pub fn ccm_decrypt(
aes: &Aes,
m: usize,
l: usize,
nonce: &[u8],
aad: &[u8],
ciphertext: &[u8],
tag: &[u8],
) -> Option<Vec<u8>>Expand description
AES-CCM decrypt with the generic (M, L) parameters.
Returns Some(plaintext) only if the recomputed tag matches
(constant-time compare). Returns None for any malformed input
(wrong nonce length, wrong tag length, parameter out of range,
AAD too long, payload too long) and for tag mismatch.
Callers MUST treat None as a hard authentication failure and
MUST NOT use the (intermediate) decrypted bytes for any purpose
even if they were exposed by an aggressive optimiser – the
function does not leak them.