gnutls_aead_cipher_decrypt - Linux


gnutls_aead_cipher_decrypt is a powerful command-line utility that provides a secure and efficient way to decrypt data using an Authenticated Encryption with Associated Data (AEAD) cipher. It’s commonly used for encrypting sensitive information such as passwords, credentials, and private keys.


gnutls_aead_cipher_decrypt [options] key_file enc_file [dec_file]


  • -e ALGORITHM: Specify the AEAD algorithm to use. Defaults to "AES-256-GCM".
  • -k KEY_SIZE: Set the key size in bits (e.g., 128, 192, or 256). Defaults to 128.
  • -v: Print verbose information and debug logs.
  • -p: Prompt for the password to decrypt the key file.


Decrypting a file using AES-128-GCM with a password-protected key file:

gnutls_aead_cipher_decrypt -e AES-128-GCM -p secret.key encrypted.msg decrypted.txt

Decrypting a file using a specified key file and key size:

gnutls_aead_cipher_decrypt -k 256 my_key.key

Common Issues

  • Incorrect password: Ensure the password entered for the key file is correct.
  • Unsupported algorithm: Make sure the specified AEAD algorithm is supported by the gnutls library.
  • Invalid key: The key file should contain a valid and matching key for the specified algorithm.


gnutls_aead_cipher_decrypt can be integrated with other commands to automate decryption tasks. For instance, it can be used with grep to filter decrypted data:

gnutls_aead_cipher_decrypt -p secret.key encrypted.txt | grep "password"

Related Commands