CryptoSys API Library Manual

GCM_Decrypt

Decrypts authenticated ciphertext using the Galois/Counter Mode (GCM) of operation with the AES algorithm (AES-GCM). All the input and output parameters are in byte arrays.

VBA/VB6 Syntax

Public Declare Function GCM_Decrypt Lib "diCryptoSys.dll" (ByRef lpOutput As Byte, ByVal nOutLen As Long, ByRef lpData As Byte, ByVal nDataLen As Long, ByRef lpKey As Byte, ByVal nKeyLen As Long, ByRef lpIV As Byte, ByVal nIvLen As Long, ByRef lpAAD As Byte, ByVal nAadLen As Long, ByRef lpTag As Byte, ByVal nTagLen As Long, ByVal nOptions As Long) As Long

nRet = GCM_Decrypt(lpOutput(0), nOutLen, abData(0), nDataLen, abKey(0), nKeyLen, abIV(0), nIvLen, abAAD(0), nAadLen, abTag(0), nTagLen, nOptions)

C/C++ Syntax

long __stdcall GCM_Decrypt(unsigned char *lpOutput, long nOutLen, const unsigned char *lpData, long nDataLen, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const unsigned char *lpAAD, long nAadLen, const unsigned char *lpTag, long nTagLen, long nOptions);

Parameters

lpOutput
[out] array of sufficient length to receive the ciphertext output.
nOutLen
[in] specifying the required length of the output in bytes.
lpData
[in] array containing the input data.
nDataLen
[in] equal to length of the input data in bytes.
lpKey
[in] array containing the key.
nKeyLen
[in] equal to length of the key in bytes. Must be one of 16, 24 or 32 corresponding to the required key bytes for AES-128, AES-192 or AES-256, respectively.
lpIV
[in] containing the initialization vector (IV).
nIvLen
[in] equal to length of the IV in bytes.
lpAAD
[in] array containing the Additional Authenticated Data (AAD).
nAadLen
[in] equal to length of the AAD in bytes.
lpTag
[in] array containing the tag.
nTagLen
[in] equal to the length of the tag in bytes.
nOptions
[in] for future use. Specify zero.

Returns (VBA/C)

If successful, the return value is 0; otherwise it returns a non-zero error code.

.NET Equivalent

Gcm.Decrypt Method

Remarks

This is a one-off, stateless function. If you need to use the same key repeatedly, use GCM_InitKey - GCM_NextEncrypt - GCM_FinishKey instead. The output lpOutput must be at least as long as the input. The authenticated decryption operation has five inputs: the secret key, an initialization vector (IV), the ciphertext itself, the additional authentication data (AAD), which can be zero-length; and the tag. The IV and AAD are passed in the clear. There is one output: the plaintext, which is exactly the same length as the ciphertext. If the inputs are not authentic, the function returns the non-zero error code DECRYPT_ERROR AUTH_FAIL_ERROR.

Changed in [v5.1]: Note that the error code on authentication fail has changed from DECRYPT_ERROR (-18) to AUTH_FAIL_ERROR (-40).

Example

See GCM_Decrypt.

See Also

GCM_Encrypt GCM_InitKey GCM_NextEncrypt

[Contents] [Index]

[PREV: DES_UpdateHex...]   [Contents]   [Index]   
   [NEXT: GCM_Encrypt...]
Copyright © 2001-24 D.I. Management Services Pty Ltd. All rights reserved. Generated 2024-01-07T07:42:00Z.