Sample code for 30+ languages & platforms
PureBasic

Decrypt 256-bit AES GCM Produced by Something Unknown

See more Encryption Examples

Demonstrates how to decrypt something produced elsewhere (unknown) with 256-bit AES GCM.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkCrypt2.pb"
IncludeFile "CkBinData.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example assumes the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; We have the following to decrypt:

    ; Key (Base64): 
    keyBase64.s = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

    ; IV (Base64Url):
    ivBase64Url.s = "xrvaINMLqotAbWRK"

    ; ciphertext (base64url):
    cipherBase64Url.s = "RtGNAS-zQOxSB8W0HfqJjCoyt9KgImW_l-HjVC40hOOl-RNfRF3hzDIT1kvFVF8i_KX9XmqAftb6lyq-jLCEc_MSgqt3q1ixv3Ez4SbS3G5e3qGzLwxIMi2sCt00aDNwK2ipsJ4aw8s7ePPnl4oY-y1st9rwCWR0rrgEZwS9jmS4uJWGPn9K3jbKRnMslznDbtFLNJctMVXBTP-cv47JelxLCBOQSlK29rMuEFrhHR_VQrPq6gtZaBVSXZSYT0XOklp7nu9mVhrMCRtBCC5oiu5MPE5JYx4ANo3hUY7_NyQl2bpn9GfRXrdvqRGE-gy2upj-cDkm0t_tV8xmYge9DBQTH3B_4BGl2qTk_o-m7pEmKkS8XSdQhGcuFlykqrkE8SzB5I8esfzWOM0pwxbz0H_VaylKYHY="

    crypt.i = CkCrypt2::ckCreate()
    If crypt.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkCrypt2::setCkCryptAlgorithm(crypt, "aes")
    CkCrypt2::setCkCipherMode(crypt, "gcm")
    CkCrypt2::setCkKeyLength(crypt, 256)

    success = CkCrypt2::ckSetEncodedAad(crypt,"random","ascii")
    CkCrypt2::ckSetEncodedKey(crypt,keyBase64,"base64")
    CkCrypt2::ckSetEncodedIV(crypt,ivBase64Url,"base64url")

    ; The cipher text contains the 16-byte auth tag at the end.
    ; get it separately..
    bdEncrypted.i = CkBinData::ckCreate()
    If bdEncrypted.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    bdAuthTag.i = CkBinData::ckCreate()
    If bdAuthTag.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkBinData::ckAppendEncoded(bdEncrypted,cipherBase64Url,"base64url")

    numBytes.i = CkBinData::ckNumBytes(bdEncrypted)
    authTagHex.s = CkBinData::ckGetEncodedChunk(bdEncrypted,numBytes - 16,16,"hex")

    Debug "Auth tag in hex: " + authTagHex

    success = CkBinData::ckAppendEncoded(bdAuthTag,authTagHex,"hex")
    CkBinData::ckRemoveChunk(bdEncrypted,numBytes - 16,16)

    ; Use this special value to tell Chilkat to ignore the auth tag.
    success = CkCrypt2::ckSetEncodedAuthTag(crypt,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF","hex")

    ; Decrypt
    CkCrypt2::setCkEncodingMode(crypt, "base64")
    originalText.s = CkCrypt2::ckDecryptStringENC(crypt,CkBinData::ckGetEncoded(bdEncrypted,"base64"))
    If CkCrypt2::ckLastMethodSuccess(crypt) = 0
        Debug CkCrypt2::ckLastErrorText(crypt)
    Else
        Debug originalText
        Debug "Success."
    EndIf

    ; Decrypted text


    CkCrypt2::ckDispose(crypt)
    CkBinData::ckDispose(bdEncrypted)
    CkBinData::ckDispose(bdAuthTag)


    ProcedureReturn
EndProcedure