(C) Decrypt 256-bit AES GCM Produced by Something Unknown

Demonstrates how to decrypt something produced elsewhere (unknown) with 256-bit AES GCM.

Chilkat C/C++ Library Downloads

MS Visual C/C++

Linux/CentOS C/C++

Alpine Linux C/C++

MAC OS X C/C++

armhf/aarch64 C/C++

C++ Builder

iOS C/C++

Android C/C++

Solaris C/C++

MinGW C/C++

#include <C_CkCrypt2.h>
#include <C_CkBinData.h>

void ChilkatSample(void)
    {
    const char *keyBase64;
    const char *ivBase64Url;
    const char *cipherBase64Url;
    HCkCrypt2 crypt;
    BOOL success;
    HCkBinData bdEncrypted;
    HCkBinData bdAuthTag;
    int numBytes;
    const char *authTagHex;
    const char *originalText;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // We have the following to decrypt:

    // Key (Base64): 
    keyBase64 = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";

    // IV (Base64Url):
    ivBase64Url = "xrvaINMLqotAbWRK";

    // ciphertext (base64url):
    cipherBase64Url = "RtGNAS-zQOxSB8W0HfqJjCoyt9KgImW_l-HjVC40hOOl-RNfRF3hzDIT1kvFVF8i_KX9XmqAftb6lyq-jLCEc_MSgqt3q1ixv3Ez4SbS3G5e3qGzLwxIMi2sCt00aDNwK2ipsJ4aw8s7ePPnl4oY-y1st9rwCWR0rrgEZwS9jmS4uJWGPn9K3jbKRnMslznDbtFLNJctMVXBTP-cv47JelxLCBOQSlK29rMuEFrhHR_VQrPq6gtZaBVSXZSYT0XOklp7nu9mVhrMCRtBCC5oiu5MPE5JYx4ANo3hUY7_NyQl2bpn9GfRXrdvqRGE-gy2upj-cDkm0t_tV8xmYge9DBQTH3B_4BGl2qTk_o-m7pEmKkS8XSdQhGcuFlykqrkE8SzB5I8esfzWOM0pwxbz0H_VaylKYHY=";

    crypt = CkCrypt2_Create();

    CkCrypt2_putCryptAlgorithm(crypt,"aes");
    CkCrypt2_putCipherMode(crypt,"gcm");
    CkCrypt2_putKeyLength(crypt,256);

    success = CkCrypt2_SetEncodedAad(crypt,"random","ascii");
    CkCrypt2_SetEncodedKey(crypt,keyBase64,"base64");
    CkCrypt2_SetEncodedIV(crypt,ivBase64Url,"base64url");

    // The cipher text contains the 16-byte auth tag at the end.
    // get it separately..
    bdEncrypted = CkBinData_Create();
    bdAuthTag = CkBinData_Create();
    success = CkBinData_AppendEncoded(bdEncrypted,cipherBase64Url,"base64url");

    numBytes = CkBinData_getNumBytes(bdEncrypted);
    authTagHex = CkBinData_getEncodedChunk(bdEncrypted,numBytes - 16,16,"hex");

    printf("Auth tag in hex: %s\n",authTagHex);

    success = CkBinData_AppendEncoded(bdAuthTag,authTagHex,"hex");
    CkBinData_RemoveChunk(bdEncrypted,numBytes - 16,16);

    // Use this special value to tell Chilkat to ignore the auth tag.
    success = CkCrypt2_SetEncodedAuthTag(crypt,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF","hex");

    // Decrypt
    CkCrypt2_putEncodingMode(crypt,"base64");
    originalText = CkCrypt2_decryptStringENC(crypt,CkBinData_getEncoded(bdEncrypted,"base64"));
    if (CkCrypt2_getLastMethodSuccess(crypt) == FALSE) {
        printf("%s\n",CkCrypt2_lastErrorText(crypt));
    }
    else {
        printf("%s\n",originalText);
        printf("Success.\n");
    }

    // Decrypted text


    CkCrypt2_Dispose(crypt);
    CkBinData_Dispose(bdEncrypted);
    CkBinData_Dispose(bdAuthTag);

    }