(JavaScript) Example: Crypt2.RandomizeIV method

Demonstrates using a random initialization vector for AES GCM encryption.

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

var success = false;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

var crypt = new CkCrypt2();

crypt.CryptAlgorithm = "aes";
crypt.CipherMode = "gcm";
crypt.KeyLength = 256;

var K = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F";
var AAD = "feedfacedeadbeeffeedfacedeadbeefabaddad2";
var PT = "This is the text to be AES-GCM encrypted.";

// Generate a random IV.
crypt.RandomizeIV();
var IV = crypt.GetEncodedIV("hex");

crypt.SetEncodedKey(K,"hex");

success = crypt.SetEncodedAad(AAD,"hex");

// Return the encrypted bytes as base64
crypt.EncodingMode = "base64";
crypt.Charset = "utf-8";
var cipherText = crypt.EncryptStringENC(PT);
if (crypt.LastMethodSuccess !== true) {
    console.log(crypt.LastErrorText);
    return;
}

// Get the GCM authenticated tag computed when encrypting.
var authTag = crypt.GetEncodedAuthTag("base64");

console.log("Cipher Text: " + cipherText);
console.log("Auth Tag: " + authTag);

// Let's send the IV, CipherText, and AuthTag to the decrypting party.
// We'll send them concatenated like this: [IV || Ciphertext || AuthTag]
// In base64 format.
var bdEncrypted = new CkBinData();
bdEncrypted.AppendEncoded(IV,"hex");
bdEncrypted.AppendEncoded(cipherText,"base64");
bdEncrypted.AppendEncoded(authTag,"base64");

var concatenatedGcmOutput = bdEncrypted.GetEncoded("base64");
console.log("Concatenated GCM Output: " + concatenatedGcmOutput);

// Sample output so far:

// -------------------------------------------------------------------------------------
// Now let's GCM decrypt...
// -------------------------------------------------------------------------------------

var decrypt = new CkCrypt2();

// The values shared and agreed upon by both sides beforehand are: algorithm, cipher mode, secret key, and AAD.
// Sometimes the IV can be a value already known and agreed upon, but in this case the encryptor sends the IV to the decryptor.
decrypt.CryptAlgorithm = "aes";
decrypt.CipherMode = "gcm";
decrypt.KeyLength = 256;
decrypt.SetEncodedKey(K,"hex");
decrypt.SetEncodedAad(AAD,"hex");

var bdFromEncryptor = new CkBinData();
bdFromEncryptor.AppendEncoded(concatenatedGcmOutput,"base64");

var sz = bdFromEncryptor.NumBytes;

// Extract the parts.
var extractedIV = bdFromEncryptor.GetEncodedChunk(0,16,"hex");
var extractedCipherText = bdFromEncryptor.GetEncodedChunk(16,sz - 32,"base64");
var expectedAuthTag = bdFromEncryptor.GetEncodedChunk(sz - 16,16,"base64");

// Before GCM decrypting, we must set the authenticated tag to the value that is expected.
// The decryption will fail if the resulting authenticated tag is not equal to the expected result.
success = decrypt.SetEncodedAuthTag(expectedAuthTag,"base64");

// Also set the IV.
decrypt.SetEncodedIV(extractedIV,"hex");

// Decrypt..
decrypt.EncodingMode = "base64";
decrypt.Charset = "utf-8";
var decryptedText = decrypt.DecryptStringENC(extractedCipherText);
if (decrypt.LastMethodSuccess !== true) {
    // Failed.  The resultant authenticated tag did not equal the expected authentication tag.
    console.log(decrypt.LastErrorText);
    return;
}

console.log("Decrypted: " + decryptedText);