Scroll to navigation

GOLF(2gg) Development GOLF(2gg)

NAME

decrypt-data - (encryption)

PURPOSE

Decrypt data.

SYNTAX

decrypt-data <data> to <result> \


    [ input-length <input length> ] \


    [ binary [ <binary> ] ] \


    ( password <password> \


        [ salt <salt> [ salt-length <salt length> ] ] \


        [ iterations <iterations> ] \


        [ cipher <cipher algorithm> ] \


        [ digest <digest algorithm> ]


        [ cache ]


        [ clear-cache <clear cache> ) \


    [ init-vector <init vector> ]

DESCRIPTION

decrypt-data will decrypt <data> which must have been encrypted with encrypt-data, or other software using the same algorithms and clauses as specified.

If "input-length" clause is not used, then the number of bytes decrypted is the length of <data> (see string-length); if "input-length" is specified, then exactly <input length> bytes are decrypted. Password used for decryption is string <password> (in "password" clause) and it must match the password used in encrypt-data. If "salt" clause is used, then string <salt> must match the salt used in encryption. If "init-vector" clause is used, then string <init vector> must match the IV (initialization vector) used in encryption. If "iterations" clause is used, then <iterations> must match the number used in encryption.

The result of decryption is in <result> (in "to" clause).

If data was encrypted in binary mode (see encrypt-data), you must decrypt it with the same, and if it wasn't, then you must not use it in decrypt-data either. The reason for this is obvious - binary mode of encryption is encrypted data in its shortest form, and character mode (without "binary" or if <binary> evaluates to false) is the same data converted to a hexadecimal string - thus decryption must first convert such data back to binary before decrypting.

The cipher and digest algorithms (if specified as <cipher algorithm> and <digest algorithm> in "cipher" and "digest" clauses respectively) must match what was used in encrypt-data.

"cache" clause is used to cache the result of key computation, so it is not computed each time decryption takes place, while "clear-cache" allows key to be re-computed every time <clear cache> evaluates to boolean true; re-computation of a key, if used, must match the usage during encryption. For more on "cache" and "clear-cache" clauses, as well as safety of encrypting/decrypting, see "Caching key" and "Safety" in encrypt-data.

EXAMPLES

See encrypt-data.

SEE ALSO


Encryption

decrypt-data derive-key encrypt-data hash-string hmac-string random-crypto random-string See all documentation

$VERSION $DATE