AESContext

Inherits: RefCounted < Object

Interface to low level AES encryption features.

Description

This class provides access to AES encryption/decryption of raw data. Both AES-ECB and AES-CBC mode are supported.

extends Node

var aes = AESContext.new()

func _ready():
    var key = "My secret key!!!" # Key must be either 16 or 32 bytes.
    var data = "My secret text!!" # Data size must be multiple of 16 bytes, apply padding if needed.
    # Encrypt ECB
    aes.start(AESContext.MODE_ECB_ENCRYPT, key.to_utf8())
    var encrypted = aes.update(data.to_utf8())
    aes.finish()
    # Decrypt ECB
    aes.start(AESContext.MODE_ECB_DECRYPT, key.to_utf8())
    var decrypted = aes.update(encrypted)
    aes.finish()
    # Check ECB
    assert(decrypted == data.to_utf8())

    var iv = "My secret iv!!!!" # IV must be of exactly 16 bytes.
    # Encrypt CBC
    aes.start(AESContext.MODE_CBC_ENCRYPT, key.to_utf8(), iv.to_utf8())
    encrypted = aes.update(data.to_utf8())
    aes.finish()
    # Decrypt CBC
    aes.start(AESContext.MODE_CBC_DECRYPT, key.to_utf8(), iv.to_utf8())
    decrypted = aes.update(encrypted)
    aes.finish()
    # Check CBC
    assert(decrypted == data.to_utf8())

Methods

void

finish ( )

PackedByteArray

get_iv_state ( )

Error

start ( Mode mode, PackedByteArray key, PackedByteArray iv=PackedByteArray() )

PackedByteArray

update ( PackedByteArray src )


Enumerations

enum Mode:

Mode MODE_ECB_ENCRYPT = 0

AES electronic codebook encryption mode.

Mode MODE_ECB_DECRYPT = 1

AES electronic codebook decryption mode.

Mode MODE_CBC_ENCRYPT = 2

AES cipher blocker chaining encryption mode.

Mode MODE_CBC_DECRYPT = 3

AES cipher blocker chaining decryption mode.

Mode MODE_MAX = 4

Maximum value for the mode enum.


Method Descriptions

void finish ( )

Close this AES context so it can be started again. See start.


PackedByteArray get_iv_state ( )

Get the current IV state for this context (IV gets updated when calling update). You normally don't need this function.

Note: This function only makes sense when the context is started with MODE_CBC_ENCRYPT or MODE_CBC_DECRYPT.


Error start ( Mode mode, PackedByteArray key, PackedByteArray iv=PackedByteArray() )

Start the AES context in the given mode. A key of either 16 or 32 bytes must always be provided, while an iv (initialization vector) of exactly 16 bytes, is only needed when mode is either MODE_CBC_ENCRYPT or MODE_CBC_DECRYPT.


PackedByteArray update ( PackedByteArray src )

Run the desired operation for this AES context. Will return a PackedByteArray containing the result of encrypting (or decrypting) the given src. See start for mode of operation.

Note: The size of src must be a multiple of 16. Apply some padding if needed.