|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(C#) Example: Crypt2.RandomizeIV methodDemonstrates using a random initialization vector for AES GCM encryption.
// This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. Chilkat.Crypt2 crypt = new Chilkat.Crypt2(); crypt.CryptAlgorithm = "aes"; crypt.CipherMode = "gcm"; crypt.KeyLength = 256; string K = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; string AAD = "feedfacedeadbeeffeedfacedeadbeefabaddad2"; string PT = "This is the text to be AES-GCM encrypted."; // Generate a random IV. crypt.RandomizeIV(); string IV = crypt.GetEncodedIV("hex"); crypt.SetEncodedKey(K,"hex"); bool success = crypt.SetEncodedAad(AAD,"hex"); // Return the encrypted bytes as base64 crypt.EncodingMode = "base64"; crypt.Charset = "utf-8"; string cipherText = crypt.EncryptStringENC(PT); if (crypt.LastMethodSuccess != true) { Debug.WriteLine(crypt.LastErrorText); return; } // Get the GCM authenticated tag computed when encrypting. string authTag = crypt.GetEncodedAuthTag("base64"); Debug.WriteLine("Cipher Text: " + cipherText); Debug.WriteLine("Auth Tag: " + authTag); // Let's send the IV, CipherText, and AuthTag to the decrypting party. // We'll send them concatenated like this: [IV || Ciphertext || AuthTag] // In base64 format. Chilkat.BinData bdEncrypted = new Chilkat.BinData(); bdEncrypted.AppendEncoded(IV,"hex"); bdEncrypted.AppendEncoded(cipherText,"base64"); bdEncrypted.AppendEncoded(authTag,"base64"); string concatenatedGcmOutput = bdEncrypted.GetEncoded("base64"); Debug.WriteLine("Concatenated GCM Output: " + concatenatedGcmOutput); // Sample output so far: // ------------------------------------------------------------------------------------- // Now let's GCM decrypt... // ------------------------------------------------------------------------------------- Chilkat.Crypt2 decrypt = new Chilkat.Crypt2(); // The values shared and agreed upon by both sides beforehand are: algorithm, cipher mode, secret key, and AAD. // Sometimes the IV can be a value already known and agreed upon, but in this case the encryptor sends the IV to the decryptor. decrypt.CryptAlgorithm = "aes"; decrypt.CipherMode = "gcm"; decrypt.KeyLength = 256; decrypt.SetEncodedKey(K,"hex"); decrypt.SetEncodedAad(AAD,"hex"); Chilkat.BinData bdFromEncryptor = new Chilkat.BinData(); bdFromEncryptor.AppendEncoded(concatenatedGcmOutput,"base64"); int sz = bdFromEncryptor.NumBytes; // Extract the parts. string extractedIV = bdFromEncryptor.GetEncodedChunk(0,16,"hex"); string extractedCipherText = bdFromEncryptor.GetEncodedChunk(16,sz - 32,"base64"); string expectedAuthTag = bdFromEncryptor.GetEncodedChunk(sz - 16,16,"base64"); // Before GCM decrypting, we must set the authenticated tag to the value that is expected. // The decryption will fail if the resulting authenticated tag is not equal to the expected result. success = decrypt.SetEncodedAuthTag(expectedAuthTag,"base64"); // Also set the IV. decrypt.SetEncodedIV(extractedIV,"hex"); // Decrypt.. decrypt.EncodingMode = "base64"; decrypt.Charset = "utf-8"; string decryptedText = decrypt.DecryptStringENC(extractedCipherText); if (decrypt.LastMethodSuccess != true) { // Failed. The resultant authenticated tag did not equal the expected authentication tag. Debug.WriteLine(decrypt.LastErrorText); return; } Debug.WriteLine("Decrypted: " + decryptedText); |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.