Tool for decrypting WhatsApp Crypt12 databases. The authenticated decryption operation has five inputs: K, IV, C, A and T. It has only a single output, either the plaintext value P or a special symbol 'FAIL' that indicates that the inputs are not authentic. A ciphertext C, initialization vector IV, additional authenticated data A and tag T are authentic for key K when they are generated with the encrypt operation with inputs K, IV, A and P, for some plaintext P. The authenticated decrypt operation will, with high probability, return 'FAIL' when its inputs were not created by the encrypt operation with the identical key. The additional authenticated data A is used to protect information that needs to be authenticated, but which must be left unencrypted. When using GCM to secure network protocol, this input could include addresses, ports, sequence numbers, protocol version numbers, and other fields that indicate how the plaintext should be handled, forwarded, or processed. In many situations, its desirable to authenticate these fields, though they must be left in the clear for the network to function properly. when this data is included in the AAD, authentication is provided without copying the data into the ciphertext. The primary purpose of the IV is to be a nonce, that is, to be distinct for each invocation of the encryption operation for a fixed key. It is acceptable for the IV to be generated randomly, as long as the distinctness of the IV is highly likely. The IV is authenticated, and it is not necessary to include it in in the AAD field.