godot/doc/classes/AESContext.xml

<?xml version="1.0" encoding="UTF-8" ?>
<class name="AESContext" inherits="RefCounted" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../class.xsd">
	<brief_description>
		Provides access to AES encryption/decryption of raw data.
	</brief_description>
	<description>
		This class holds the context information required for encryption and decryption operations with AES (Advanced Encryption Standard). Both AES-ECB and AES-CBC modes are supported.
		[codeblocks]
		[gdscript]
		extends Node

		var aes = AESContext.new()

		func _ready():
		    var key = "My secret key!!!" # Key must be either 16 or 32 bytes.
		    var data = "My secret text!!" # Data size must be multiple of 16 bytes, apply padding if needed.
		    # Encrypt ECB
		    aes.start(AESContext.MODE_ECB_ENCRYPT, key.to_utf8_buffer())
		    var encrypted = aes.update(data.to_utf8_buffer())
		    aes.finish()
		    # Decrypt ECB
		    aes.start(AESContext.MODE_ECB_DECRYPT, key.to_utf8_buffer())
		    var decrypted = aes.update(encrypted)
		    aes.finish()
		    # Check ECB
		    assert(decrypted == data.to_utf8_buffer())

		    var iv = "My secret iv!!!!" # IV must be of exactly 16 bytes.
		    # Encrypt CBC
		    aes.start(AESContext.MODE_CBC_ENCRYPT, key.to_utf8_buffer(), iv.to_utf8_buffer())
		    encrypted = aes.update(data.to_utf8_buffer())
		    aes.finish()
		    # Decrypt CBC
		    aes.start(AESContext.MODE_CBC_DECRYPT, key.to_utf8_buffer(), iv.to_utf8_buffer())
		    decrypted = aes.update(encrypted)
		    aes.finish()
		    # Check CBC
		    assert(decrypted == data.to_utf8_buffer())
		[/gdscript]
		[csharp]
		using Godot;
		using System.Diagnostics;

		public partial class MyNode : Node
		{
		    private AesContext _aes = new AesContext();

		    public override void _Ready()
		    {
		        string key = "My secret key!!!"; // Key must be either 16 or 32 bytes.
		        string data = "My secret text!!"; // Data size must be multiple of 16 bytes, apply padding if needed.
		        // Encrypt ECB
		        _aes.Start(AesContext.Mode.EcbEncrypt, key.ToUtf8Buffer());
		        byte[] encrypted = _aes.Update(data.ToUtf8Buffer());
		        _aes.Finish();
		        // Decrypt ECB
		        _aes.Start(AesContext.Mode.EcbDecrypt, key.ToUtf8Buffer());
		        byte[] decrypted = _aes.Update(encrypted);
		        _aes.Finish();
		        // Check ECB
		        Debug.Assert(decrypted == data.ToUtf8Buffer());

		        string iv = "My secret iv!!!!"; // IV must be of exactly 16 bytes.
		        // Encrypt CBC
		        _aes.Start(AesContext.Mode.EcbEncrypt, key.ToUtf8Buffer(), iv.ToUtf8Buffer());
		        encrypted = _aes.Update(data.ToUtf8Buffer());
		        _aes.Finish();
		        // Decrypt CBC
		        _aes.Start(AesContext.Mode.EcbDecrypt, key.ToUtf8Buffer(), iv.ToUtf8Buffer());
		        decrypted = _aes.Update(encrypted);
		        _aes.Finish();
		        // Check CBC
		        Debug.Assert(decrypted == data.ToUtf8Buffer());
		    }
		}
		[/csharp]
		[/codeblocks]
	</description>
	<tutorials>
	</tutorials>
	<methods>
		<method name="finish">
			<return type="void" />
			<description>
				Close this AES context so it can be started again. See [method start].
			</description>
		</method>
		<method name="get_iv_state">
			<return type="PackedByteArray" />
			<description>
				Get the current IV state for this context (IV gets updated when calling [method update]). You normally don't need this function.
				[b]Note:[/b] This function only makes sense when the context is started with [constant MODE_CBC_ENCRYPT] or [constant MODE_CBC_DECRYPT].
			</description>
		</method>
		<method name="start">
			<return type="int" enum="Error" />
			<param index="0" name="mode" type="int" enum="AESContext.Mode" />
			<param index="1" name="key" type="PackedByteArray" />
			<param index="2" name="iv" type="PackedByteArray" default="PackedByteArray()" />
			<description>
				Start the AES context in the given [param mode]. A [param key] of either 16 or 32 bytes must always be provided, while an [param iv] (initialization vector) of exactly 16 bytes, is only needed when [param mode] is either [constant MODE_CBC_ENCRYPT] or [constant MODE_CBC_DECRYPT].
			</description>
		</method>
		<method name="update">
			<return type="PackedByteArray" />
			<param index="0" name="src" type="PackedByteArray" />
			<description>
				Run the desired operation for this AES context. Will return a [PackedByteArray] containing the result of encrypting (or decrypting) the given [param src]. See [method start] for mode of operation.
				[b]Note:[/b] The size of [param src] must be a multiple of 16. Apply some padding if needed.
			</description>
		</method>
	</methods>
	<constants>
		<constant name="MODE_ECB_ENCRYPT" value="0" enum="Mode">
			AES electronic codebook encryption mode.
		</constant>
		<constant name="MODE_ECB_DECRYPT" value="1" enum="Mode">
			AES electronic codebook decryption mode.
		</constant>
		<constant name="MODE_CBC_ENCRYPT" value="2" enum="Mode">
			AES cipher blocker chaining encryption mode.
		</constant>
		<constant name="MODE_CBC_DECRYPT" value="3" enum="Mode">
			AES cipher blocker chaining decryption mode.
		</constant>
		<constant name="MODE_MAX" value="4" enum="Mode">
			Maximum value for the mode enum.
		</constant>
	</constants>
</class>