Class Crypto
- Namespace
- Godot
- Assembly
- GodotSharp.dll
The Crypto class provides access to advanced cryptographic functionalities.
Currently, this includes asymmetric key encryption/decryption, signing/verification, and generating cryptographically secure random bytes, RSA keys, HMAC digests, and self-signed X509Certificates.
using Godot;
using System.Diagnostics;
public partial class MyNode : Node
{
private Crypto _crypto = new Crypto();
private CryptoKey _key = new CryptoKey();
private X509Certificate _cert = new X509Certificate();
public override void _Ready()
{
// Generate new RSA key.
_key = _crypto.GenerateRsa(4096);
// Generate new self-signed certificate with the given key.
_cert = _crypto.GenerateSelfSignedCertificate(_key, "CN=mydomain.com,O=My Game Company,C=IT");
// Save key and certificate in the user folder.
_key.Save("user://generated.key");
_cert.Save("user://generated.crt");
// Encryption
string data = "Some data";
byte[] encrypted = _crypto.Encrypt(_key, data.ToUtf8Buffer());
// Decryption
byte[] decrypted = _crypto.Decrypt(_key, encrypted);
// Signing
byte[] signature = _crypto.Sign(HashingContext.HashType.Sha256, Data.Sha256Buffer(), _key);
// Verifying
bool verified = _crypto.Verify(HashingContext.HashType.Sha256, Data.Sha256Buffer(), signature, _key);
// Checks
Debug.Assert(verified);
Debug.Assert(data.ToUtf8Buffer() == decrypted);
}
}
public class Crypto : RefCounted, IDisposable- Inheritance
-
Crypto
- Implements
- Inherited Members
Constructors
Crypto()
public Crypto()Methods
ConstantTimeCompare(byte[], byte[])
Compares two byte[]s for equality without leaking timing information in order to prevent timing attacks.
See this blog post for more information.
public bool ConstantTimeCompare(byte[] trusted, byte[] received)Parameters
Returns
Decrypt(CryptoKey, byte[])
Decrypt the given ciphertext with the provided private key.
Note: The maximum size of accepted ciphertext is limited by the key size.
public byte[] Decrypt(CryptoKey key, byte[] ciphertext)Parameters
Returns
- byte[]
Encrypt(CryptoKey, byte[])
Encrypt the given plaintext with the provided public key.
Note: The maximum size of accepted plaintext is limited by the key size.
public byte[] Encrypt(CryptoKey key, byte[] plaintext)Parameters
Returns
- byte[]
GenerateRandomBytes(int)
Generates a byte[] of cryptographically secure random bytes with given size.
public byte[] GenerateRandomBytes(int size)Parameters
sizeint
Returns
- byte[]
GenerateRsa(int)
Generates an RSA CryptoKey that can be used for creating self-signed certificates and passed to AcceptStream(StreamPeer, TlsOptions).
public CryptoKey GenerateRsa(int size)Parameters
sizeint
Returns
GenerateSelfSignedCertificate(CryptoKey, string, string, string)
Generates a self-signed X509Certificate from the given CryptoKey and issuerName. The certificate validity will be defined by notBefore and notAfter (first valid date and last valid date). The issuerName must contain at least "CN=" (common name, i.e. the domain name), "O=" (organization, i.e. your company name), "C=" (country, i.e. 2 lettered ISO-3166 code of the country the organization is based in).
A small example to generate an RSA key and a X509 self-signed certificate.
var crypto = new Crypto();
// Generate 4096 bits RSA key.
CryptoKey key = crypto.GenerateRsa(4096);
// Generate self-signed certificate using the given key.
X509Certificate cert = crypto.GenerateSelfSignedCertificate(key, "CN=mydomain.com,O=My Game Company,C=IT");public X509Certificate GenerateSelfSignedCertificate(CryptoKey key, string issuerName = "CN=myserver,O=myorganisation,C=IT", string notBefore = "20140101000000", string notAfter = "20340101000000")Parameters
Returns
HasGodotClassMethod(in godot_string_name)
Check if the type contains a method with the given name. This method is used by Godot to check if a method exists before invoking it. Do not call or override this method.
protected override bool HasGodotClassMethod(in godot_string_name method)Parameters
methodgodot_string_nameName of the method to check for.
Returns
HasGodotClassSignal(in godot_string_name)
Check if the type contains a signal with the given name. This method is used by Godot to check if a signal exists before raising it. Do not call or override this method.
protected override bool HasGodotClassSignal(in godot_string_name signal)Parameters
signalgodot_string_nameName of the signal to check for.
Returns
HmacDigest(HashType, byte[], byte[])
Generates an HMAC digest of msg using key. The hashType parameter is the hashing algorithm that is used for the inner and outer hashes.
public byte[] HmacDigest(HashingContext.HashType hashType, byte[] key, byte[] msg)Parameters
hashTypeHashingContext.HashTypekeybyte[]msgbyte[]
Returns
- byte[]
InvokeGodotClassMethod(in godot_string_name, NativeVariantPtrArgs, out godot_variant)
Invokes the method with the given name, using the given arguments. This method is used by Godot to invoke methods from the engine side. Do not call or override this method.
protected override bool InvokeGodotClassMethod(in godot_string_name method, NativeVariantPtrArgs args, out godot_variant ret)Parameters
methodgodot_string_nameName of the method to invoke.
argsNativeVariantPtrArgsArguments to use with the invoked method.
retgodot_variantValue returned by the invoked method.
Returns
Sign(HashType, byte[], CryptoKey)
Sign a given hash of type hashType with the provided private key.
public byte[] Sign(HashingContext.HashType hashType, byte[] hash, CryptoKey key)Parameters
hashTypeHashingContext.HashTypehashbyte[]keyCryptoKey
Returns
- byte[]
Verify(HashType, byte[], byte[], CryptoKey)
Verify that a given signature for hash of type hashType against the provided public key.
public bool Verify(HashingContext.HashType hashType, byte[] hash, byte[] signature, CryptoKey key)Parameters
hashTypeHashingContext.HashTypehashbyte[]signaturebyte[]keyCryptoKey