Attention: Here be dragons

This is the latest (unstable) version of this documentation, which may document features not available in or compatible with released stable versions of Godot.

AESContext

Inherits: RefCounted < Object

Provides access to AES encryption/decryption of raw data.

Description

This class holds the context information required for encryption and decryption operations with AES (Advanced Encryption Standard). Both AES-ECB and AES-CBC modes are supported.

extends Node

var aes = AESContext.new()

func _ready():
    var key = "My secret key!!!" # Key must be either 16 or 32 bytes.
    var data = "My secret text!!" # Data size must be multiple of 16 bytes, apply padding if needed.
    # Encrypt ECB
    aes.start(AESContext.MODE_ECB_ENCRYPT, key.to_utf8_buffer())
    var encrypted = aes.update(data.to_utf8_buffer())
    aes.finish()
    # Decrypt ECB
    aes.start(AESContext.MODE_ECB_DECRYPT, key.to_utf8_buffer())
    var decrypted = aes.update(encrypted)
    aes.finish()
    # Check ECB
    assert(decrypted == data.to_utf8_buffer())

    var iv = "My secret iv!!!!" # IV must be of exactly 16 bytes.
    # Encrypt CBC
    aes.start(AESContext.MODE_CBC_ENCRYPT, key.to_utf8_buffer(), iv.to_utf8_buffer())
    encrypted = aes.update(data.to_utf8_buffer())
    aes.finish()
    # Decrypt CBC
    aes.start(AESContext.MODE_CBC_DECRYPT, key.to_utf8_buffer(), iv.to_utf8_buffer())
    decrypted = aes.update(encrypted)
    aes.finish()
    # Check CBC
    assert(decrypted == data.to_utf8_buffer())

Methods

void

finish()

PackedByteArray

get_iv_state()

Error

start(mode: Mode, key: PackedByteArray, iv: PackedByteArray = PackedByteArray())

PackedByteArray

update(src: PackedByteArray)


Enumerations

enum Mode:

Mode MODE_ECB_ENCRYPT = 0

AES electronic codebook encryption mode.

Mode MODE_ECB_DECRYPT = 1

AES electronic codebook decryption mode.

Mode MODE_CBC_ENCRYPT = 2

AES cipher blocker chaining encryption mode.

Mode MODE_CBC_DECRYPT = 3

AES cipher blocker chaining decryption mode.

Mode MODE_MAX = 4

Maximum value for the mode enum.


Method Descriptions

void finish()

Close this AES context so it can be started again. See start.


PackedByteArray get_iv_state()

Get the current IV state for this context (IV gets updated when calling update). You normally don't need this function.

Note: This function only makes sense when the context is started with MODE_CBC_ENCRYPT or MODE_CBC_DECRYPT.


Error start(mode: Mode, key: PackedByteArray, iv: PackedByteArray = PackedByteArray())

Start the AES context in the given mode. A key of either 16 or 32 bytes must always be provided, while an iv (initialization vector) of exactly 16 bytes, is only needed when mode is either MODE_CBC_ENCRYPT or MODE_CBC_DECRYPT.


PackedByteArray update(src: PackedByteArray)

Run the desired operation for this AES context. Will return a PackedByteArray containing the result of encrypting (or decrypting) the given src. See start for mode of operation.

Note: The size of src must be a multiple of 16. Apply some padding if needed.


User-contributed notes

Please read the User-contributed notes policy before submitting a comment.