| github_url: | hide |
|---|
Inherits: :ref:`RefCounted<class_RefCounted>` < :ref:`Object<class_Object>`
Provides access to AES encryption/decryption of raw data.
.. rst-class:: classref-introduction-group
This class holds the context information required for encryption and decryption operations with AES (Advanced Encryption Standard). Both AES-ECB and AES-CBC modes are supported.
.. tabs::
.. code-tab:: gdscript
extends Node
var aes = AESContext.new()
func _ready():
var key = "My secret key!!!" # Key must be either 16 or 32 bytes.
var data = "My secret text!!" # Data size must be multiple of 16 bytes, apply padding if needed.
# Encrypt ECB
aes.start(AESContext.MODE_ECB_ENCRYPT, key.to_utf8_buffer())
var encrypted = aes.update(data.to_utf8_buffer())
aes.finish()
# Decrypt ECB
aes.start(AESContext.MODE_ECB_DECRYPT, key.to_utf8_buffer())
var decrypted = aes.update(encrypted)
aes.finish()
# Check ECB
assert(decrypted == data.to_utf8_buffer())
var iv = "My secret iv!!!!" # IV must be of exactly 16 bytes.
# Encrypt CBC
aes.start(AESContext.MODE_CBC_ENCRYPT, key.to_utf8_buffer(), iv.to_utf8_buffer())
encrypted = aes.update(data.to_utf8_buffer())
aes.finish()
# Decrypt CBC
aes.start(AESContext.MODE_CBC_DECRYPT, key.to_utf8_buffer(), iv.to_utf8_buffer())
decrypted = aes.update(encrypted)
aes.finish()
# Check CBC
assert(decrypted == data.to_utf8_buffer())
.. code-tab:: csharp
using Godot;
using System.Diagnostics;
public partial class MyNode : Node
{
private AesContext _aes = new AesContext();
public override void _Ready()
{
string key = "My secret key!!!"; // Key must be either 16 or 32 bytes.
string data = "My secret text!!"; // Data size must be multiple of 16 bytes, apply padding if needed.
// Encrypt ECB
_aes.Start(AesContext.Mode.EcbEncrypt, key.ToUtf8Buffer());
byte[] encrypted = _aes.Update(data.ToUtf8Buffer());
_aes.Finish();
// Decrypt ECB
_aes.Start(AesContext.Mode.EcbDecrypt, key.ToUtf8Buffer());
byte[] decrypted = _aes.Update(encrypted);
_aes.Finish();
// Check ECB
Debug.Assert(decrypted == data.ToUtf8Buffer());
string iv = "My secret iv!!!!"; // IV must be of exactly 16 bytes.
// Encrypt CBC
_aes.Start(AesContext.Mode.EcbEncrypt, key.ToUtf8Buffer(), iv.ToUtf8Buffer());
encrypted = _aes.Update(data.ToUtf8Buffer());
_aes.Finish();
// Decrypt CBC
_aes.Start(AesContext.Mode.EcbDecrypt, key.ToUtf8Buffer(), iv.ToUtf8Buffer());
decrypted = _aes.Update(encrypted);
_aes.Finish();
// Check CBC
Debug.Assert(decrypted == data.ToUtf8Buffer());
}
}
.. rst-class:: classref-reftable-group
.. rst-class:: classref-section-separator
.. rst-class:: classref-descriptions-group
.. rst-class:: classref-enumeration
enum Mode:
.. rst-class:: classref-enumeration-constant
:ref:`Mode<enum_AESContext_Mode>` MODE_ECB_ENCRYPT = 0
AES electronic codebook encryption mode.
.. rst-class:: classref-enumeration-constant
:ref:`Mode<enum_AESContext_Mode>` MODE_ECB_DECRYPT = 1
AES electronic codebook decryption mode.
.. rst-class:: classref-enumeration-constant
:ref:`Mode<enum_AESContext_Mode>` MODE_CBC_ENCRYPT = 2
AES cipher blocker chaining encryption mode.
.. rst-class:: classref-enumeration-constant
:ref:`Mode<enum_AESContext_Mode>` MODE_CBC_DECRYPT = 3
AES cipher blocker chaining decryption mode.
.. rst-class:: classref-enumeration-constant
:ref:`Mode<enum_AESContext_Mode>` MODE_MAX = 4
Maximum value for the mode enum.
.. rst-class:: classref-section-separator
.. rst-class:: classref-descriptions-group
.. rst-class:: classref-method
void finish ( )
Close this AES context so it can be started again. See :ref:`start<class_AESContext_method_start>`.
.. rst-class:: classref-item-separator
.. rst-class:: classref-method
:ref:`PackedByteArray<class_PackedByteArray>` get_iv_state ( )
Get the current IV state for this context (IV gets updated when calling :ref:`update<class_AESContext_method_update>`). You normally don't need this function.
Note: This function only makes sense when the context is started with :ref:`MODE_CBC_ENCRYPT<class_AESContext_constant_MODE_CBC_ENCRYPT>` or :ref:`MODE_CBC_DECRYPT<class_AESContext_constant_MODE_CBC_DECRYPT>`.
.. rst-class:: classref-item-separator
.. rst-class:: classref-method
:ref:`Error<enum_@GlobalScope_Error>` start ( :ref:`Mode<enum_AESContext_Mode>` mode, :ref:`PackedByteArray<class_PackedByteArray>` key, :ref:`PackedByteArray<class_PackedByteArray>` iv=PackedByteArray() )
Start the AES context in the given mode. A key of either 16 or 32 bytes must always be provided, while an iv (initialization vector) of exactly 16 bytes, is only needed when mode is either :ref:`MODE_CBC_ENCRYPT<class_AESContext_constant_MODE_CBC_ENCRYPT>` or :ref:`MODE_CBC_DECRYPT<class_AESContext_constant_MODE_CBC_DECRYPT>`.
.. rst-class:: classref-item-separator
.. rst-class:: classref-method
:ref:`PackedByteArray<class_PackedByteArray>` update ( :ref:`PackedByteArray<class_PackedByteArray>` src )
Run the desired operation for this AES context. Will return a :ref:`PackedByteArray<class_PackedByteArray>` containing the result of encrypting (or decrypting) the given src. See :ref:`start<class_AESContext_method_start>` for mode of operation.
Note: The size of src must be a multiple of 16. Apply some padding if needed.