<?xml version="1.0" encoding="UTF-8" ?>
<class name="Crypto" inherits="Reference" version="4.0">
	<brief_description>
		Access to advanced cryptographic functionalities.
	</brief_description>
	<description>
		The Crypto class allows you to access some more advanced cryptographic functionalities in Godot.
		For now, this includes generating cryptographically secure random bytes, and RSA keys and self-signed X509 certificates generation. More functionalities are planned for future releases.
		[codeblock]
		extends Node

		var crypto = Crypto.new()
		var key = CryptoKey.new()
		var cert = X509Certificate.new()

		func _ready():
		    # Generate new RSA key.
		    key = crypto.generate_rsa(4096)
		    # Generate new self-signed certificate with the given key.
		    cert = crypto.generate_self_signed_certificate(key, "CN=mydomain.com,O=My Game Company,C=IT")
		    # Save key and certificate in the user folder.
		    key.save("user://generated.key")
		    cert.save("user://generated.crt")
		[/codeblock]
		[b]Note:[/b] Not available in HTML5 exports.
	</description>
	<tutorials>
	</tutorials>
	<methods>
		<method name="generate_random_bytes">
			<return type="PoolByteArray">
			</return>
			<argument index="0" name="size" type="int">
			</argument>
			<description>
				Generates a [PoolByteArray] of cryptographically secure random bytes with given [code]size[/code].
			</description>
		</method>
		<method name="generate_rsa">
			<return type="CryptoKey">
			</return>
			<argument index="0" name="size" type="int">
			</argument>
			<description>
				Generates an RSA [CryptoKey] that can be used for creating self-signed certificates and passed to [method StreamPeerSSL.accept_stream].
			</description>
		</method>
		<method name="generate_self_signed_certificate">
			<return type="X509Certificate">
			</return>
			<argument index="0" name="key" type="CryptoKey">
			</argument>
			<argument index="1" name="issuer_name" type="String" default="&quot;CN=myserver,O=myorganisation,C=IT&quot;">
			</argument>
			<argument index="2" name="not_before" type="String" default="&quot;20140101000000&quot;">
			</argument>
			<argument index="3" name="not_after" type="String" default="&quot;20340101000000&quot;">
			</argument>
			<description>
				Generates a self-signed [X509Certificate] from the given [CryptoKey] and [code]issuer_name[/code]. The certificate validity will be defined by [code]not_before[/code] and [code]not_after[/code] (first valid date and last valid date). The [code]issuer_name[/code] must contain at least "CN=" (common name, i.e. the domain name), "O=" (organization, i.e. your company name), "C=" (country, i.e. 2 lettered ISO-3166 code of the country the organization is based in).
				A small example to generate an RSA key and a X509 self-signed certificate.
				[codeblock]
				var crypto = Crypto.new()
				# Generate 4096 bits RSA key.
				var key = crypto.generate_rsa(4096)
				# Generate self-signed certificate using the given key.
				var cert = crypto.generate_self_signed_certificate(key, "CN=example.com,O=A Game Company,C=IT")
				[/codeblock]
			</description>
		</method>
	</methods>
	<constants>
	</constants>
</class>