# Encryption The `Ably.Realtime.Crypto``Ably::Util::Crypto``io.ably.lib.util.Crypto``ARTCrypto` object exposes the following public methods: ## Methods ### getDefaultParamsget_default_paramsGetDefaultParams `Crypto.getDefaultParams(Object params): CipherParams` `CipherParams Crypto.get_default_params(Hash params)` `CipherParams Crypto.getDefaultParams(Param[] params)` `getDefaultParams(values: [NSObject : AnyObject]) -> ARTCipherParams` `static CipherParams GetDefaultParams(byte[] key = null, byte[] iv = null, CipherMode? mode = null)` This call obtains a [`CipherParams`](#cipher-params) object using the values passed in (which must be a subset of `CipherParams` fields that at a minimum includes a `key`), filling in any unspecified fields with default values, and checks that the result is a valid and self-consistent. You will rarely need to call this yourself, since the client library will handle it for you if you specify `cipher` params when initializing a channel (as in the [getting started example](https://ably.com/docs/channels/options/encryption)) or when setting channel options with `channel.setOptions()`. #### Parameters | Parameter | Description | Type | |-----------|-------------|------| | paramsarguments | The cipher paramsarguments that you want to specify. It must at a minimum include a `key`, which should be either a binary (`byte[]``ArrayBuffer` or `Uint8Array``Buffer`byte array`NSData`) or a base64-encoded `NS``String`. | `Object``Hash``Param[]``[NSObject : AnyObject]``byte[] key`, `byte[] iv`, `CipherMode? mode` | #### Returns On success, the method returns a complete [`CipherParams`](#cipher-params) object. Failure will raise an [`AblyException`](https://ably.com/docs/api/realtime-sdk/types#ably-exception) exception. #### Example


```javascript
  const cipherParams = Ably.Realtime.Crypto.getDefaultParams({ key:  });
  const channelOpts = { cipher: cipherParams };
  const channel = realtime.channels.get('your-channel-name', channelOpts);
```


```nodejs
  const cipherParams = Ably.Realtime.Crypto.getDefaultParams({ key:  });
  const channelOpts = { cipher: cipherParams };
  const channel = realtime.channels.get('your-channel-name', channelOpts);
```


```ruby
  cipher_params = Ably::Util::Crypto.get_default_params({key: })
  channel_opts = { cipher: cipher_params }
  channel = realtime.channels.get('your-channel-name', channel_opts)
```


```java
  CipherParams params = Crypto.getDefaultParams(new Param[]{ new Param("key", ) });
  ChannelOptions options = new ChannelOptions();
  options.encrypted = true;
  options.cipherParams = params;
  Channel channel = realtime.channels.get("your-channel-name", options);
```


```csharp
  var @params = Crypto.GetDefaultParams();
  ChannelOptions options = new ChannelOptions(@params);
  var realtime = new AblyRealtime("your-api-key");
  var channel = realtime.Channels.Get("your-channel-name", options);
```


```objc
ARTCipherParams *params = [ARTCrypto getDefaultParams:@{@"key": }];
ARTChannelOptions *options = [[ARTChannelOptions alloc] initWithCipher:params];
ARTRealtimeChannel *channel = [realtime.channels get:@"your-channel-name" options:options];
```


```swift
let params = ARTCrypto.getDefaultParams(["key": ])
let options = ARTChannelOptions(cipher: params)
let channel = realtime.channels.get("your-channel-name", options: options)
```

### generateRandomKeygenerate_random_keyGenerateRandomKey `Crypto.generateRandomKey(Int keyLength?, callback(ErrorInfo err, Buffer key))` `Crypto.generateRandomKey(Number keyLength?): Promise` `Crypto.generateRandomKey(Number keyLength?): Promise` `byte array Crypto.generate_random_key(Int key_length?)` `byte[] Crypto.generateRandomKey(Int keyLength?)` `generateRandomKey(length?: UInt) -> NSData` `static byte[] GenerateRandomKey(CipherMode? mode = null, int? keyLength = null)` This call obtains a randomly-generated binary key of the specified key length. #### Parameters | Parameter | Description | Type | |-----------|-------------|------| | keyLengthkey_length | Optional. The length of key to generate. For AES, this should be either 128 or 256. If unspecified, defaults to 256. | `Int``Number` | | Parameter | Description | Type | |-----------|-------------|------| | keyLength | Optional. The length of key to generate. For AES, this should be either 128 or 256. If unspecified, defaults to 256. | `Int` | | mode | Optional AES cipher mode which is used when the key is generated | `CipherMode` | #### Returns Returns a promise. On success, the promise is fulfilled with the generated key as an `ArrayBuffer`a `Buffer`. On failure, the promise is rejected with an [`ErrorInfo`](https://ably.com/docs/api/realtime-sdk/types#error-info) object that details the reason why it was rejected. #### Returns On success, the method returns the generated key as a `byte[]` arraybyte array`NSData`. Failure will raise an [`AblyException`](https://ably.com/docs/api/realtime-sdk/types#ably-exception). #### Example


```javascript
  const key = await Ably.Realtime.Crypto.generateRandomKey(256);
  const channel = realtime.channels.get('your-channel-name', { cipher: { key: key } });
```


```nodejs
  const key = await Ably.Realtime.Crypto.generateRandomKey(256);
  const channel = realtime.channels.get('your-channel-name', { cipher: { key: key } });
```


```ruby
  key = Ably::Util::Crypto.generate_random_key(256)
  channel = realtime.channels.get('your-channel-name', {cipher: {key: key}})
```


```java
  byte[] key = Crypto.generateRandomKey(256);
