Function decrypt_file 

pub fn decrypt_file(
    input_path: impl AsRef<Path>,
    output_path: impl AsRef<Path>,
    key: &[u8],
) -> Result<()>

Available on crate features stream and std only.

Decrypt the file at input_path into output_path using key. The algorithm is read from the stream’s header.

On authentication failure the output file may contain partially- decrypted plaintext from earlier chunks. Callers must delete the output file when this function returns an error — otherwise an attacker who can flip later chunks could leak earlier plaintext to disk.

Errors

• Error::InvalidKey if key is not 32 bytes.
• Error::InvalidCiphertext if the header is malformed or the stream is truncated below the minimum frame (header + tag).
• Error::Mac for I/O failures.
• Error::AuthenticationFailed for any cryptographic failure.

Example

use crypt_io::stream;

let key = [0u8; 32];
stream::decrypt_file("input.enc", "output.bin", &key)?;