Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Decrypt 256-bit AES GCM Produced by Something Unknown

See more Encryption Examples

Demonstrates how to decrypt something produced elsewhere (unknown) with 256-bit AES GCM.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.BinData,
  Chilkat.Crypt2;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  keyBase64: string;
  ivBase64Url: string;
  cipherBase64Url: string;
  crypt: TCrypt2;
  bdEncrypted: TBinData;
  bdAuthTag: TBinData;
  numBytes: Integer;
  authTagHex: string;
  originalText: string;

begin
  success := False;

  //  This example assumes the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  We have the following to decrypt:

  //  Key (Base64): 
  keyBase64 := 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';

  //  IV (Base64Url):
  ivBase64Url := 'xrvaINMLqotAbWRK';

  //  ciphertext (base64url):
  cipherBase64Url := 'RtGNAS-zQOxSB8W0HfqJjCoyt9KgImW_l-HjVC40hOOl-RNfRF3hzDIT1kvFVF8i_KX9XmqAftb6lyq-jLCEc_MSgqt3q1ixv3Ez4SbS3G5e3qGzLwxIMi2sCt00aDNwK2ipsJ4aw8s7ePPnl4oY-y1st9rwCWR0rrgEZwS9jmS4uJWGPn9K3jbKRnMslznDbtFLNJctMVXBTP-cv47JelxLCBOQSlK29rMuEFrhHR_VQrPq6gtZaBVSXZSYT0XOklp7nu9mVhrMCRtBCC5oiu5MPE5JYx4ANo3hUY7_NyQl2bpn9GfRXrdvqRGE-gy2upj-cDkm0t_tV8xmYge9DBQTH3B_4BGl2qTk_o-m7pEmKkS8XSdQhGcuFlykqrkE8SzB5I8esfzWOM0pwxbz0H_VaylKYHY=';

  crypt := TCrypt2.Create;

  crypt.CryptAlgorithm := 'aes';
  crypt.CipherMode := 'gcm';
  crypt.KeyLength := 256;

  success := crypt.SetEncodedAad('random','ascii');
  crypt.SetEncodedKey(keyBase64,'base64');
  crypt.SetEncodedIV(ivBase64Url,'base64url');

  //  The cipher text contains the 16-byte auth tag at the end.
  //  get it separately..
  bdEncrypted := TBinData.Create;
  bdAuthTag := TBinData.Create;
  success := bdEncrypted.AppendEncoded(cipherBase64Url,'base64url');

  numBytes := bdEncrypted.NumBytes;
  authTagHex := bdEncrypted.GetEncodedChunk(numBytes - 16,16,'hex');

  WriteLn('Auth tag in hex: ' + authTagHex);

  success := bdAuthTag.AppendEncoded(authTagHex,'hex');
  bdEncrypted.RemoveChunk(numBytes - 16,16);

  //  Use this special value to tell Chilkat to ignore the auth tag.
  success := crypt.SetEncodedAuthTag('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF','hex');

  //  Decrypt
  crypt.EncodingMode := 'base64';
  originalText := crypt.DecryptStringENC(bdEncrypted.GetEncoded('base64'));
  if (crypt.LastMethodSuccess = False) then
    begin
      WriteLn(crypt.LastErrorText);
    end
  else
    begin
      WriteLn(originalText);
      WriteLn('Success.');
    end;

  //  Decrypted text


  crypt.Free;
  bdEncrypted.Free;
  bdAuthTag.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.