AEADCipher.open
ubyte[] open(const(ubyte)[] ciphertext, const(ubyte)[] aad, const(ubyte)[] nonce, ubyte[] output = null)Decrypts and verifies data.
Parameters
ciphertext | The data to decrypt (must include the tag). |
aad | Additional Authenticated Data. |
nonce | The nonce/IV. |
output | Optional output buffer. If provided, must be at least ciphertext.length - tagSize. |
Returns
The plaintext if verification succeeds.
Throws
CryptoException if verification fails.
Note
This method throws an exception on authentication failure, which may
introduce timing variations. For timing-sensitive applications, callers should catch exceptions and handle all error paths with uniform timing to prevent timing side-channel attacks.