DECRYPT BLOB
DECRYPT BLOB ( toDecrypt ; sendPubKey {; recipPrivKey} )
Parameter | Type | Description | |
---|---|---|---|
toDecrypt | Blob | ↔ | Data to decrypt |
Decrypted data | |||
sendPubKey | Blob | → | Sender’s public key |
recipPrivKey | Blob | → | Recipient’s private key |
Description
The DECRYPT BLOB command decrypts the content of the BLOB toDecrypt using the sender’s public key sendPubKey and, optionally, the recipient’s private key recipPrivKey.
The BLOB containing the sender’s public key is passed in the sendPubKey parameter. This key has been generated by the sender using the GENERATE ENCRYPTION KEYPAIR command and it has to be sent to the recipient.
The BLOB containing the recipient’s private key can be passed in the optional parameter recipPrivKey. In this case, the recipient has to generate a pair of encryption keys with the GENERATE ENCRYPTION KEYPAIR command and has to send his/her public key to the sender. The keypair-based encryption system guarantees that the message has been encrypted by the sender only and it can be decrypted by the recipient only. For more information about the keypair-based encryption system, refer to the routine ENCRYPT BLOB.
The command DECRYPT BLOB offers a checksum functionality in order to avoid any BLOB content modification (deliberate or not). If the encrypted BLOB is damaged or modified, the command will do nothing and an error will be returned.
Example
Refer to the examples given for the ENCRYPT BLOB command.