1# Encryption and Decryption with an AES Symmetric Key (CBC Mode) (ArkTS) 2 3 4For details about the algorithm specifications, see [AES](crypto-sym-encrypt-decrypt-spec.md#aes). 5 6 7**Encryption** 8 9 101. Use [cryptoFramework.createSymKeyGenerator](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatesymkeygenerator) and [SymKeyGenerator.generateSymKey](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatesymkey-1) to generate a 128-bit AES symmetric key (**SymKey**). 11 12 In addition to the example in this topic, [AES](crypto-sym-key-generation-conversion-spec.md#aes) and [Randomly Generating a Symmetric Key](crypto-generate-sym-key-randomly.md) may help you better understand how to generate an AES symmetric key. Note that the input parameters in the reference documents may be different from those in the example below. 13 142. Use [cryptoFramework.createCipher](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatecipher) with the string parameter **'AES128|CBC|PKCS7'** to create a **Cipher** instance. The key type is **AES128**, block cipher mode is **CBC**, and the padding mode is **PKCS7**. 15 163. Use [Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1) to initialize the **Cipher** instance. In the **Cipher.init** API, set **opMode** to **CryptoMode.ENCRYPT_MODE** (encryption), **key** to **SymKey** (the key for encryption), and **params** to **IvParamsSpec** corresponding to the CBC mode. 17 184. If the data to be encrypted is short, you can use [Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1) after **Cipher.init** to obtain the encrypted data. 19 20 21**Decryption** 22 23 241. Use [Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1) to initialize the **Cipher** instance. In the **Cipher.init** API, set **opMode** to **CryptoMode.DECRYPT_MODE** (decryption), **key** to **SymKey** (the key for decryption), and **params** to **IvParamsSpec** corresponding to the CBC mode. 25 262. If the data to be decrypted is short, you can use [Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1) after **Cipher.init** to obtain the decrypted data. 27 28 29- Example (using asynchronous APIs): 30 31 ```ts 32 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 33 import { buffer } from '@kit.ArkTS'; 34 35 function generateRandom(len: number) { 36 let rand = cryptoFramework.createRandom(); 37 let generateRandSync = rand.generateRandomSync(len); 38 return generateRandSync; 39 } 40 41 function genIvParamsSpec() { 42 let ivBlob = generateRandom(16); 43 let ivParamsSpec: cryptoFramework.IvParamsSpec = { 44 algName: "IvParamsSpec", 45 iv: ivBlob 46 }; 47 return ivParamsSpec; 48 } 49 let iv = genIvParamsSpec(); 50 // Encrypt the message. 51 async function encryptMessagePromise(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) { 52 let cipher = cryptoFramework.createCipher('AES128|CBC|PKCS7'); 53 await cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, iv); 54 let cipherData = await cipher.doFinal(plainText); 55 return cipherData; 56 } 57 // Decrypt the message. 58 async function decryptMessagePromise(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) { 59 let decoder = cryptoFramework.createCipher('AES128|CBC|PKCS7'); 60 await decoder.init(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, iv); 61 let decryptData = await decoder.doFinal(cipherText); 62 return decryptData; 63 } 64 65 async function genSymKeyByData(symKeyData: Uint8Array) { 66 let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData }; 67 let aesGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 68 let symKey = await aesGenerator.convertKey(symKeyBlob); 69 console.info('convertKey success'); 70 return symKey; 71 } 72 73 async function aesCBC() { 74 try { 75 let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]); 76 let symKey = await genSymKeyByData(keyData); 77 let message = "This is a test"; 78 let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; 79 let encryptText = await encryptMessagePromise(symKey, plainText); 80 let decryptText = await decryptMessagePromise(symKey, encryptText); 81 if (plainText.data.toString() === decryptText.data.toString()) { 82 console.info('decrypt ok'); 83 console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8')); 84 } else { 85 console.error('decrypt failed'); 86 } 87 } catch (error) { 88 console.error(`AES CBC "${error}", error code: ${error.code}`); 89 } 90 } 91 ``` 92 93- Example (using synchronous APIs): 94 95 ```ts 96 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 97 import { buffer } from '@kit.ArkTS'; 98 99 function generateRandom(len: number) { 100 let rand = cryptoFramework.createRandom(); 101 let generateRandSync = rand.generateRandomSync(len); 102 return generateRandSync; 103 } 104 105 function genIvParamsSpec() { 106 let ivBlob = generateRandom(16); 107 let ivParamsSpec: cryptoFramework.IvParamsSpec = { 108 algName: "IvParamsSpec", 109 iv: ivBlob 110 }; 111 return ivParamsSpec; 112 } 113 let iv = genIvParamsSpec(); 114 // Encrypt the message. 115 function encryptMessage(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) { 116 let cipher = cryptoFramework.createCipher('AES128|CBC|PKCS7'); 117 cipher.initSync(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, iv); 118 let cipherData = cipher.doFinalSync(plainText); 119 return cipherData; 120 } 121 // Decrypt the message. 122 function decryptMessage(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) { 123 let decoder = cryptoFramework.createCipher('AES128|CBC|PKCS7'); 124 decoder.initSync(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, iv); 125 let decryptData = decoder.doFinalSync(cipherText); 126 return decryptData; 127 } 128 129 function genSymKeyByData(symKeyData: Uint8Array) { 130 let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData }; 131 let aesGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 132 let symKey = aesGenerator.convertKeySync(symKeyBlob); 133 console.info('convertKeySync success'); 134 return symKey; 135 } 136 137 function main() { 138 try { 139 let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]); 140 let symKey = genSymKeyByData(keyData); 141 let message = "This is a test"; 142 let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; 143 let encryptText = encryptMessage(symKey, plainText); 144 let decryptText = decryptMessage(symKey, encryptText); 145 if (plainText.data.toString() === decryptText.data.toString()) { 146 console.info('decrypt ok'); 147 console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8')); 148 } else { 149 console.error('decrypt failed'); 150 } 151 } catch (error) { 152 console.error(`AES CBC "${error}", error code: ${error.code}`); 153 } 154 } 155 ``` 156