Documentation
¶
Overview ¶
The Crypto class provides access to advanced cryptographic functionalities.
Currently, this includes asymmetric key encryption/decryption, signing/verification, and generating cryptographically secure random bytes, RSA keys, HMAC digests, and self-signed X509Certificates.
package main
import (
"crypto/sha256"
"graphics.gd/classdb/Crypto"
"graphics.gd/classdb/HashingContext"
)
func ExampleCrypto() {
crypto := Crypto.New()
// Generate new RSA key.
key := crypto.GenerateRsa(4096)
// Generate new self-signed certificate with the given key.
cert := crypto.MoreArgs().GenerateSelfSignedCertificate(key, "CN=mydomain.com,O=My Game Company,C=IT", "20140101000000", "20340101000000")
// Save key and certificate in the user folder.
key.Save("user://generated.key")
cert.Save("user://generated.crt")
// Encryption
data := "Some data"
encrypted := crypto.Encrypt(key, []byte(data))
// Decryption
decrypted := crypto.Decrypt(key, encrypted)
// Signing
var hash = sha256.Sum256([]byte(data))
signature := crypto.Sign(HashingContext.HashSha256, hash[:], key)
// Verifying
verified := crypto.Verify(HashingContext.HashSha256, hash[:], signature, key)
// Checks
if !verified {
panic("verification failed")
}
if string(decrypted) != data {
panic("decryption failed")
}
}
Index ¶
- type Advanced
- type Any
- type Expanded
- type Extension
- type ID
- type Instance
- func (self Instance) AsCrypto() Instance
- func (self Instance) AsObject() [1]gd.Object
- func (self Instance) AsRefCounted() [1]gd.RefCounted
- func (self Instance) ConstantTimeCompare(trusted []byte, received []byte) bool
- func (self Instance) Decrypt(key CryptoKey.Instance, ciphertext []byte) []byte
- func (self Instance) Encrypt(key CryptoKey.Instance, plaintext []byte) []byte
- func (self Instance) GenerateRandomBytes(size int) []byte
- func (self Instance) GenerateRsa(size int) CryptoKey.Instance
- func (self Instance) GenerateSelfSignedCertificate(key CryptoKey.Instance) X509Certificate.Instance
- func (self Instance) HmacDigest(hash_type HashingContext.HashType, key []byte, msg []byte) []byte
- func (self Instance) ID() ID
- func (self Instance) MoreArgs() MoreArgs
- func (self *Instance) SetObject(obj [1]gd.Object) bool
- func (self Instance) Sign(hash_type HashingContext.HashType, hash []byte, key CryptoKey.Instance) []byte
- func (self Instance) Verify(hash_type HashingContext.HashType, hash []byte, signature []byte, ...) bool
- func (self Instance) Virtual(name string) reflect.Value
- type MoreArgs
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Advanced ¶
type Advanced = class
Advanced exposes a 1:1 low-level instance of the class, undocumented, for those who know what they are doing.
type Extension ¶
Extension can be embedded in a new struct to create an extension of this class. T should be the type that is embedding this Extension
func (*Extension[T]) AsRefCounted ¶
func (self *Extension[T]) AsRefCounted() [1]gd.RefCounted
type ID ¶
ID is a typed object ID (reference) to an instance of this class, use it to store references to objects with unknown lifetimes, as an ID will not panic on use if the underlying object has been destroyed.
type Instance ¶
Instance of the class with convieniently typed arguments and results.
var Nil Instance
Nil is a nil/null instance of the class. Equivalent to the zero value.
func (Instance) AsRefCounted ¶
func (self Instance) AsRefCounted() [1]gd.RefCounted
func (Instance) ConstantTimeCompare ¶
Compares two []bytes for equality without leaking timing information in order to prevent timing attacks.
See this blog post for more information.
func (Instance) Decrypt ¶
Decrypt the given 'ciphertext' with the provided private 'key'.
Note: The maximum size of accepted ciphertext is limited by the key size.
func (Instance) Encrypt ¶
Encrypt the given 'plaintext' with the provided public 'key'.
Note: The maximum size of accepted plaintext is limited by the key size.
func (Instance) GenerateRandomBytes ¶
Generates a []byte of cryptographically secure random bytes with given 'size'.
func (Instance) GenerateRsa ¶
Generates an RSA CryptoKey that can be used for creating self-signed certificates and passed to StreamPeerTLS.AcceptStream.
func (Instance) GenerateSelfSignedCertificate ¶
func (self Instance) GenerateSelfSignedCertificate(key CryptoKey.Instance) X509Certificate.Instance
Generates a self-signed X509Certificate from the given CryptoKey and 'issuer_name'. The certificate validity will be defined by 'not_before' and 'not_after' (first valid date and last valid date). The 'issuer_name' must contain at least "CN=" (common name, i.e. the domain name), "O=" (organization, i.e. your company name), "C=" (country, i.e. 2 lettered ISO-3166 code of the country the organization is based in).
A small example to generate an RSA key and an X509 self-signed certificate.
func (Instance) HmacDigest ¶
Generates an HMAC digest of 'msg' using 'key'. The 'hash_type' parameter is the hashing algorithm that is used for the inner and outer hashes.
Currently, only [Hashingcontext.HashSha256] and [Hashingcontext.HashSha1] are supported.
func (Instance) MoreArgs ¶
MoreArgs enables certain functions to be called with additional 'optional' arguments.
func (Instance) Sign ¶
func (self Instance) Sign(hash_type HashingContext.HashType, hash []byte, key CryptoKey.Instance) []byte
Sign a given 'hash' of type 'hash_type' with the provided private 'key'.
type MoreArgs ¶
MoreArgs is a container for Instance functions with additional 'optional' arguments.
func (MoreArgs) GenerateSelfSignedCertificate ¶
func (self MoreArgs) GenerateSelfSignedCertificate(key CryptoKey.Instance, issuer_name string, not_before string, not_after string) X509Certificate.Instance
Generates a self-signed X509Certificate from the given CryptoKey and 'issuer_name'. The certificate validity will be defined by 'not_before' and 'not_after' (first valid date and last valid date). The 'issuer_name' must contain at least "CN=" (common name, i.e. the domain name), "O=" (organization, i.e. your company name), "C=" (country, i.e. 2 lettered ISO-3166 code of the country the organization is based in).
A small example to generate an RSA key and an X509 self-signed certificate.
Source Files