|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Ruby) Example: Crypt2.RandomizeIV methodDemonstrates using a random initialization vector for AES GCM encryption.
require 'chilkat' # This example assumes the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. crypt = Chilkat::CkCrypt2.new() crypt.put_CryptAlgorithm("aes") crypt.put_CipherMode("gcm") crypt.put_KeyLength(256) K = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F" AAD = "feedfacedeadbeeffeedfacedeadbeefabaddad2" PT = "This is the text to be AES-GCM encrypted." # Generate a random IV. crypt.RandomizeIV() IV = crypt.getEncodedIV("hex") crypt.SetEncodedKey(K,"hex") success = crypt.SetEncodedAad(AAD,"hex") # Return the encrypted bytes as base64 crypt.put_EncodingMode("base64") crypt.put_Charset("utf-8") cipherText = crypt.encryptStringENC(PT) if (crypt.get_LastMethodSuccess() != true) print crypt.lastErrorText() + "\n"; exit end # Get the GCM authenticated tag computed when encrypting. authTag = crypt.getEncodedAuthTag("base64") print "Cipher Text: " + cipherText + "\n"; print "Auth Tag: " + authTag + "\n"; # Let's send the IV, CipherText, and AuthTag to the decrypting party. # We'll send them concatenated like this: [IV || Ciphertext || AuthTag] # In base64 format. bdEncrypted = Chilkat::CkBinData.new() bdEncrypted.AppendEncoded(IV,"hex") bdEncrypted.AppendEncoded(cipherText,"base64") bdEncrypted.AppendEncoded(authTag,"base64") concatenatedGcmOutput = bdEncrypted.getEncoded("base64") print "Concatenated GCM Output: " + concatenatedGcmOutput + "\n"; # Sample output so far: # ------------------------------------------------------------------------------------- # Now let's GCM decrypt... # ------------------------------------------------------------------------------------- decrypt = Chilkat::CkCrypt2.new() # The values shared and agreed upon by both sides beforehand are: algorithm, cipher mode, secret key, and AAD. # Sometimes the IV can be a value already known and agreed upon, but in this case the encryptor sends the IV to the decryptor. decrypt.put_CryptAlgorithm("aes") decrypt.put_CipherMode("gcm") decrypt.put_KeyLength(256) decrypt.SetEncodedKey(K,"hex") decrypt.SetEncodedAad(AAD,"hex") bdFromEncryptor = Chilkat::CkBinData.new() bdFromEncryptor.AppendEncoded(concatenatedGcmOutput,"base64") sz = bdFromEncryptor.get_NumBytes() # Extract the parts. extractedIV = bdFromEncryptor.getEncodedChunk(0,16,"hex") extractedCipherText = bdFromEncryptor.getEncodedChunk(16,sz - 32,"base64") expectedAuthTag = bdFromEncryptor.getEncodedChunk(sz - 16,16,"base64") # Before GCM decrypting, we must set the authenticated tag to the value that is expected. # The decryption will fail if the resulting authenticated tag is not equal to the expected result. success = decrypt.SetEncodedAuthTag(expectedAuthTag,"base64") # Also set the IV. decrypt.SetEncodedIV(extractedIV,"hex") # Decrypt.. decrypt.put_EncodingMode("base64") decrypt.put_Charset("utf-8") decryptedText = decrypt.decryptStringENC(extractedCipherText) if (decrypt.get_LastMethodSuccess() != true) # Failed. The resultant authenticated tag did not equal the expected authentication tag. print decrypt.lastErrorText() + "\n"; exit end print "Decrypted: " + decryptedText + "\n"; |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.