gcrypt error decrypting: %s\n",
+ gcry_strerror(status));
+ }
+ header->magic[3] ^= 0x10;
+ memset(header->crypt_iv, 0, sizeof(header->crypt_iv));
+
+ gcry_cipher_close(handle);