One-shot decrypt in to user buffers
This changes the one-shot decryption to allow decrypting directly in to user-supplied buffers, even in the presence of padding, so that a copy and CryptoPool rental can be avoided.
If the buffer is large enough to accommodate the padding, then decrypt directly in to the supplied buffer, zero the padding, and indicate the de-padded amount in bytesWritten.
If the buffer is possibly large enough, then decrypt all but the last block in to the buffer, and do the last block on the stack. If the de-padded amount in the stack is small enough, then copy the remaining. If it is too large, then zero everything in the user buffer.