Last active
April 18, 2023 14:02
-
-
Save marcobrador/9077f89bca7ac5b72a608eb9347b78e5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const val AAD_LENGTH = 16 | |
| const val TAG_LENGTH = 16 | |
| class EncryptionOutput(val iv: ByteArray, | |
| val aad: ByteArray, | |
| val tag: ByteArray, | |
| val ciphertext: ByteArray) | |
| fun encrypt(key: SecretKey, message: ByteArray): EncryptionOutput { | |
| val cipher = Cipher.getInstance("AES/GCM/NoPadding") | |
| cipher.init(Cipher.ENCRYPT_MODE, key) | |
| val iv = cipher.iv.copyOf() | |
| val aad = SecureRandom().generateSeed(AAD_LENGTH) | |
| cipher.updateAAD(aad) | |
| val result = cipher.doFinal(message) | |
| val ciphertext = result.copyOfRange(0, result.size - TAG_LENGTH) | |
| val tag = result.copyOfRange(result.size - TAG_LENGTH, result.size) | |
| return EncryptionOutput(iv, aad, tag, ciphertext) | |
| } | |
| fun decrypt(key: SecretKey, iv: ByteArray, aad: ByteArray, tag: ByteArray, ciphertext: ByteArray): ByteArray { | |
| val cipher = Cipher.getInstance("AES/GCM/NoPadding") | |
| val spec = GCMParameterSpec(TAG_LENGTH * 8, iv) | |
| cipher.init(Cipher.DECRYPT_MODE, key, spec) | |
| cipher.updateAAD(aad) | |
| return cipher.doFinal(ciphertext + tag) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@user7 You pass the aad to the cipher in line 14, which is then using it for authenticated encryption.