(Node.js) Send aes-gcm authEnvelopedData Encrypted Email

See more SMTP Examples

Note: This example requires Chilkat v10.0.0 or later

Demonstrates how to send encrypted email using 128-bit AES in GCM mode.

"AES-GCM" (Advanced Encryption Standard - Galois/Counter Mode) is a cryptographic algorithm that provides both encryption and integrity protection (authentication). When used in the context of email security with "authEnvelopedData", it often refers to a method of securely sending encrypted and authenticated email content.

Here’s a brief breakdown:

• AES-GCM: Combines symmetric encryption (AES) with authentication, ensuring both the confidentiality and integrity of the message. It generates an authentication tag to detect any unauthorized changes.
• authEnvelopedData: Refers to a type of structure used in secure email protocols (like S/MIME) to package encrypted content. It contains the encrypted data and associated encrypted session keys.
• Email Security: When applied to emails, AES-GCM ensures the email content is encrypted (confidential) and also tamper-resistant (authenticated), with the encryption keys typically shared securely using asymmetric encryption (e.g., public key infrastructure, or PKI).

In short, AES-GCM with "authEnvelopedData" provides a way to encrypt and authenticate emails, making them confidential and resistant to tampering.

Install Chilkat for Node.js and Electron using npm at Chilkat npm packages for Node.js Chilkat npm packages for Electron on Windows, Linux, MacOSX, and ARM

var os = require('os');
if (os.platform() == 'win32') {  
    if (os.arch() == 'ia32') {
        var chilkat = require('@chilkat/ck-node21-win-ia32');
    } else {
        var chilkat = require('@chilkat/ck-node21-win64'); 
    }
} else if (os.platform() == 'linux') {
    if (os.arch() == 'arm') {
        var chilkat = require('@chilkat/ck-node21-arm');
    } else if (os.arch() == 'x86') {
        var chilkat = require('@chilkat/ck-node21-linux32');
    } else {
        var chilkat = require('@chilkat/ck-node21-linux64');
    }
} else if (os.platform() == 'darwin') {
    if (os.arch() == 'arm64') {
        var chilkat = require('@chilkat/ck-node21-mac-m1');
    } else {
        var chilkat = require('@chilkat/ck-node21-macosx');
    }
}

function chilkatExample() {

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // The mailman object is used for sending and receiving email.
    var mailman = new chilkat.MailMan();

    mailman.SmtpHost = "smtp.example.com";

    mailman.SmtpUsername = "my_smtp_login";
    mailman.SmtpPassword = "my_smtp_password";

    // The typical SMTP ports are 465 for implicit SSL/TLS or 587 for explicit SSL/TLS
    mailman.SmtpPort = 465;
    mailman.SmtpSsl = true;

    // Use the recipient's certificate for encryption.
    var cert = new chilkat.Cert();
    var success = cert.LoadFromFile("c:/someDir/recipient_cert.cer");
    if (success !== true) {
        console.log(cert.LastErrorText);
        return;
    }

    var email = new chilkat.Email();

    email.Subject = "This email is encrypted";
    email.Body = "This is AES-GCM encrypted mail";
    email.From = "Mary <mary@example1.com>";
    success = email.AddTo("Joe","joe@example.com");

    // Specify that AES-GCM w/ authEnvelopedData is to be used. 
    // Also specify other params..
    email.Pkcs7CryptAlg = "aes-gcm";
    email.Pkcs7KeyLength = 128;
    email.OaepPadding = true;
    email.OaepHash = "sha256";
    email.OaepMgfHash = "sha256";

    // Indicate the email is to be sent encrypted.
    email.SendEncrypted = true;

    // Specify the certificate to be used for encryption.
    success = email.SetEncryptCert(cert);

    success = mailman.SendEmail(email);
    if (success !== true) {
        console.log(mailman.LastErrorText);
    }
    else {
        console.log("Mail Sent!");
    }


}

chilkatExample();