decrypt-data will decrypt <data> which must have been encrypted with
encrypt-data, or other software using the same algorithms and clauses as specified.
If
"input-length" clause is not used, the data to decrypt is considered to be a string, i.e. null-terminated, otherwise, if specified, then exactly <input length> bytes are decrypted. Password used for decryption is <password> (in
"password" clause) and it must match the password used in
encrypt-data. If
"salt" clause is used, then string <salt> must match the salt used in encryption. If
"init-vector" clause is used, then string <init vector> must match the IV (initialization vector) used in encryption. If
"iterations" clause is used, then <iterations> must match the number used in encryption.
"output-length" clause lets you obtain the number of bytes in decrypted data in <output length>, which can be created with optional
"define". The result of decryption is in <result> (in
"to" clause) and can be created with optional
"define". <result> is
allocated memory.
If data was encrypted with
"binary" clause, you must decrypt it with the same, and if it was without such clause in
encrypt-data, then you must not use it in decrypt-data either. The reason for this is obvious - binary mode of encryption is encrypted data in its shortest form, and character mode (without
"binary") is the same data converted to a hexadecimal string - thus decryption must first convert such data back to binary before decrypting.
The cipher and digest algorithms (if specified as <cipher algorithm> and <digest algorithm> in
"cipher" and
"digest" clauses respectively) must match what was used in
encrypt-data.
"cache" clause is used to cache the result of key computation, so it is not computed each time decryption takes place, while
"clear-cache" allows key to be re-computed every time <clear cache> evaluates to boolean true. For more on
"cache" and
"clear-cache" clauses, as well as safety of encrypting/decrypting, see
"Caching key" and
"Safety" in
encrypt-data.
