|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PHP ActiveX) Example: Crypt2.RandomizeIV methodDemonstrates using a random initialization vector for AES GCM encryption.
<?php // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. $crypt = new COM("Chilkat.Crypt2"); $crypt->CryptAlgorithm = 'aes'; $crypt->CipherMode = 'gcm'; $crypt->KeyLength = 256; $K = '000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F'; $AAD = 'feedfacedeadbeeffeedfacedeadbeefabaddad2'; $PT = 'This is the text to be AES-GCM encrypted.'; // Generate a random IV. $crypt->RandomizeIV(); $IV = $crypt->getEncodedIV('hex'); $crypt->SetEncodedKey($K,'hex'); $success = $crypt->SetEncodedAad($AAD,'hex'); // Return the encrypted bytes as base64 $crypt->EncodingMode = 'base64'; $crypt->Charset = 'utf-8'; $cipherText = $crypt->encryptStringENC($PT); if ($crypt->LastMethodSuccess != 1) { print $crypt->LastErrorText . "\n"; exit; } // Get the GCM authenticated tag computed when encrypting. $authTag = $crypt->getEncodedAuthTag('base64'); print 'Cipher Text: ' . $cipherText . "\n"; print 'Auth Tag: ' . $authTag . "\n"; // Let's send the IV, CipherText, and AuthTag to the decrypting party. // We'll send them concatenated like this: [IV || Ciphertext || AuthTag] // In base64 format. $bdEncrypted = new COM("Chilkat.BinData"); $bdEncrypted->AppendEncoded($IV,'hex'); $bdEncrypted->AppendEncoded($cipherText,'base64'); $bdEncrypted->AppendEncoded($authTag,'base64'); $concatenatedGcmOutput = $bdEncrypted->getEncoded('base64'); print 'Concatenated GCM Output: ' . $concatenatedGcmOutput . "\n"; // Sample output so far: // ------------------------------------------------------------------------------------- // Now let's GCM decrypt... // ------------------------------------------------------------------------------------- $decrypt = new COM("Chilkat.Crypt2"); // The values shared and agreed upon by both sides beforehand are: algorithm, cipher mode, secret key, and AAD. // Sometimes the IV can be a value already known and agreed upon, but in this case the encryptor sends the IV to the decryptor. $decrypt->CryptAlgorithm = 'aes'; $decrypt->CipherMode = 'gcm'; $decrypt->KeyLength = 256; $decrypt->SetEncodedKey($K,'hex'); $decrypt->SetEncodedAad($AAD,'hex'); $bdFromEncryptor = new COM("Chilkat.BinData"); $bdFromEncryptor->AppendEncoded($concatenatedGcmOutput,'base64'); $sz = $bdFromEncryptor->NumBytes; // Extract the parts. $extractedIV = $bdFromEncryptor->getEncodedChunk(0,16,'hex'); $extractedCipherText = $bdFromEncryptor->getEncodedChunk(16,$sz - 32,'base64'); $expectedAuthTag = $bdFromEncryptor->getEncodedChunk($sz - 16,16,'base64'); // Before GCM decrypting, we must set the authenticated tag to the value that is expected. // The decryption will fail if the resulting authenticated tag is not equal to the expected result. $success = $decrypt->SetEncodedAuthTag($expectedAuthTag,'base64'); // Also set the IV. $decrypt->SetEncodedIV($extractedIV,'hex'); // Decrypt.. $decrypt->EncodingMode = 'base64'; $decrypt->Charset = 'utf-8'; $decryptedText = $decrypt->decryptStringENC($extractedCipherText); if ($decrypt->LastMethodSuccess != 1) { // Failed. The resultant authenticated tag did not equal the expected authentication tag. print $decrypt->LastErrorText . "\n"; exit; } print 'Decrypted: ' . $decryptedText . "\n"; ?> |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.