aescrypt_rs/decryption/mod.rs
1// src/core/decryption/mod.rs
2
3//! AES Crypt v0–v3 decryption surface.
4//!
5//! [`decrypt()`] is the high-level entry point and handles every supported
6//! format version. The lower-level helpers — header parsing, extension
7//! consumption, session-block recovery, and the streaming CBC loop — are
8//! exposed so that callers integrating with custom containers can drive each
9//! stage themselves.
10//!
11//! # Compatibility
12//!
13//! | Stage | v0 | v1 | v2 | v3 |
14//! | --------------------- | :-: | :-: | :-: | :-: |
15//! | [`read_file_version`] | Y | Y | Y | Y |
16//! | [`consume_all_extensions`] | n/a | n/a | Y | Y |
17//! | [`read_kdf_iterations`] | n/a | n/a | n/a | Y |
18//! | [`extract_session_data`] | identity | encrypted | encrypted | encrypted+v3-tag |
19//! | [`decrypt_ciphertext_stream`] | [`StreamConfig::V0`] | [`StreamConfig::V1`] | [`StreamConfig::V2`] | [`StreamConfig::V3`] |
20//!
21//! # Security
22//!
23//! See [`decrypt()`] for the **decrypt-then-verify** caveat: the v3 payload
24//! HMAC is checked only after the ciphertext stream has been processed, so
25//! partial unauthenticated plaintext may be written to the output before an
26//! error is returned. Callers must discard or overwrite the output on error.
27
28pub(crate) mod decrypt;
29pub(crate) mod read;
30pub(crate) mod session;
31pub(crate) mod stream;
32
33pub use decrypt::decrypt;
34pub use read::{
35 consume_all_extensions, read_exact_span, read_file_version, read_kdf_iterations,
36};
37pub use session::extract_session_data;
38pub use stream::{decrypt_ciphertext_stream, StreamConfig};