|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PowerBuilder) AES-GCM Encryption / DecryptionSee more Encryption ExamplesDemonstrates AES-GCM encryption. Afterwards, the encrypted bytes, the authentication tag, and the IV are concatenated into one byte array and encoded to base64. For decryption, we decode the base64, extract the IV, authentication tag, and encrypted bytes, and then perform AES-GCM decryption.
integer li_rc oleobject loo_Crypt string K string ls_IV string ls_AAD string ls_PT integer li_Success string ls_CipherText string ls_AuthTag oleobject loo_BdEncrypted string ls_ConcatenatedGcmOutput oleobject loo_Decrypt oleobject loo_BdFromEncryptor integer li_Sz string ls_ExtractedIV string ls_ExtractedCipherText string ls_ExpectedAuthTag string ls_DecryptedText // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. loo_Crypt = create oleobject li_rc = loo_Crypt.ConnectToNewObject("Chilkat.Crypt2") if li_rc < 0 then destroy loo_Crypt MessageBox("Error","Connecting to COM object failed") return end if loo_Crypt.CryptAlgorithm = "aes" loo_Crypt.CipherMode = "gcm" loo_Crypt.KeyLength = 256 K = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F" ls_IV = "000102030405060708090A0B0C0D0E0F" ls_AAD = "feedfacedeadbeeffeedfacedeadbeefabaddad2" ls_PT = "This is the text to be AES-GCM encrypted." loo_Crypt.SetEncodedIV(ls_IV,"hex") loo_Crypt.SetEncodedKey(K,"hex") li_Success = loo_Crypt.SetEncodedAad(ls_AAD,"hex") // Return the encrypted bytes as base64 loo_Crypt.EncodingMode = "base64" loo_Crypt.Charset = "utf-8" ls_CipherText = loo_Crypt.EncryptStringENC(ls_PT) if loo_Crypt.LastMethodSuccess <> 1 then Write-Debug loo_Crypt.LastErrorText destroy loo_Crypt return end if // Get the GCM authenticated tag computed when encrypting. ls_AuthTag = loo_Crypt.GetEncodedAuthTag("base64") Write-Debug "Cipher Text: " + ls_CipherText Write-Debug "Auth Tag: " + ls_AuthTag // Let's send the IV, CipherText, and AuthTag to the decrypting party. // We'll send them concatenated like this: [IV || Ciphertext || AuthTag] // In base64 format. loo_BdEncrypted = create oleobject li_rc = loo_BdEncrypted.ConnectToNewObject("Chilkat.BinData") loo_BdEncrypted.AppendEncoded(ls_IV,"hex") loo_BdEncrypted.AppendEncoded(ls_CipherText,"base64") loo_BdEncrypted.AppendEncoded(ls_AuthTag,"base64") ls_ConcatenatedGcmOutput = loo_BdEncrypted.GetEncoded("base64") Write-Debug "Concatenated GCM Output: " + ls_ConcatenatedGcmOutput // Sample output so far: // ------------------------------------------------------------------------------------- // Now let's GCM decrypt... // ------------------------------------------------------------------------------------- loo_Decrypt = create oleobject li_rc = loo_Decrypt.ConnectToNewObject("Chilkat.Crypt2") // The values shared and agreed upon by both sides beforehand are: algorithm, cipher mode, secret key, and AAD. // Sometimes the IV can be a value already known and agreed upon, but in this case the encryptor sends the IV to the decryptor. loo_Decrypt.CryptAlgorithm = "aes" loo_Decrypt.CipherMode = "gcm" loo_Decrypt.KeyLength = 256 loo_Decrypt.SetEncodedKey(K,"hex") loo_Decrypt.SetEncodedAad(ls_AAD,"hex") loo_BdFromEncryptor = create oleobject li_rc = loo_BdFromEncryptor.ConnectToNewObject("Chilkat.BinData") loo_BdFromEncryptor.AppendEncoded(ls_ConcatenatedGcmOutput,"base64") li_Sz = loo_BdFromEncryptor.NumBytes // Extract the parts. ls_ExtractedIV = loo_BdFromEncryptor.GetEncodedChunk(0,16,"hex") ls_ExtractedCipherText = loo_BdFromEncryptor.GetEncodedChunk(16,li_Sz - 32,"base64") ls_ExpectedAuthTag = loo_BdFromEncryptor.GetEncodedChunk(li_Sz - 16,16,"base64") // Before GCM decrypting, we must set the authenticated tag to the value that is expected. // The decryption will fail if the resulting authenticated tag is not equal to the expected result. li_Success = loo_Decrypt.SetEncodedAuthTag(ls_ExpectedAuthTag,"base64") // Also set the IV. loo_Decrypt.SetEncodedIV(ls_ExtractedIV,"hex") // Decrypt.. loo_Decrypt.EncodingMode = "base64" loo_Decrypt.Charset = "utf-8" ls_DecryptedText = loo_Decrypt.DecryptStringENC(ls_ExtractedCipherText) if loo_Decrypt.LastMethodSuccess <> 1 then // Failed. The resultant authenticated tag did not equal the expected authentication tag. Write-Debug loo_Decrypt.LastErrorText destroy loo_Crypt destroy loo_BdEncrypted destroy loo_Decrypt destroy loo_BdFromEncryptor return end if Write-Debug "Decrypted: " + ls_DecryptedText // Sample output: // Cipher Text: cYspSW4GuSj0Msho4OgZZ0AwspDEpTF5Br8NlA+qT3f+g3nQo+xalmU= // Auth Tag: z/N82vdj/ZsM0WnHNCnPPw== // Concatenated GCM Output: AAECAwQFBgcICQoLDA0OD3GLKUluBrko9DLIaODoGWdAMLKQxKUxeQa/DZQPqk93/oN50KPsWpZlz/N82vdj/ZsM0WnHNCnPPw== // Decrypted: This is the text to be AES-GCM encrypted. destroy loo_Crypt destroy loo_BdEncrypted destroy loo_Decrypt destroy loo_BdFromEncryptor |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.