AES-256-GCM encrypt

Description

This operation encrypts a plaintext string using the AES-256-GCM algorithm and returns a base64(nonce || ciphertext). The output format is compatible with the AES-256-GCM decrypt operation.

The AES-256-GCM algorithm encrypts the data so that malicious actors cannot read it, and generates an authentication tag that acts as a tamper-evident seal. If a hacker alters the encrypted data, the tag will immediately alert the receiving system, preventing the data from being used.

Data types

These are the input/output expected data types for this operation:

Input data

- Strings to be encrypted.

Output data

- The base64-encoded ciphertexts with the nonce prepended.

Parameters

These are the parameters you need to configure to use this operation (mandatory parameters are marked with a *):

Encryption Key*

Choose your AES-256 encryption key, base64-encoded from your secrets. It must decode to exactly 32 bytes.

If you need to define a new encryption key, go to your Organization settings and click Secrets. Learn more in this section.

Example

Suppose you want to encrypt a series of strings encrypted with the AES-256-GCM algorithm. To do it:

In your Pipeline, open the required Action configuration and select the input Field.
In the Operation field, choose AES-256-GCM Encrypt.
Choose your Encryption Key from your list of secrets in Onum.
Give your Output field a name and click Save. You'll get your encrypted strings. For example:

Input data - "Hello, World!"

Encryption key - "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4"

Output data - "c3RhbmRhcmQgbm9uY2UxMjM0NTY3OGNpcGhlcnRleHRleGFtcGxl"

These are illustrative placeholder values, do not use this key or input in any real configuration.

PreviousAES-256-GCM decrypt NextData encoding

Last updated 12 days ago

Was this helpful?