  ChannelOptions options = ChannelOptions.withCipher(key);
  Channel channel = realtime.channels.get("your-channel-name", options);
```


```csharp
  byte[] key = Crypto.GenerateRandomKey(keyLength: 256);
  var options = new ChannelOptions(key);
  var channel = realtime.Channels.Get("your-channel-name", options);
```


```objc
  NSData *key = [ARTCrypto generateRandomKey:256];
  ARTChannelOptions *options = [[ARTChannelOptions alloc] initWithCipherKey:key];
  ARTRealtimeChannel *channel = [realtime.channels get:@"your-channel-name" options:options];
```


```swift
let key = ARTCrypto.generateRandomKey(256)
let options = ARTChannelOptions(cipherWithKey: key)
let channel = realtime.channels.get("your-channel-name", options: options)
```

## Related types ### ChannelOptions ObjectARTChannelOptionsChannelOptions Hashio.ably.types.ChannelOptionsIO.Ably.ChannelOptions Channel options are used for setting [channel parameters](https://ably.com/docs/channels/options) and [configuring encryption](https://ably.com/docs/channels/options/encryption). `ChannelOptions`, a plain JavaScript object, may optionally be specified when instancing a [`Channel`](https://ably.com/docs/channels), and this may be used to specify channel-specific options. The following attributes can be defined on the object: `ChannelOptions`, a Hash object, may optionally be specified when instancing a [`Channel`](https://ably.com/docs/channels), and this may be used to specify channel-specific options. The following key symbol values can be added to the Hash: `ART``io.ably.lib.types.``ChannelOptions` may optionally be specified when instancing a [`Channel`](https://ably.com/docs/channels), and this may be used to specify channel-specific options. `IO.Ably.ChannelOptions` may optionally be specified when instancing a [`Channel`](https://ably.com/docs/channels), and this may be used to specify channel-specific options. #### PropertiesMembersAttributes | Property | Description | Type | |----------|-------------|------| | paramsParams | Optional [parameters](https://ably.com/docs/channels/options) which specify behaviour of the channel. | `Map``JSON Object` | | cipherCipherParams | Requests encryption for this channel when not null, and specifies encryption-related parameters (such as algorithm, chaining mode, key length and key). See [an example](https://ably.com/docs/channels/options/encryption). Must contain at a minimum a `key`. | [`CipherParams`](https://ably.com/docs/api/realtime-sdk/encryption#cipher-params) or options object or `Param[]` or options hash | | Property | Description | Type | |----------|-------------|------| | :cipher | Requests encryption for this channel when not null, and specifies encryption-related parameters (such as algorithm, chaining mode, key length and key). See [an example](docs/channels/options/encryption) | [`CipherParams`](https://ably.com/docs/api/realtime-sdk/encryption) or an options hash containing at a minimum a `key` | #### Static methods ##### withCipherKey `static ChannelOptions.withCipherKey(Byte[] or String key)` A helper method to generate a `ChannelOptions` for the simple case where you only specify a key. #### Parameters | Parameter | Description | Type | |-----------|-------------|------| | key | A binary `Byte[]` array or a base64-encoded `String`. | `Byte[]` or `String` | #### Returns On success, the method returns a complete `ChannelOptions` object. Failure will raise an [`AblyException`](https://ably.com/docs/api/realtime-sdk/types#ably-exception). ### CipherParamsARTCipherParamsCipherParams Hashio.ably.lib.util.Crypto.CipherParamsIO.Ably.CipherParams A `CipherParams` contains configuration options for a channel cipher, including algorithm, mode, key length and key. Ably client libraries currently support AES with CBC, PKCS#7 with a default key length of 256 bits. All implementations also support AES128. Individual client libraries may support either instancing a `CipherParams` directly, using [`Crypto.getDefaultParams()`](https://ably.com/docs/api/realtime-sdk/encryption#get-default-params)[`Crypto.GetDefaultParams()`](https://ably.com/docs/api/realtime-sdk/encryption#get-default-params)[`Crypto.get_default_params()`](https://ably.com/docs/api/realtime-sdk/encryption#get-default-params), or generating one automatically when initializing a channel, as in [this example](https://ably.com/docs/channels/options/encryption). #### PropertiesMembersAttributes | Property | Description | Type | |----------|-------------|------| | keyKey:key | The secret key used for encryption and decryption. Can be binary or base64-encoded. | `byte[]``ArrayBuffer` or `Uint8Array``Buffer`byte array`NSData``String` or base64-encoded `NS``String` | | algorithm:algorithmAlgorithm | The name of the algorithm in the default system provider, or the lower-cased version of it; eg "aes" or "AES".
_Default: AES_. | `String` | | keyLength:key_lengthKeyLength | The key length in bits of the cipher, either 128 or 256.
_Default: 256_. | `Integer` | | mode:modeMode | The cipher mode.
_Default: CBC_. | `String``CipherMode` | | Property | Description | Type | |----------|-------------|------| | algorithm | The name of the algorithm in the default system provider, or the lower-cased version of it; eg "aes" or "AES".
_Default: AES_. | `String` | | keyLength | The key length in bits of the cipher, either 128 or 256.
_Default: 256_. | `Integer` | | mode | The cipher mode.
_Default: CBC_. | `String` | | keySpec | A `KeySpec` for the cipher key. | `SecretKeySpec` |