Attention: Here be dragons

This is the latest (unstable) version of this documentation, which may document features not available in or compatible with released stable versions of Godot.

Checking the stable version of the documentation...

Crypto¶

Inherits: RefCounted < Object

Provides access to advanced cryptographic functionalities.

Description¶

The Crypto class provides access to advanced cryptographic functionalities.

Currently, this includes asymmetric key encryption/decryption, signing/verification, and generating cryptographically secure random bytes, RSA keys, HMAC digests, and self-signed X509Certificates.

extends Node

var crypto = Crypto.new()
var key = CryptoKey.new()
var cert = X509Certificate.new()

func _ready():
    # Generate new RSA key.
    key = crypto.generate_rsa(4096)
    # Generate new self-signed certificate with the given key.
    cert = crypto.generate_self_signed_certificate(key, "CN=mydomain.com,O=My Game Company,C=IT")
    # Save key and certificate in the user folder.
    key.save("user://generated.key")
    cert.save("user://generated.crt")
    # Encryption
    var data = "Some data"
    var encrypted = crypto.encrypt(key, data.to_utf8_buffer())
    # Decryption
    var decrypted = crypto.decrypt(key, encrypted)
    # Signing
    var signature = crypto.sign(HashingContext.HASH_SHA256, data.sha256_buffer(), key)
    # Verifying
    var verified = crypto.verify(HashingContext.HASH_SHA256, data.sha256_buffer(), signature, key)
    # Checks
    assert(verified)
    assert(data.to_utf8_buffer() == decrypted)

using Godot;
using System.Diagnostics;

public partial class MyNode : Node
{
    private Crypto _crypto = new Crypto();
    private CryptoKey _key = new CryptoKey();
    private X509Certificate _cert = new X509Certificate();

    public override void _Ready()
    {
        // Generate new RSA key.
        _key = _crypto.GenerateRsa(4096);
        // Generate new self-signed certificate with the given key.
        _cert = _crypto.GenerateSelfSignedCertificate(_key, "CN=mydomain.com,O=My Game Company,C=IT");
        // Save key and certificate in the user folder.
        _key.Save("user://generated.key");
        _cert.Save("user://generated.crt");
        // Encryption
        string data = "Some data";
        byte[] encrypted = _crypto.Encrypt(_key, data.ToUtf8Buffer());
        // Decryption
        byte[] decrypted = _crypto.Decrypt(_key, encrypted);
        // Signing
        byte[] signature = _crypto.Sign(HashingContext.