Function decrypt_eql 

pub async fn decrypt_eql<'a, C: Credentials<Token = ServiceToken>>(
    cipher: Arc<ScopedCipher<C>>,
    ciphertexts: impl IntoIterator<Item = EqlCiphertext>,
    opts: &EqlDecryptOpts<'a>,
) -> Result<Vec<Plaintext>, EqlError>

Decrypts multiple EQL encrypted payloads back to plaintext.

This is the main decryption entry point for the EQL system. It takes encrypted EQL payloads (as retrieved from the database) and decrypts them using ZeroKMS, returning the original plaintext values.

Arguments

• cipher - The scoped cipher for performing cryptographic operations
• ciphertexts - An iterator of encrypted EQL payloads to decrypt
• opts - Decryption options including keyset ID, lock context, and service token

Returns

A vector of decrypted Plaintext values, one for each input ciphertext, in the same order.

Errors

Returns EqlError if:

• Any ciphertext payload is missing its ciphertext field
• Decryption fails (e.g., wrong keyset, tampered data)
• The ZeroKMS service is unavailable
• The decrypted data cannot be parsed as plaintext

Examples

let opts = EqlDecryptOpts::default();
let plaintexts = decrypt_eql(cipher, ciphertexts, &opts).await?;