Skip to content

crypto.aes #

https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

Constants #

const block_size = 16

The AES block size in bytes.

const gcm_tag_size = 16

gcm_tag_size is the size of the GCM authentication tag in bytes.

const gcm_nonce_size = 12

gcm_nonce_size is the size of the GCM nonce in bytes (only support 96-bit nonce variant).

fn new_aes_gcm #

fn new_aes_gcm(key []u8) !&AesGcm

new_aes_gcm builds AES-GCM state for a 16, 24 or 32-byte key.

fn new_cipher #

fn new_cipher(key []u8) cipher.Block

new_cipher creates and returns a new [AesCipher]. The key argument should be the AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.

fn (AesCipher) free #

unsafe
fn (mut c AesCipher) free()

free the resources taken by the AesCipher c

fn (AesCipher) block_size #

fn (c &AesCipher) block_size() int

block_size returns the block size of the checksum in bytes.

fn (AesCipher) encrypt #

fn (c &AesCipher) encrypt(mut dst []u8, src []u8)

encrypt encrypts the first block of data in src to dst.

Note: dst and src are both mutable for performance reasons.

Note: dst and src must both be pre-allocated to the correct length.

Note: dst and src may be the same (overlapping entirely).

fn (AesCipher) decrypt #

fn (c &AesCipher) decrypt(mut dst []u8, src []u8)

decrypt decrypts the first block of data in src to dst.

Note: dst and src are both mutable for performance reasons.

Note: dst and src must both be pre-allocated to the correct length.

Note: dst and src may be the same (overlapping entirely).

struct AesGcm #

@[heap]
@[noinit]
struct AesGcm implements cipher.AEAD {
mut:
	block cipher.Block
	h     []u8 // GHASH subkey H = E(K, 0^128)
}

AesGcm holds the AES block cipher and the derived GHASH subkey for a key.

fn (AesGcm) nonce_size #

fn (g &AesGcm) nonce_size() int

nonce_size returns the size of nonce (in bytes).

fn (AesGcm) overhead #

fn (g &AesGcm) overhead() int

overhead returns the maximum difference between the lengths of a plaintext and its ciphertext.

fn (AesGcm) encrypt #

fn (g &AesGcm) encrypt(plaintext []u8, nonce []u8, ad []u8) ![]u8

encrypt encrypts plaintext with the given 12-byte nonce and additional authenticated data ad, returning ciphertext with the 16-byte tag appended.

fn (AesGcm) decrypt #

fn (g &AesGcm) decrypt(ciphertext []u8, nonce []u8, ad []u8) ![]u8

decrypt verifies and decrypts ciphertext (which must include the trailing 16-byte tag) using nonce and additional authenticated data ad.