Decrypt a file using specified block cipher algorithm, mode and padding.
Public Declare Function CIPHER_FileDecrypt Lib "diCrPKI.dll"
(ByVal strFileOut As String, ByVal strFileIn As String,
ByRef lpKey As Byte, ByVal nKeyLen As Long, ByRef lpIV As Byte, ByVal nKeyLen As Long,
ByVal strAlgModePad As String, ByVal nOptions As Long) As Long
nRet = CIPHER_FileDecrypt(strFileOut, strFileIn, lpKey(0), nKeyLen, lpIV(0), nIvLen, strAlgModePad, nOptions)
long __stdcall CIPHER_FileDecrypt(const char *szFileOut, const char *szFileIn, const unsigned char *lpKey, long nKeyLen, const unsigned char *lpIV, long nIvLen, const char *szAlgModePad, long nOptions);
If successful, the return value is zero; otherwise it returns a nonzero error code.
Public Function cipherFileDecrypt (szFileOut As String, szFileIn As String, lpKey() As Byte, lpIV() As Byte, szAlgModePad As String, Optional nOptions As Long = 0) As Long
Cipher.FileDecrypt Method (String, String, Byte[], Byte[], CipherAlgorithm, Mode, Padding, Cipher.Opts)
Cipher.FileDecrypt Method (String, String, String, String, CipherAlgorithm, Mode, Padding, Cipher.Opts)
static int dipki::Cipher::FileDecrypt (const std::string &fileOut, const std::string &fileIn, const bvec_t &key, const bvec_t &iv, Alg alg, Mode mode=Mode::ECB, Padding pad=Padding::Default, Opts opts=Opts::None)
static Cipher.file_decrypt(fileout, filein, key, iv, algmodepad='', alg=None, mode=Mode.ECB, pad=Pad.DEFAULT, opts=Opts.DEFAULT)
The algorithm/mode/padding must be specified using either the szAlgModePad string or nOptions parameter, but not both (see Specifying the algorithm, mode and padding for generic block cipher functions). The length of key must be exactly the required key size, and the length of the IV, if required, exactly the block size. See Valid key and block sizes. The output file szFileOut will be overwritten without warning. If there is an error, the output file will not exist. The input and output files must not be the same.
Prepended IV: If the ciphertext file was created with the IV prepended at the start of the file, then you
must specify the PKI_IV_PREFIX option. In this case, the lpIV parameter is ignored and should be set to NULL.
The input file is expected to be of the form IV||ciphertext, or
IV||ciphertext||tag for AES-GCM.
Defaults: If padding is not specified then the default padding method depends on the cipher mode:
pkcs5padding will be used for ECB and CBC mode and nopadding for all other modes.
The default cipher mode is ECB.
Thus "aes128" is the same as "aes128/ecb/pkcs5padding".
Padding: When decrypting you can specify NoPadding to leave any padding intact in the deciphered file.
This is useful if you wish to examine an unknown padding scheme.
Otherwise, when decrypting in ECB or CBC mode, you must specify the same padding scheme used when encrypting.
It is an error (DECRYPT_ERROR) if the expected padding string is not found after decrypting.
The padding parameter is ignored when decrypting in CTR, OFB or CFB mode.
GCM mode: [New in v20.7] Use aes*-gcm to decrypt the file using AES-GCM mode. A 16-byte tag (mac) must be appended at the end of the file. Only a 16-byte tag is supported. The IV must be exactly 12 bytes long for AES-GCM mode. Use the PKI_IV_PREFIX flag to indicate that the IV is at the start of the file.
See example in CIPHER_FileEncrypt.