AESContext
Interface to low level AES encryption features.
Description
This class provides access to AES encryption/decryption of raw data. Both AES-ECB and AES-CBC mode are supported.
extends Node
var aes = AESContext.new()
func _ready():
var key = "My secret key!!!" # Key must be either 16 or 32 bytes.
var data = "My secret text!!" # Data size must be multiple of 16 bytes, apply padding if needed.
# Encrypt ECB
aes.start(AESContext.MODE_ECB_ENCRYPT, key.to_utf8())
var encrypted = aes.update(data.to_utf8())
aes.finish()
# Decrypt ECB
aes.start(AESContext.MODE_ECB_DECRYPT, key.to_utf8())
var decrypted = aes.update(encrypted)
aes.finish()
# Check ECB
assert(decrypted == data.to_utf8())
var iv = "My secret iv!!!!" # IV must be of exactly 16 bytes.
# Encrypt CBC
aes.start(AESContext.MODE_CBC_ENCRYPT, key.to_utf8(), iv.to_utf8())
encrypted = aes.update(data.to_utf8())
aes.finish()
# Decrypt CBC
aes.start(AESContext.MODE_CBC_DECRYPT, key.to_utf8(), iv.to_utf8())
decrypted = aes.update(encrypted)
aes.finish()
# Check CBC
assert(decrypted == data.to_utf8())
Methods
void | finish ( ) |
get_iv_state ( ) | |
start ( Mode mode, PoolByteArray key, PoolByteArray iv=PoolByteArray( ) ) | |
update ( PoolByteArray src ) |
Enumerations
enum Mode:
MODE_ECB_ENCRYPT = 0 —- AES electronic codebook encryption mode.
MODE_ECB_DECRYPT = 1 —- AES electronic codebook decryption mode.
MODE_CBC_ENCRYPT = 2 —- AES cipher blocker chaining encryption mode.
MODE_CBC_DECRYPT = 3 —- AES cipher blocker chaining decryption mode.
MODE_MAX = 4 —- Maximum value for the mode enum.
Method Descriptions
- void finish ( )
Close this AES context so it can be started again. See start.
- PoolByteArray get_iv_state ( )
Get the current IV state for this context (IV gets updated when calling update). You normally don’t need this function.
Note: This function only makes sense when the context is started with MODE_CBC_ENCRYPT or MODE_CBC_DECRYPT.
- Error start ( Mode mode, PoolByteArray key, PoolByteArray iv=PoolByteArray( ) )
Start the AES context in the given mode
. A key
of either 16 or 32 bytes must always be provided, while an iv
(initialization vector) of exactly 16 bytes, is only needed when mode
is either MODE_CBC_ENCRYPT or MODE_CBC_DECRYPT.
- PoolByteArray update ( PoolByteArray src )
Run the desired operation for this AES context. Will return a PoolByteArray containing the result of encrypting (or decrypting) the given src
. See start for mode of operation.
Note: The size of src
must be a multiple of 16. Apply some padding if needed.