Decryption key (16/24/32 bytes for AES-128/192/256)
Initialization vector (must match encryption)
Encrypted data
Authentication tag from encryption
Optionalaad: ArrayBuffer | Uint8Array<ArrayBufferLike>Optional additional authenticated data (must match encryption)
Object containing plaintext and verification status
const crypto = import.meta.use('crypto');
const key = crypto.randomBytes(32);
const iv = crypto.randomBytes(12);
const plaintext = new TextEncoder().encode('Hello, World!');
const aad = new TextEncoder().encode('Additional authenticated data');
// Encrypt
const encrypted = crypto.gcmEncrypt(key, iv, plaintext, aad);
// Decrypt
const decrypted = crypto.gcmDecrypt(key, iv, encrypted.ciphertext, encrypted.tag, aad);
if (decrypted.verified) {
console.log('Decryption successful:', new TextDecoder().decode(decrypted.plaintext));
} else {
console.log('Authentication failed!');
}
Decrypt data using AES-GCM with optional AAD (Additional Authenticated Data)