pub fn aead_decrypt(
alg: AeadAlgorithm,
params: &AeadParams<'_>,
ciphertext_with_tag: &[u8],
) -> Result<Zeroizing<Vec<u8>>, AlgorithmError>Expand description
Decrypt and authenticate ciphertext || tag with the selected AEAD.
The returned plaintext is zeroized on drop.
Fails closed: a tampered ciphertext, tag, nonce, or AAD returns an error instead of any plaintext.
ยงExamples
use crypto_core::AeadAlgorithm;
use crypto_dispatch::{aead_decrypt, aead_encrypt, AeadParams};
let key = [0x42u8; 32];
let nonce = [0x24u8; 12];
let params = AeadParams { key: &key, nonce: &nonce, aad: b"context" };
let sealed = aead_encrypt(AeadAlgorithm::Aes256GcmSiv, ¶ms, b"plaintext")?;
let opened = aead_decrypt(AeadAlgorithm::Aes256GcmSiv, ¶ms, &sealed)?;
assert_eq!(opened.as_slice(), b"plaintext");