crypto.aes #
https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Constants #
const block_size = 16
The AES block size in bytes.
const gcm_tag_size = 16
gcm_tag_size is the size of the GCM authentication tag in bytes.
const gcm_nonce_size = 12
gcm_nonce_size is the size of the GCM nonce in bytes (only support 96-bit nonce variant).
fn new_aes_gcm #
fn new_aes_gcm(key []u8) !&AesGcm
new_aes_gcm builds AES-GCM state for a 16, 24 or 32-byte key.
fn new_cipher #
fn new_cipher(key []u8) cipher.Block
new_cipher creates and returns a new [AesCipher]. The key argument should be the AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.
fn (AesCipher) free #
fn (mut c AesCipher) free()
free the resources taken by the AesCipher c
fn (AesCipher) block_size #
fn (c &AesCipher) block_size() int
block_size returns the block size of the checksum in bytes.
fn (AesCipher) encrypt #
fn (c &AesCipher) encrypt(mut dst []u8, src []u8)
encrypt encrypts the first block of data in src to dst.
Note: dst and src are both mutable for performance reasons.
Note: dst and src must both be pre-allocated to the correct length.
Note: dst and src may be the same (overlapping entirely).
fn (AesCipher) decrypt #
fn (c &AesCipher) decrypt(mut dst []u8, src []u8)
decrypt decrypts the first block of data in src to dst.
Note: dst and src are both mutable for performance reasons.
Note: dst and src must both be pre-allocated to the correct length.
Note: dst and src may be the same (overlapping entirely).
struct AesGcm #
struct AesGcm implements cipher.AEAD {
mut:
block cipher.Block
h []u8 // GHASH subkey H = E(K, 0^128)
}
AesGcm holds the AES block cipher and the derived GHASH subkey for a key.
fn (AesGcm) nonce_size #
fn (g &AesGcm) nonce_size() int
nonce_size returns the size of nonce (in bytes).
fn (AesGcm) overhead #
fn (g &AesGcm) overhead() int
overhead returns the maximum difference between the lengths of a plaintext and its ciphertext.
fn (AesGcm) encrypt #
fn (g &AesGcm) encrypt(plaintext []u8, nonce []u8, ad []u8) ![]u8
encrypt encrypts plaintext with the given 12-byte nonce and additional authenticated data ad, returning ciphertext with the 16-byte tag appended.
fn (AesGcm) decrypt #
fn (g &AesGcm) decrypt(ciphertext []u8, nonce []u8, ad []u8) ![]u8
decrypt verifies and decrypts ciphertext (which must include the trailing 16-byte tag) using nonce and additional authenticated data ad.