



@deftypefun {int} {gnutls_hpke_open} (gnutls_hpke_context_t @var{ctx}, const gnutls_datum_t * @var{aad}, const gnutls_datum_t * @var{ciphertext}, gnutls_datum_t * @var{plaintext})
@var{ctx}: The HPKE context to use for opening.

@var{aad}: The associated data (AAD) that was authenticated during sealing.

@var{ciphertext}: The ciphertext received from the sender.

@var{plaintext}: A pointer to a gnutls_datum_t structure where the resulting plaintext will be stored.

This function performs the opening operation of HPKE. It takes the
ciphertext received from the sender and uses the keys and nonces
set up in the HPKE context (after decapsulation) to decrypt the
ciphertext and verify the authentication tag. If the decryption and
authentication are successful, the resulting plaintext is stored in
 @code{plaintext} . If the decryption or authentication fails, the function
securely erases any allocated plaintext and returns an error code.

This function can be used multiple times with the same HPKE
context, but the decapsulation function (@code{gnutls_hpke_decap()} ) must
be called once before the first call to this function.

 @code{aad} should be the same AAD that was provided to @code{gnutls_hpke_seal()} 
on the sender's side.

 @code{ciphertext} should be the same ciphertext that was generated by
@code{gnutls_hpke_seal()}  on the sender's side.

The function will allocate memory for the  @code{plaintext} , and the
caller is responsible for freeing this memory using @code{gnutls_free()} 
when it is no longer needed.

@strong{Returns:} 0 on success, or a negative error code on failure

@strong{Since:} 3.8.13
@end deftypefun
