Expand description
AES Crypt v0–v3 decryption surface.
decrypt() is the high-level entry point and handles every supported
format version. The lower-level helpers — header parsing, extension
consumption, session-block recovery, and the streaming CBC loop — are
exposed so that callers integrating with custom containers can drive each
stage themselves.
§Compatibility
| Stage | v0 | v1 | v2 | v3 |
|---|---|---|---|---|
read_file_version | Y | Y | Y | Y |
consume_all_extensions | n/a | n/a | Y | Y |
read_kdf_iterations | n/a | n/a | n/a | Y |
extract_session_data | identity | encrypted | encrypted | encrypted+v3-tag |
decrypt_ciphertext_stream | StreamConfig::V0 | StreamConfig::V1 | StreamConfig::V2 | StreamConfig::V3 |
§Security
See decrypt() for the decrypt-then-verify caveat: the v3 payload
HMAC is checked only after the ciphertext stream has been processed, so
partial unauthenticated plaintext may be written to the output before an
error is returned. Callers must discard or overwrite the output on error.
Enums§
- Stream
Config - Per-version configuration for
decrypt_ciphertext_stream.
Functions§
- consume_
all_ extensions - Consumes all v2/v3 extension blocks from
reader, stopping at the zero-length terminator. - decrypt
- Decrypts an AES Crypt v0–v3 file streamed from
inputand writes the recovered plaintext tooutput. - decrypt_
ciphertext_ stream - Streams ciphertext from
input_readerthrough AES-256-CBC decryption, writes the recovered plaintext tooutput_writer, and verifies the version-appropriate HMAC trailer. - extract_
session_ data - Recovers the session IV and session key from the file header into the
caller’s pre-allocated
secure-gatebuffers. - read_
exact_ span - Reads exactly
Nbytes fromreaderinto a fresh auto-zeroizingSpanBuffer<N>. - read_
file_ version - Reads and validates the 5-byte AES Crypt file header.
- read_
kdf_ iterations - Reads the 4-byte big-endian PBKDF2 iteration count from a v3 file header.