krb5_c_decrypt_iov - Decrypt data in place supporting AEAD (operates on keyblock).¶
-
krb5_error_code krb5_c_decrypt_iov(krb5_context context, const krb5_keyblock *keyblock, krb5_keyusage usage, const krb5_data *cipher_state, krb5_crypto_iov *data, size_t num_data)¶
- param:
[in] context - Library context
[in] keyblock - Encryption key
[in] usage - Key usage (see
KRB5_KEYUSAGE
types)[in] cipher_state - Cipher state; specify NULL if not needed
[inout] data - IOV array. Modified in-place.
[in] num_data - Size of data
- retval:
0 Success; otherwise - Kerberos error codes
This function decrypts the data block data and stores the output in-place. The actual decryption key will be derived from keyblock and usage if key derivation is specified for the encryption type. If non-null, cipher_state specifies the beginning state for the decryption operation, and is updated with the state to be passed as input to the next operation. The caller must allocate the right number of krb5_crypto_iov structures before calling into this API.
See also
Note
On return from a krb5_c_decrypt_iov()
call, the data->length in the iov structure are adjusted to reflect actual lengths of the ciphertext used. For example, if the padding length is too large, the length will be reduced. Lengths are never increased.