CryptoSys API Library Manual

GCM_Decrypt

GCM_Decrypt decrypts authenticated ciphertext using the Galois/Counter Mode (GCM) of operation with the AES algorithm (AES-GCM). All the input and output parameters are in byte arrays.

VB6/VBA Syntax

Public Declare Function GCM_Decrypt Lib "diCryptoSys.dll" (ByRef abOutput As Byte, ByVal nOutLen As Long, ByRef abData As Byte, ByVal nDataLen As Long, ByRef abKey As Byte, ByVal nKeyLen As Long, ByRef abIV As Byte, ByVal nIvLen As Long, ByRef abAAD As Byte, ByVal nAadLen As Long, ByRef abTag As Byte, ByVal nTagLen As Long, ByVal nOptions As Long) As Long

nRet = GCM_Decrypt(abOutput(0), nOutLen, abData(0), nDataLen, abKey(0), nKeyLen, abIV(0), nIvLen, abAAD(0), nAadLen, abTag(0), nTagLen, nOptions)

Parameters

abOutput
[out] Byte array of sufficient length to receive the ciphertext output.
nOutLen
[in] Long specifying the required length of the output in bytes.
abData
[in] Byte array containing the input data.
nDataLen
[in] Long equal to length of the input data in bytes.
abKey
[in] Byte array containing the key.
nKeyLen
[in] Long equal to length of the key in bytes. Must be one of 16, 24 or 32 corresponding to the required key bytes for AES-128, AES-192 or AES-256, respectively.
abIV
[in] Byte containing the initialization vector (IV).
nIvLen
[in] Long equal to length of the IV in bytes.
abAAD
[in] Byte array containing the Additional Authenticated Data (AAD).
nAadLen
[in] Long equal to length of the AAD in bytes.
abTag
[in] Byte array containing the tag.
nTagLen
[in] Long equal to the length of the tag in bytes.
nOptions
[in] Long for future use. Specify zero.

C/C++ Syntax

long _stdcall GCM_Decrypt(unsigned char *lpOutput, long nOutLen, const unsigned char *lpData, long nDataLen, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const unsigned char *lpAAD, long nAadLen, const unsigned char *lpTag, long nTagLen, long nOptions);

Returns (VB6/C)

Long: If successful, the return value is 0; otherwise it returns a non-zero error code.

.NET Equivalent

Gcm.Decrypt Method

Remarks

This is a one-off, stateless function. If you need to use the same key repeatedly, use GCM_InitKey - GCM_NextEncrypt - GCM_FinishKey instead. The output lpOutput must be at least as long as the input. The authenticated decryption operation has five inputs: the secret key, an initialization vector (IV), the ciphertext itself, the additional authentication data (AAD), which can be zero-length; and the tag. The IV and AAD are passed in the clear. There is one output: the plaintext, which is exactly the same length as the plaintext. If the the inputs are not authentic, the function returns the non-zero DECRYPT_ERROR value. See Security considerations for GCM.

Example

See GCM_Decrypt.

See Also

GCM_Encrypt GCM_InitKey GCM_NextEncrypt

[Contents] [Index]

[HOME]   [NEXT: GCM_Encrypt...]
Copyright © 2001-9 D.I. Management Services Pty Ltd. All rights reserved.