AesCbc class abstract

AES-CBC (cipher block chaining mode) Cipher.

In browsers, the default implementation will use Web Cryptography API. On other platforms, DartAesCbc will be used.

If you use Flutter, you can enable cryptography_flutter. It can improve performance in many cases.

Things to know

  • Three possible key lengths:
  • Nonce is always 16 bytes. If you want to use a nonce with a different length (e.g. 12 bytes), you need to add zero bytes before/after your nonce.
  • You must choose some macAlgorithm. If you are sure that you don't need one, use MacAlgorithm.empty.
  • The standard supports any padding, but this uses PKCS7 padding by default (for compatibility with Web Cryptography API).

Example

import 'package:cryptography/cryptography.dart';

Future<void> main() async {
  final message = <int>[1,2,3];

  // AES-CBC with 128 bit keys and HMAC-SHA256 authentication.
  final algorithm = AesCbc.with128bits(
    macAlgorithm: Hmac.sha256(),
  );
  final secretKey = await algorithm.newSecretKey();
  final nonce = algorithm.newNonce();

  // Encrypt
  final secretBox = await algorithm.encrypt(
    message,
    secretKey: secretKey,
  );
  print('Nonce: ${secretBox.nonce}')
  print('Ciphertext: ${secretBox.cipherText}')
  print('MAC: ${secretBox.mac.bytes}')

  // Decrypt
  final clearText = await algorithm.encrypt(
    secretBox,
    secretKey: secretKey,
  );
  print('Cleartext: $clearText');
}
Inheritance
Implementers

Constructors

AesCbc.constructor({Random? random})
Constructor for classes that extend this class.
const
AesCbc.with128bits({required MacAlgorithm macAlgorithm, PaddingAlgorithm paddingAlgorithm = PaddingAlgorithm.pkcs7})
Constructs 128-bit AES-CBC.
factory
AesCbc.with192bits({required MacAlgorithm macAlgorithm, PaddingAlgorithm paddingAlgorithm = PaddingAlgorithm.pkcs7})
Constructs 192-bit AES-CBC.
factory
AesCbc.with256bits({required MacAlgorithm macAlgorithm, PaddingAlgorithm paddingAlgorithm = PaddingAlgorithm.pkcs7})
Constructs 256-bit AES-CBC.
factory

Properties

hashCode int
The hash code for this object.
no setteroverride
macAlgorithm MacAlgorithm
Message authentication code (MacAlgorithm) used by the cipher.
no setterinherited
nonceLength int
Number of bytes in the nonce ("Initialization Vector", "IV", "salt").
no setteroverride
paddingAlgorithm PaddingAlgorithm
PaddingAlgorithm used by AES-CBC.
no setter
random Random?
Random number generator used by newSecretKey for generating secret keys.
finalinherited
runtimeType Type
A representation of the runtime type of the object.
no setterinherited
secretKeyLength int
Number of bytes in the SecretKey.
no setterinherited

Methods

checkParameters({int? length, required SecretKey secretKey, required int nonceLength, int aadLength = 0, int keyStreamIndex = 0}) → void
Checks parameters for encrypt / decrypt and throws ArgumentError if any is invalid.
inherited
cipherTextLength(int clearTextLength) int
Calculates the length of the ciphertext given a clear text length.
override
decrypt(SecretBox secretBox, {required SecretKey secretKey, List<int> aad = const <int>[], Uint8List? possibleBuffer}) Future<List<int>>
Decrypts SecretBox and returns the bytes.
inherited
decryptStream(Stream<List<int>> stream, {required SecretKey secretKey, required List<int> nonce, required FutureOr<Mac> mac, List<int> aad = const [], bool allowUseSameBytes = false}) Stream<List<int>>
Decrypts a Stream of bytes.
inherited
decryptString(SecretBox secretBox, {required SecretKey secretKey}) Future<String>
Calls decrypt and then converts the bytes to a string by using utf8 codec.
inherited
encrypt(List<int> clearText, {required SecretKey secretKey, List<int>? nonce, List<int> aad = const <int>[], Uint8List? possibleBuffer}) Future<SecretBox>
Encrypts bytes and returns SecretBox.
inherited
encryptStream(Stream<List<int>> stream, {required SecretKey secretKey, required List<int> nonce, required void onMac(Mac mac), List<int> aad = const [], bool allowUseSameBytes = false}) Stream<List<int>>
Encrypts a Stream of bytes.
inherited
encryptString(String clearText, {required SecretKey secretKey}) Future<SecretBox>
Converts a string to bytes using utf8 codec and then calls encrypt.
inherited
newCipherWand() Future<CipherWand>
Constructs a CipherWand that uses this implementation and a new random secret key (that can't be extracted).
inherited
newCipherWandFromSecretKey(SecretKey secretKey, {bool allowEncrypt = true, bool allowDecrypt = true}) Future<CipherWand>
Constructs a CipherWand that uses this implementation and the given SecretKey.
inherited
newNonce() List<int>
Generates a new nonce.
inherited
newSecretKey() Future<SecretKey>
Generates a new SecretKey.
inherited
newSecretKeyFromBytes(List<int> bytes) Future<SecretKey>
Constructs a new SecretKey from the bytes.
inherited
newState() CipherState
inherited
noSuchMethod(Invocation invocation) → dynamic
Invoked when a nonexistent method or property is accessed.
inherited
toString() String
A string representation of this object.
override
toSync() DartAesCbc
Returns a synchronous, pure Dart implementation of this cipher.
override

Operators

operator ==(Object other) bool
The equality operator.
override

Constants

blockLengthInBytes → const int
Number of bytes in a block.