How to encrypt/decrypt with AES-GCM in Kotlin

 private val HEX_CHARS_STR = "0123456789abcdef" private val HEX_CHARS = HEX_CHARS_STR.toCharArray() fun ByteArray.toHex() : String{ val result = StringBuffer() forEach { val st = String.format("%02x", it) result.append(st) } return result.toString() } fun String.hexStringToByteArray() : ByteArray { val result = ByteArray(length / 2) for (i in 0 until length step 2) { val firstIndex = HEX_CHARS_STR.indexOf(this[i]); val secondIndex = HEX_CHARS_STR.indexOf(this[i + 1]); val octet = firstIndex.shl(4).or(secondIndex) result.set(i.shr(1), octet.toByte()) } return result } 

 class EncryptionOutput(val iv: ByteArray, val tag: ByteArray, val ciphertext: ByteArray) fun getSecretKeyFromString(key: ByteArray): SecretKey { return SecretKeySpec(key, 0, key.size, "AES") } fun encryptData(plainData: ByteArray, key: ByteArray): EncryptionOutput { val secretKey: SecretKey = getSecretKeyFromString(key) val cipher = Cipher.getInstance("AES/GCM/NoPadding") cipher.init(Cipher.ENCRYPT_MODE, secretKey) val iv = cipher.iv.copyOf() val result = cipher.doFinal(plainData) val ciphertext = result.copyOfRange(0, result.size - GCM_TAG_LENGTH) val tag = result.copyOfRange(result.size - GCM_TAG_LENGTH, result.size) return EncryptionOutput(iv, tag, ciphertext) } fun encrypt(plainText: String, inBinary: Boolean, key: String, promise: Promise) { try { val keyData = Base64.getDecoder().decode(key) val plainData = if (inBinary) Base64.getDecoder().decode(plainText) else plainText.toByteArray(Charsets.UTF_8) val sealed = encryptData(plainData, keyData) var response = WritableNativeMap() response.putString("iv", sealed.iv.toHex()) response.putString("tag", sealed.tag.toHex()) response.putString("content", Base64.getEncoder().encodeToString(sealed.ciphertext)) promise.resolve(response) } catch (e: GeneralSecurityException) { promise.reject("EncryptionError", "Failed to encrypt", e) } catch (e: Exception) { promise.reject("EncryptionError", "Unexpected error", e) } } 

 fun decryptData(ciphertext: ByteArray, key: ByteArray, iv: String, tag: String): ByteArray { val secretKey: SecretKey = getSecretKeyFromString(key) val ivData = iv.hexStringToByteArray() val tagData = tag.hexStringToByteArray() val cipher = Cipher.getInstance("AES/GCM/NoPadding") val spec = GCMParameterSpec(GCM_TAG_LENGTH * 8, ivData) cipher.init(Cipher.DECRYPT_MODE, secretKey, spec) return cipher.doFinal(ciphertext + tagData) } fun decrypt(base64CipherText: String, key: String, iv: String, tag: String, isBinary: Boolean, promise: Promise) { try { val keyData = Base64.getDecoder().decode(key) val ciphertext: ByteArray = Base64.getDecoder().decode(base64CipherText) val unsealed: ByteArray = decryptData(ciphertext, keyData, iv, tag) if (isBinary) { promise.resolve(Base64.getEncoder().encodeToString(unsealed)) } else { promise.resolve(unsealed.toString(Charsets.UTF_8)) } } catch (e: javax.crypto.AEADBadTagException) { promise.reject("DecryptionError", "Bad auth tag exception", e) } catch (e: GeneralSecurityException) { promise.reject("DecryptionError", "Failed to decrypt", e) } catch (e: Exception) { promise.reject("DecryptionError", "Unexpected error", e) } }