AesGcm class abstract
AES-GCM (Galois/Counter Mode) Cipher.
In browsers, the default implementation will use Web Cryptography API. On other platforms, DartAesGcm will be used.
If you use Flutter, you can enable cryptography_flutter. It can improve performance in many cases.
Things to know
- Three possible key lengths:
- 128 bits: AesGcm.with128bits
- 192 bits: AesGcm.with192bits
- 256 bits: AesGcm.with256bits
- AES-GCM takes a 128-bit "nonce" block as a parameter. It is split into a random part and block counter. In our implementation, the random part is 96 bits by default, which means the block counter is 32 bits. When block counter is 32 bits, the maximum size of a message is block_size * 2^32 = 32 GB. If you need longer messages, use a smaller nonce.
- AES-GCM standard specifies a MAC algorithm ("GCM"). The output is a 128-bit Mac.
Example
import 'package:cryptography/cryptography.dart';
Future<void> main() async {
final message = <int>[1,2,3];
final algorithm = AesGcm.with128bits();
final secretKey = await algorithm.newSecretKey();
final nonce = algorithm.newNonce();
// Encrypt
final secretBox = await algorithm.encrypt(
message,
secretKey: secretKey,
nonce: nonce,
);
print('Nonce: ${secretBox.nonce}')
print('Ciphertext: ${secretBox.cipherText}')
print('MAC: ${secretBox.mac.bytes}')
// Decrypt
final clearText = await algorithm.encrypt(
secretBox,
secretKey: secretKey,
);
print('Cleartext: $clearText');
}
- Inheritance
- Implementers
Constructors
- AesGcm.constructor({Random? random})
-
Constructor for classes that extend this class.
const
- AesGcm.with128bits({int nonceLength = AesGcm.defaultNonceLength})
-
factory
- AesGcm.with192bits({int nonceLength = AesGcm.defaultNonceLength})
-
factory
- AesGcm.with256bits({int nonceLength = AesGcm.defaultNonceLength})
-
factory
Properties
- hashCode → int
-
The hash code for this object.
no setteroverride
- macAlgorithm → MacAlgorithm
-
Message authentication code (MacAlgorithm) used by the cipher.
no setteroverride
- nonceLength → int
-
Number of bytes in the nonce ("Initialization Vector", "IV", "salt").
no setteroverride
- random → Random?
-
Random number generator used by newSecretKey for generating secret keys.
finalinherited
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
- secretKeyLength → int
-
Number of bytes in the SecretKey.
no setterinherited
Methods
-
checkParameters(
{int? length, required SecretKey secretKey, required int nonceLength, int aadLength = 0, int keyStreamIndex = 0}) → void -
Checks parameters for encrypt / decrypt and throws ArgumentError if
any is invalid.
inherited
-
cipherTextLength(
int clearTextLength) → int -
Calculates the length of the ciphertext given a clear text length.
inherited
-
decrypt(
SecretBox secretBox, {required SecretKey secretKey, List< int> aad = const <int>[], Uint8List? possibleBuffer}) → Future<List< int> > -
Decrypts SecretBox and returns the bytes.
inherited
-
decryptStream(
Stream< List< stream, {required SecretKey secretKey, required List<int> >int> nonce, required FutureOr<Mac> mac, List<int> aad = const [], bool allowUseSameBytes = false}) → Stream<List< int> > -
Decrypts a Stream of bytes.
inherited
-
decryptString(
SecretBox secretBox, {required SecretKey secretKey}) → Future< String> -
Calls decrypt and then converts the bytes to a string by using
utf8 codec.
inherited
-
encrypt(
List< int> clearText, {required SecretKey secretKey, List<int> ? nonce, List<int> aad = const <int>[], Uint8List? possibleBuffer}) → Future<SecretBox> -
Encrypts bytes and returns SecretBox.
inherited
-
encryptStream(
Stream< List< stream, {required SecretKey secretKey, required List<int> >int> nonce, required void onMac(Mac mac), List<int> aad = const [], bool allowUseSameBytes = false}) → Stream<List< int> > -
Encrypts a Stream of bytes.
inherited
-
encryptString(
String clearText, {required SecretKey secretKey}) → Future< SecretBox> -
Converts a string to bytes using utf8 codec and then calls encrypt.
inherited
-
newCipherWand(
) → Future< CipherWand> -
Constructs a CipherWand that uses this implementation and a new random
secret key (that can't be extracted).
inherited
-
newCipherWandFromSecretKey(
SecretKey secretKey, {bool allowEncrypt = true, bool allowDecrypt = true}) → Future< CipherWand> -
Constructs a CipherWand that uses this implementation and the
given SecretKey.
inherited
-
newNonce(
) → List< int> -
Generates a new nonce.
inherited
-
newSecretKey(
) → Future< SecretKey> -
Generates a new SecretKey.
inherited
-
newSecretKeyFromBytes(
List< int> bytes) → Future<SecretKey> -
Constructs a new SecretKey from the bytes.
inherited
-
newState(
) → CipherState -
inherited
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
toString(
) → String -
A string representation of this object.
override
-
toSync(
) → DartAesGcm -
Returns a synchronous, pure Dart implementation of this cipher.
override
Operators
-
operator ==(
Object other) → bool -
The equality operator.
override
Constants
- aesGcmMac → const MacAlgorithm
- MAC algorithm used by AES-GCM.
- defaultNonceLength → const int