AeadDecryptWithTag(Byte, Byte, Byte, Byte, AeadAlgorithm, AeadOpts) Method

Decrypt data using specified AEAD algorithm in one-off operation with AAD and options. The authentication tag is expected to be appended to the input ciphertext.

Namespace: CryptoSysAPI
Assembly: diCrSysAPINet (in diCrSysAPINet.dll) Version: 6.22.2.24248 (6.22.2.0)

Syntax

Copy

public static byte[] DecryptWithTag(
	byte[] input,
	byte[] key,
	byte[] iv,
	byte[] aad,
	AeadAlgorithm aeadAlg,
	AeadOpts opts
)

Public Shared Function DecryptWithTag ( 
	input As Byte(),
	key As Byte(),
	iv As Byte(),
	aad As Byte(),
	aeadAlg As AeadAlgorithm,
	opts As AeadOpts
) As Byte()

Parameters

input Byte: Input data to be decrypted.
key Byte: Key of exact length for algorithm (16 or 32 bytes).
iv Byte: (optional) Initialization Vector (IV) (aka nonce) exactly 12 bytes long. Set as null if already prefixed to input.
aad Byte: Additional authenticated data (optional) - set as null to ignore.
aeadAlg AeadAlgorithm: Authenticated encryption algorithm.
opts AeadOpts: Advanced options. Use Aead.Opts.PrefixIV to expect the IV to be prepended at the start of the input.

Return Value

Byte
Plaintext in a byte array, or empty array on error (an empty array may also be the correct result - check General.ErrorCode for details).

Remarks

The input must include the 16-byte tag appended to the ciphertext and may include a 12-byte prefixed IV. The output will either be exactly 16 bytes shorter than the input, or exactly 28 bytes shorter if the Cipher.Opts.PrefixIV option is used. In all cases the tag must be exactly 16 bytes (128 bits). The IV must be 16 bytes (128 bits) for ASCON-128 otherwise 12 bytes (96 bits). If additional authentication data (AAD) was provided during encryption then the exact same AAD data must be provided here.

Reference

Aead Class

DecryptWithTag Overload

CryptoSysAPI Namespace