|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Go) Example: Crypt2.RandomizeIV methodDemonstrates using a random initialization vector for AES GCM encryption.
// This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. crypt := Crypt2_Ref.html">chilkat.NewCrypt2() crypt.SetCryptAlgorithm("aes") crypt.SetCipherMode("gcm") crypt.SetKeyLength(256) K := "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F" AAD := "feedfacedeadbeeffeedfacedeadbeefabaddad2" PT := "This is the text to be AES-GCM encrypted." // Generate a random IV. crypt.RandomizeIV() IV := crypt.GetEncodedIV("hex") crypt.SetEncodedKey(K,"hex") success := crypt.SetEncodedAad(AAD,"hex") // Return the encrypted bytes as base64 crypt.SetEncodingMode("base64") crypt.SetCharset("utf-8") cipherText := crypt.EncryptStringENC(PT) if crypt.LastMethodSuccess() != true { fmt.Println(crypt.LastErrorText()) crypt.DisposeCrypt2() return } // Get the GCM authenticated tag computed when encrypting. authTag := crypt.GetEncodedAuthTag("base64") fmt.Println("Cipher Text: ", *cipherText) fmt.Println("Auth Tag: ", *authTag) // Let's send the IV, CipherText, and AuthTag to the decrypting party. // We'll send them concatenated like this: [IV || Ciphertext || AuthTag] // In base64 format. bdEncrypted := BinData_Ref.html">chilkat.NewBinData() bdEncrypted.AppendEncoded(*IV,"hex") bdEncrypted.AppendEncoded(*cipherText,"base64") bdEncrypted.AppendEncoded(*authTag,"base64") concatenatedGcmOutput := bdEncrypted.GetEncoded("base64") fmt.Println("Concatenated GCM Output: ", *concatenatedGcmOutput) // Sample output so far: // ------------------------------------------------------------------------------------- // Now let's GCM decrypt... // ------------------------------------------------------------------------------------- decrypt := Crypt2_Ref.html">chilkat.NewCrypt2() // The values shared and agreed upon by both sides beforehand are: algorithm, cipher mode, secret key, and AAD. // Sometimes the IV can be a value already known and agreed upon, but in this case the encryptor sends the IV to the decryptor. decrypt.SetCryptAlgorithm("aes") decrypt.SetCipherMode("gcm") decrypt.SetKeyLength(256) decrypt.SetEncodedKey(K,"hex") decrypt.SetEncodedAad(AAD,"hex") bdFromEncryptor := BinData_Ref.html">chilkat.NewBinData() bdFromEncryptor.AppendEncoded(*concatenatedGcmOutput,"base64") sz := bdFromEncryptor.NumBytes() // Extract the parts. extractedIV := bdFromEncryptor.GetEncodedChunk(0,16,"hex") extractedCipherText := bdFromEncryptor.GetEncodedChunk(16,sz - 32,"base64") expectedAuthTag := bdFromEncryptor.GetEncodedChunk(sz - 16,16,"base64") // Before GCM decrypting, we must set the authenticated tag to the value that is expected. // The decryption will fail if the resulting authenticated tag is not equal to the expected result. success = decrypt.SetEncodedAuthTag(*expectedAuthTag,"base64") // Also set the IV. decrypt.SetEncodedIV(*extractedIV,"hex") // Decrypt.. decrypt.SetEncodingMode("base64") decrypt.SetCharset("utf-8") decryptedText := decrypt.DecryptStringENC(*extractedCipherText) if decrypt.LastMethodSuccess() != true { // Failed. The resultant authenticated tag did not equal the expected authentication tag. fmt.Println(decrypt.LastErrorText()) crypt.DisposeCrypt2() bdEncrypted.DisposeBinData() decrypt.DisposeCrypt2() bdFromEncryptor.DisposeBinData() return } fmt.Println("Decrypted: ", *decryptedText) crypt.DisposeCrypt2() bdEncrypted.DisposeBinData() decrypt.DisposeCrypt2() bdFromEncryptor.DisposeBinData() |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.