doc/classes/AESContext.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130

<?xml version="1.0" encoding="UTF-8" ?>
<class name="AESContext" inherits="RefCounted" version="4.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../class.xsd">
	<brief_description>
		Interface to low level AES encryption features.
	</brief_description>
	<description>
		This class provides access to AES encryption/decryption of raw data. Both AES-ECB and AES-CBC mode are supported.
		[codeblocks]
		[gdscript]
		extends Node

		var aes = AESContext.new()

		func _ready():
		    var key = "My secret key!!!" # Key must be either 16 or 32 bytes.
		    var data = "My secret text!!" # Data size must be multiple of 16 bytes, apply padding if needed.
		    # Encrypt ECB
		    aes.start(AESContext.MODE_ECB_ENCRYPT, key.to_utf8())
		    var encrypted = aes.update(data.to_utf8())
		    aes.finish()
		    # Decrypt ECB
		    aes.start(AESContext.MODE_ECB_DECRYPT, key.to_utf8())
		    var decrypted = aes.update(encrypted)
		    aes.finish()
		    # Check ECB
		    assert(decrypted == data.to_utf8())

		    var iv = "My secret iv!!!!" # IV must be of exactly 16 bytes.
		    # Encrypt CBC
		    aes.start(AESContext.MODE_CBC_ENCRYPT, key.to_utf8(), iv.to_utf8())
		    encrypted = aes.update(data.to_utf8())
		    aes.finish()
		    # Decrypt CBC
		    aes.start(AESContext.MODE_CBC_DECRYPT, key.to_utf8(), iv.to_utf8())
		    decrypted = aes.update(encrypted)
		    aes.finish()
		    # Check CBC
		    assert(decrypted == data.to_utf8())
		[/gdscript]
		[csharp]
		using Godot;
		using System;
		using System.Diagnostics;

		public class Example : Node
		{
		    public AESContext Aes = new AESContext();
		    public override void _Ready()
		    {
		        string key = "My secret key!!!"; // Key must be either 16 or 32 bytes.
		        string data = "My secret text!!"; // Data size must be multiple of 16 bytes, apply padding if needed.
		        // Encrypt ECB
		        Aes.Start(AESContext.Mode.EcbEncrypt, key.ToUTF8());
		        byte[] encrypted = Aes.Update(data.ToUTF8());
		        Aes.Finish();
		        // Decrypt ECB
		        Aes.Start(AESContext.Mode.EcbDecrypt, key.ToUTF8());
		        byte[] decrypted = Aes.Update(encrypted);
		        Aes.Finish();
		        // Check ECB
		        Debug.Assert(decrypted == data.ToUTF8());

		        string iv = "My secret iv!!!!"; // IV must be of exactly 16 bytes.
		        // Encrypt CBC
		        Aes.Start(AESContext.Mode.EcbEncrypt, key.ToUTF8(), iv.ToUTF8());
		        encrypted = Aes.Update(data.ToUTF8());
		        Aes.Finish();
		        // Decrypt CBC
		        Aes.Start(AESContext.Mode.EcbDecrypt, key.ToUTF8(), iv.ToUTF8());
		        decrypted = Aes.Update(encrypted);
		        Aes.Finish();
		        // Check CBC
		        Debug.Assert(decrypted == data.ToUTF8());
		    }
		}
		[/csharp]
		[/codeblocks]
	</description>
	<tutorials>
	</tutorials>
	<methods>
		<method name="finish">
			<return type="void" />
			<description>
				Close this AES context so it can be started again. See [method start].
			</description>
		</method>
		<method name="get_iv_state">
			<return type="PackedByteArray" />
			<description>
				Get the current IV state for this context (IV gets updated when calling [method update]). You normally don't need this function.
				[b]Note:[/b] This function only makes sense when the context is started with [constant MODE_CBC_ENCRYPT] or [constant MODE_CBC_DECRYPT].
			</description>
		</method>
		<method name="start">
			<return type="int" enum="Error" />
			<argument index="0" name="mode" type="int" enum="AESContext.Mode" />
			<argument index="1" name="key" type="PackedByteArray" />
			<argument index="2" name="iv" type="PackedByteArray" default="PackedByteArray()" />
			<description>
				Start the AES context in the given [code]mode[/code]. A [code]key[/code] of either 16 or 32 bytes must always be provided, while an [code]iv[/code] (initialization vector) of exactly 16 bytes, is only needed when [code]mode[/code] is either [constant MODE_CBC_ENCRYPT] or [constant MODE_CBC_DECRYPT].
			</description>
		</method>
		<method name="update">
			<return type="PackedByteArray" />
			<argument index="0" name="src" type="PackedByteArray" />
			<description>
				Run the desired operation for this AES context. Will return a [PackedByteArray] containing the result of encrypting (or decrypting) the given [code]src[/code]. See [method start] for mode of operation.
				[b]Note:[/b] The size of [code]src[/code] must be a multiple of 16. Apply some padding if needed.
			</description>
		</method>
	</methods>
	<constants>
		<constant name="MODE_ECB_ENCRYPT" value="0" enum="Mode">
			AES electronic codebook encryption mode.
		</constant>
		<constant name="MODE_ECB_DECRYPT" value="1" enum="Mode">
			AES electronic codebook decryption mode.
		</constant>
		<constant name="MODE_CBC_ENCRYPT" value="2" enum="Mode">
			AES cipher blocker chaining encryption mode.
		</constant>
		<constant name="MODE_CBC_DECRYPT" value="3" enum="Mode">
			AES cipher blocker chaining decryption mode.
		</constant>
		<constant name="MODE_MAX" value="4" enum="Mode">
			Maximum value for the mode enum.
		</constant>
	</constants>
</class>