|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(AutoIt) Example: Crypt2.RandomizeIV methodDemonstrates using a random initialization vector for AES GCM encryption.
; This example assumes the Chilkat API to have been previously unlocked. ; See Global Unlock Sample for sample code. $oCrypt = ObjCreate("Chilkat.Crypt2") $oCrypt.CryptAlgorithm = "aes" $oCrypt.CipherMode = "gcm" $oCrypt.KeyLength = 256 Local $sK = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F" Local $sAAD = "feedfacedeadbeeffeedfacedeadbeefabaddad2" Local $sPT = "This is the text to be AES-GCM encrypted." ; Generate a random IV. $oCrypt.RandomizeIV Local $sIV = $oCrypt.GetEncodedIV("hex") $oCrypt.SetEncodedKey $sK,"hex" Local $bSuccess = $oCrypt.SetEncodedAad($sAAD,"hex") ; Return the encrypted bytes as base64 $oCrypt.EncodingMode = "base64" $oCrypt.Charset = "utf-8" Local $sCipherText = $oCrypt.EncryptStringENC($sPT) If ($oCrypt.LastMethodSuccess <> True) Then ConsoleWrite($oCrypt.LastErrorText & @CRLF) Exit EndIf ; Get the GCM authenticated tag computed when encrypting. Local $sAuthTag = $oCrypt.GetEncodedAuthTag("base64") ConsoleWrite("Cipher Text: " & $sCipherText & @CRLF) ConsoleWrite("Auth Tag: " & $sAuthTag & @CRLF) ; Let's send the IV, CipherText, and AuthTag to the decrypting party. ; We'll send them concatenated like this: [IV || Ciphertext || AuthTag] ; In base64 format. $oBdEncrypted = ObjCreate("Chilkat.BinData") $oBdEncrypted.AppendEncoded($sIV,"hex") $oBdEncrypted.AppendEncoded($sCipherText,"base64") $oBdEncrypted.AppendEncoded($sAuthTag,"base64") Local $sConcatenatedGcmOutput = $oBdEncrypted.GetEncoded("base64") ConsoleWrite("Concatenated GCM Output: " & $sConcatenatedGcmOutput & @CRLF) ; Sample output so far: ; ------------------------------------------------------------------------------------- ; Now let's GCM decrypt... ; ------------------------------------------------------------------------------------- $oDecrypt = ObjCreate("Chilkat.Crypt2") ; The values shared and agreed upon by both sides beforehand are: algorithm, cipher mode, secret key, and AAD. ; Sometimes the IV can be a value already known and agreed upon, but in this case the encryptor sends the IV to the decryptor. $oDecrypt.CryptAlgorithm = "aes" $oDecrypt.CipherMode = "gcm" $oDecrypt.KeyLength = 256 $oDecrypt.SetEncodedKey $sK,"hex" $oDecrypt.SetEncodedAad($sAAD,"hex") $oBdFromEncryptor = ObjCreate("Chilkat.BinData") $oBdFromEncryptor.AppendEncoded($sConcatenatedGcmOutput,"base64") Local $iSz = $oBdFromEncryptor.NumBytes ; Extract the parts. Local $sExtractedIV = $oBdFromEncryptor.GetEncodedChunk(0,16,"hex") Local $sExtractedCipherText = $oBdFromEncryptor.GetEncodedChunk(16,$iSz - 32,"base64") Local $sExpectedAuthTag = $oBdFromEncryptor.GetEncodedChunk($iSz - 16,16,"base64") ; Before GCM decrypting, we must set the authenticated tag to the value that is expected. ; The decryption will fail if the resulting authenticated tag is not equal to the expected result. $bSuccess = $oDecrypt.SetEncodedAuthTag($sExpectedAuthTag,"base64") ; Also set the IV. $oDecrypt.SetEncodedIV $sExtractedIV,"hex" ; Decrypt.. $oDecrypt.EncodingMode = "base64" $oDecrypt.Charset = "utf-8" Local $sDecryptedText = $oDecrypt.DecryptStringENC($sExtractedCipherText) If ($oDecrypt.LastMethodSuccess <> True) Then ; Failed. The resultant authenticated tag did not equal the expected authentication tag. ConsoleWrite($oDecrypt.LastErrorText & @CRLF) Exit EndIf ConsoleWrite("Decrypted: " & $sDecryptedText & @CRLF) |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.