Sample code for 30+ languages & platforms
DataFlex

Decrypt 256-bit AES GCM Produced by Something Unknown

See more Encryption Examples

Demonstrates how to decrypt something produced elsewhere (unknown) with 256-bit AES GCM.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    String sKeyBase64
    String sIvBase64Url
    String sCipherBase64Url
    Handle hoCrypt
    Handle hoBdEncrypted
    Handle hoBdAuthTag
    Integer iNumBytes
    String sAuthTagHex
    String sOriginalText
    String sTemp1
    Boolean bTemp1

    Move False To iSuccess

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // We have the following to decrypt:

    // Key (Base64): 
    Move "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" To sKeyBase64

    // IV (Base64Url):
    Move "xrvaINMLqotAbWRK" To sIvBase64Url

    // ciphertext (base64url):
    Move "RtGNAS-zQOxSB8W0HfqJjCoyt9KgImW_l-HjVC40hOOl-RNfRF3hzDIT1kvFVF8i_KX9XmqAftb6lyq-jLCEc_MSgqt3q1ixv3Ez4SbS3G5e3qGzLwxIMi2sCt00aDNwK2ipsJ4aw8s7ePPnl4oY-y1st9rwCWR0rrgEZwS9jmS4uJWGPn9K3jbKRnMslznDbtFLNJctMVXBTP-cv47JelxLCBOQSlK29rMuEFrhHR_VQrPq6gtZaBVSXZSYT0XOklp7nu9mVhrMCRtBCC5oiu5MPE5JYx4ANo3hUY7_NyQl2bpn9GfRXrdvqRGE-gy2upj-cDkm0t_tV8xmYge9DBQTH3B_4BGl2qTk_o-m7pEmKkS8XSdQhGcuFlykqrkE8SzB5I8esfzWOM0pwxbz0H_VaylKYHY=" To sCipherBase64Url

    Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
    If (Not(IsComObjectCreated(hoCrypt))) Begin
        Send CreateComObject of hoCrypt
    End

    Set ComCryptAlgorithm Of hoCrypt To "aes"
    Set ComCipherMode Of hoCrypt To "gcm"
    Set ComKeyLength Of hoCrypt To 256

    Get ComSetEncodedAad Of hoCrypt "random" "ascii" To iSuccess
    Send ComSetEncodedKey To hoCrypt sKeyBase64 "base64"
    Send ComSetEncodedIV To hoCrypt sIvBase64Url "base64url"

    // The cipher text contains the 16-byte auth tag at the end.
    // get it separately..
    Get Create (RefClass(cComChilkatBinData)) To hoBdEncrypted
    If (Not(IsComObjectCreated(hoBdEncrypted))) Begin
        Send CreateComObject of hoBdEncrypted
    End
    Get Create (RefClass(cComChilkatBinData)) To hoBdAuthTag
    If (Not(IsComObjectCreated(hoBdAuthTag))) Begin
        Send CreateComObject of hoBdAuthTag
    End
    Get ComAppendEncoded Of hoBdEncrypted sCipherBase64Url "base64url" To iSuccess

    Get ComNumBytes Of hoBdEncrypted To iNumBytes
    Get ComGetEncodedChunk Of hoBdEncrypted (iNumBytes - 16) 16 "hex" To sAuthTagHex

    Showln "Auth tag in hex: " sAuthTagHex

    Get ComAppendEncoded Of hoBdAuthTag sAuthTagHex "hex" To iSuccess
    Get ComRemoveChunk Of hoBdEncrypted (iNumBytes - 16) 16 To iSuccess

    // Use this special value to tell Chilkat to ignore the auth tag.
    Get ComSetEncodedAuthTag Of hoCrypt "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "hex" To iSuccess

    // Decrypt
    Set ComEncodingMode Of hoCrypt To "base64"
    Get ComGetEncoded Of hoBdEncrypted "base64" To sTemp1
    Get ComDecryptStringENC Of hoCrypt sTemp1 To sOriginalText
    Get ComLastMethodSuccess Of hoCrypt To bTemp1
    If (bTemp1 = False) Begin
        Get ComLastErrorText Of hoCrypt To sTemp1
        Showln sTemp1
    End
    Else Begin
        Showln sOriginalText
        Showln "Success."
    End

    // Decrypted text


End_Procedure