# Examples for decrypting message {% tabs %} {% tab title="C#" %} ``` using System; using System.Linq; using System.Text; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Modes; using Org.BouncyCastle.Crypto.Parameters; namespace DecryptionExample { // You need to install bccrypto-csharp from BouncyCastle. Please see BouncyCastle page. class Program { static void Main(string[] args) { string keyFromConfiguration = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"; // Data from server string ivFromHttpHeader = "000000000000000000000000"; string authTagFromHttpHeader = "CE573FB7A41AB78E743180DC83FF09BD"; string httpBody = "0A3471C72D9BE49A8520F79C66BBD9A12FF9"; // Convert data to process byte[] key = ToByteArray(keyFromConfiguration); byte[] iv = ToByteArray(ivFromHttpHeader); byte[] authTag = ToByteArray(authTagFromHttpHeader); byte[] encryptedText = ToByteArray(httpBody); byte[] cipherText = encryptedText.Concat(authTag).ToArray(); // Prepare decryption GcmBlockCipher cipher = new GcmBlockCipher(new AesFastEngine()); AeadParameters parameters = new AeadParameters(new KeyParameter(key), 128, iv); cipher.Init(false, parameters); // Decrypt var plainText = new byte[cipher.GetOutputSize(cipherText.Length)]; var len = cipher.ProcessBytes(cipherText, 0, cipherText.Length, plainText, 0); cipher.DoFinal(plainText, len); Console.WriteLine(Encoding.ASCII.GetString(plainText)); } static byte[] ToByteArray(string HexString) { int NumberChars = HexString.Length; byte[] bytes = new byte[NumberChars / 2]; for (int i = 0; i < NumberChars; i += 2) { bytes[i / 2] = Convert.ToByte(HexString.Substring(i, 2), 16); } return bytes; } } } ``` {% endtab %} {% tab title="Groovy" %} ``` import org.bouncycastle.jce.provider.BouncyCastleProvider import javax.crypto.spec.IvParameterSpec import javax.crypto.spec.SecretKeySpec import java.security.Security // For Java and JVM-based languages, you might need to install unrestricted policy file for JVM, // which is provided by Sun. Please refer BouncyCastle FAQ if you get // java.lang.SecurityException: Unsupported keysize or algorithm parameters or // java.security.InvalidKeyException: Illegal key size. // If you cannot install unrestricted policy file for JVM because of some reason, you can try with reflection: See here. class Cipher { static void main(String[] args) { Security.addProvider(new BouncyCastleProvider()) // Data from configuration def keyFromConfiguration = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f" // Data from server def ivFromHttpHeader = "000000000000000000000000" def authTagFromHttpHeader = "CE573FB7A41AB78E743180DC83FF09BD" def httpBody = "0A3471C72D9BE49A8520F79C66BBD9A12FF9" // Convert data to process def key = keyFromConfiguration.decodeHex() def iv = ivFromHttpHeader.decodeHex() def authTag = authTagFromHttpHeader.decodeHex() as Byte[] def encryptedText = httpBody.decodeHex() as Byte[] // Unlike other programming language, We have to append auth tag at the end of encrypted text def cipherText = encryptedText + authTag as Byte[] // Prepare decryption def keySpec = new SecretKeySpec(key, 0, 32, "AES") def cipher = javax.crypto.Cipher.getInstance("AES/GCM/NoPadding") cipher.init(javax.crypto.Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(iv)) // Decrypt def result = cipher.doFinal(cipherText) println(new String(result, "UTF-8")) } } ``` {% endtab %} {% tab title="Java" %} ``` import com.google.common.base.Charsets; import org.apache.commons.lang3.ArrayUtils; import org.bouncycastle.jce.provider.BouncyCastleProvider; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import javax.xml.bind.DatatypeConverter; import java.security.Security; // For Java and JVM-based languages, you might need to install unrestricted policy file for JVM, // which is provided by Sun. Please refer BouncyCastle FAQ if you get // java.lang.SecurityException: Unsupported keysize or algorithm parameters or // java.security.InvalidKeyException: Illegal key size. // If you cannot install unrestricted policy file for JVM because of some reason, you can try with reflection: See here. public class Decryption { public static void main(String[] args) throws Exception { Security.addProvider(new BouncyCastleProvider()); // Data from configuration String keyFromConfiguration = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"; // Data from server String ivFromHttpHeader = "000000000000000000000000"; String authTagFromHttpHeader = "CE573FB7A41AB78E743180DC83FF09BD"; String httpBody = "0A3471C72D9BE49A8520F79C66BBD9A12FF9"; // Convert data to process byte[] key = DatatypeConverter.parseHexBinary(keyFromConfiguration); byte[] iv = DatatypeConverter.parseHexBinary(ivFromHttpHeader); byte[] authTag = DatatypeConverter.parseHexBinary(authTagFromHttpHeader); byte[] encryptedText = DatatypeConverter.parseHexBinary(httpBody); // Unlike other programming language, We have to append auth tag at the end of encrypted text in Java byte[] cipherText = ArrayUtils.addAll(encryptedText, authTag); // Prepare decryption SecretKeySpec keySpec = new SecretKeySpec(key, 0, 32, "AES"); Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); cipher.