crypto_data_decrypt(+CipherText,
+Algorithm, +Key, +IV, -PlainText, +Options)Decrypt the given CipherText, using the symmetric algorithm
Algorithm, key Key, and initialization vector IV,
to give PlainText.
CipherText must be a string, atom or list of codes or
characters, and PlainText is created as a string. Key
and IV are typically lists of bytes, though atoms and
strings are also permitted.
Algorithm must be an algorithm which your copy of OpenSSL
knows. See
crypto_data_encrypt/6
for an example.
- encoding(+Encoding)
- Encoding to use for CipherText. Default is
utf8
.
Alternatives are utf8
and octet
.
- padding(+PaddingScheme)
- For block ciphers, the padding scheme to use. Default is
block
. You can disable padding by supplying none
here.
- tag(+Tag)
- For authenticated encryption schemes, the tag must be specified as a
list of bytes exactly as they were generated upon encryption. This
option requires OpenSSL 1.1.0 or greater.
- min_tag_length(+Length)
- If the tag length is smaller than 16, this option must be used to permit
such shorter tags. This is used as a safeguard against truncation
attacks, where an attacker provides a short tag that is easier to guess.