The function crypto_aead_aes256gcm_decrypt() verifies that the ciphertext c (as produced by crypto_aead_aes256gcm_encrypt()),
includes a valid tag using a secret key k, a public nonce npub, and additional data ad. c.length is the ciphertext length
in bytes with the authenticator, so it has to be at least aead_aes256gcm_ABYTES.
ad can be an empty array if no additional data are required.
The function returns false if the verification fails.
If the verification succeeds, the function returns true, puts the decrypted message into m and stores its actual number of bytes into mlen_p.
(and c's .length might shrink to the length actually required).
At most c.length - crypto_aead_aes256gcm_ABYTES bytes will be put into m.
The function crypto_aead_aes256gcm_decrypt() verifies that the ciphertext c (as produced by crypto_aead_aes256gcm_encrypt()), includes a valid tag using a secret key k, a public nonce npub, and additional data ad. c.length is the ciphertext length in bytes with the authenticator, so it has to be at least aead_aes256gcm_ABYTES.
ad can be an empty array if no additional data are required. The function returns false if the verification fails. If the verification succeeds, the function returns true, puts the decrypted message into m and stores its actual number of bytes into mlen_p. (and c's .length might shrink to the length actually required). At most c.length - crypto_aead_aes256gcm_ABYTES bytes will be put into m.