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(iv)); // Decrypt byte[] bytes = cipher.doFinal(cipherText); System.out.println(new String(bytes, Charsets.UTF_8)); } } ``` {% endtab %} {% tab title="Node.js" %} ``` var crypto = require("crypto"); // Data from configuration var secretFromConfiguration = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"; // Data from server var ivfromHttpHeader = "000000000000000000000000"; var authTagFromHttpHeader = "CE573FB7A41AB78E743180DC83FF09BD"; var httpBody = "0A3471C72D9BE49A8520F79C66BBD9A12FF9"; // Convert data to process var key = new Buffer(secretFromConfiguration, "hex"); var iv = new Buffer(ivfromHttpHeader, "hex"); var authTag = new Buffer(authTagFromHttpHeader, "hex"); var cipherText = new Buffer(httpBody, "hex"); // Prepare descryption var decipher = crypto.createDecipheriv("aes-256-gcm", key, iv); decipher.setAuthTag(authTag); // Decrypt var result = decipher.update(cipherText) + decipher.final(); console.log(result); ``` {% endtab %} {% tab title="Php" %} ``` ``` {% endtab %} {% tab title="Phyton" %} ``` import os import binascii from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.backends import default_backend # Data from configuration key_from_configuration = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f" # Data from server iv_from_http_header = "000000000000000000000000" auth_tag_from_http_header = "CE573FB7A41AB78E743180DC83FF09BD" http_body = "0A3471C72D9BE49A8520F79C66BBD9A12FF9" # Convert data to process key = binascii.unhexlify(key_from_configuration) iv = binascii.unhexlify(iv_from_http_header) auth_tag = binascii.unhexlify(auth_tag_from_http_header) cipher_text = binascii.unhexlify(http_body) # Prepare decryption decryptor = Cipher(algorithms.AES(key), modes.GCM(iv, auth_tag), backend = default_backend()).decryptor() # Decrypt result = decryptor.update(cipher_text) + decryptor.finalize() print(result) ``` {% endtab %} {% tab title="Ruby" %} ``` require("openssl") # Convert hexadecimal string def convert(hex) return [hex].pack("H*") end # Create new decipher def new_decipher(key, iv) cipher = OpenSSL::Cipher.new("aes-256-gcm") cipher.decrypt cipher.key = key cipher.iv = iv return cipher end # Data from configuration key_from_configuration = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f" # Data from server iv_from_http_header = "000000000000000000000000" auth_tag_from_http_header = "CE573FB7A41AB78E743180DC83FF09BD" http_body = "0A3471C72D9BE49A8520F79C66BBD9A12FF9" # Convert data to process key = convert(key_from_configuration) iv = convert(iv_from_http_header) auth_tag = convert(auth_tag_from_http_header) cipher_text = convert(http_body) # Prepare decryption decipher = new_decipher(key, iv) decipher.auth_tag = auth_tag # Decrypt result = decipher.update(cipher_text) + decipher.final puts result ``` {% endtab %} {% tab title="Scala" %} ``` import java.nio.charset.Charset; import java.security.Security import java.security.SecureRandom; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import javax.xml.bind.DatatypeConverter; import org.bouncycastle.jce.provider.BouncyCastleProvider // For Java and JVM-based languages, you might need to install unrestricted policy file for JVM, // which is provided by Sun. Please refer BouncyCastle FAQ if you get // java.lang.SecurityException: Unsupported keysize or algorithm parameters or // java.security.InvalidKeyException: Illegal key size. // If you cannot install unrestricted policy file for JVM because of some reason, you can try with reflection: See here. object Cipher { def main(args: Array[String]) = { Security.addProvider(new BouncyCastleProvider()) // Data from configuration val keyFromConfiguration = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f" // Data from server val ivFromHttpHeader = "000000000000000000000000" val authTagFromHttpHeader = "CE573FB7A41AB78E743180DC83FF09BD" val httpBody = "0A3471C72D9BE49A8520F79C66BBD9A12FF9" // Convert data to process val key = hexToBin(keyFromConfiguration) val iv = hexToBin(ivFromHttpHeader) val authTag = hexToBin(authTagFromHttpHeader) val encryptedText = hexToBin(httpBody) // Unlike other programming language, We have to append auth tag at the end of encrypted text val cipherText = encryptedText ++ authTag // Prepare decryption val keySpec = new SecretKeySpec(key, 0, 32, "AES") val cipher = javax.crypto.Cipher.getInstance("AES/GCM/NoPadding") cipher.init(javax.crypto.Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(iv)) // Decrypt val result = cipher.doFinal(cipherText) println(new String(result, "UTF-8")) } def hexToBin(hex: String) : Array[Byte] = { return DatatypeConverter.parseHexBinary(hex) } } ``` {% endtab %} {% endtabs %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://developers.primeiropay.com/webhook-1/examples-for-decrypting-message.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.