+ use inputStream = new FileStream (sourceFilePath, FileMode.Open, FileAccess.Read)
+ use reader = new BinaryReader (inputStream)
+ let mac = reader.ReadBytes 32
+ let signature = reader.ReadBytes 256
+ let keys = reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey
+ let keyAES = keys.[0..31]
+ let keyMAC = keys.[32..63]
+ let iv = keys.[64..79]
+
+ // Integrity validation.
+ let mac' = Crypto.ComputeHMAC keyMAC inputStream
+ if mac' <> mac then
+ raise IntegrityError
+
+ // Authentication validation.
+ if not <| Crypto.verifySignRSA signaturePubKey mac' signature then
+ raise SignatureMismatch
+
+ // Decrypt metadata.
+ inputStream.Position <- 32L + 256L + 256L
+ use cryptoStream = Crypto.decryptAES keyAES iv inputStream
+ let metadata = new Metadata (cryptoStream)
+
+ // Create the file and write.
+ let filename = metadata.get Metadata.filename
+ use outputStream = new FileStream (Path.Combine (targetDirPath, filename), FileMode.Create, FileAccess.Write)
+ cryptoStream.CopyTo outputStream
+ ()