You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
the line:
var iv = "My secret iv!!!!" # IV must be of exactly 16 bytes.
the iv in reality is supposed to be changed random each time you send out an encrypted piece of information... this prevents certain types of attacks. The IV is sent unencrypted along with the encrypted data. So an attacker can see the IV each time but it should be random..... i guess this is irritating but i had to make a little function:
static func get_random_bytes(count: int) -> PackedByteArray:
randomize()
var bytes = PackedByteArray()
bytes.resize(count)
for i in count:
bytes[i] = randi() % 255
return bytes
CBC in the example is the best choice, the ECB i belive is pretty much obsolete
so i don't know if you can hold the users hand, but it's just a potential security loophole if someone follows the example
The text was updated successfully, but these errors were encountered:
in the example it is slightly dangerous:
https://docs.godotengine.org/en/stable/classes/class_aescontext.html
the line:
var iv = "My secret iv!!!!" # IV must be of exactly 16 bytes.
the iv in reality is supposed to be changed random each time you send out an encrypted piece of information... this prevents certain types of attacks. The IV is sent unencrypted along with the encrypted data. So an attacker can see the IV each time but it should be random..... i guess this is irritating but i had to make a little function:
CBC in the example is the best choice, the ECB i belive is pretty much obsolete
so i don't know if you can hold the users hand, but it's just a potential security loophole if someone follows the example
The text was updated successfully, but these errors were encountered: