blob: 31f011d12e8486c56457b00a6ae3a20cf4da7793 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
krb5_c_decrypt - Decrypt data using a key (operates on keyblock).
===================================================================
..
.. c:function:: krb5_error_code krb5_c_decrypt(krb5_context context, const krb5_keyblock * key, krb5_keyusage usage, const krb5_data * cipher_state, const krb5_enc_data * input, krb5_data * output)
..
:param:
**[in]** **context** - Library context
**[in]** **key** - Encryption key
**[in]** **usage** - Key usage (see :data:`KRB5_KEYUSAGE` types)
**[inout]** **cipher_state** - Cipher state; specify NULL if not needed
**[in]** **input** - Encrypted data
**[out]** **output** - Decrypted data
..
:retval:
- 0 Success; otherwise - Kerberos error codes
..
This function decrypts the data block *input* and stores the output into *output* . The actual decryption key will be derived from *key* and *usage* if key derivation is specified for the encryption type. If non-null, *cipher_state* specifies the beginning state for the decryption operation, and is updated with the state to be passed as input to the next operation.
..
.. note::
The caller must initialize *output* and allocate at least enough space for the result. The usual practice is to allocate an output buffer as long as the ciphertext, and let :c:func:`krb5_c_decrypt()` trim *output->length* . For some enctypes, the resulting *output->length* may include padding bytes.
|