@haxall/haxall
    Preparing search index...

    Class CryptoAbstract

    Crypto defines a pluggable mixin for cryptography capabilities in Fantom. Use cur to access the current Crypto instance.

    Hierarchy (View Summary)

    Implemented by

    Index

    Constructors

    constructor

    Properties

    type$

    Methods

    certSigner compare digest equals genCsr genKeyPair hash isImmutable loadCertsForUri loadJwk loadJwksForUri loadKeyStore loadPem loadX509 toImmutable toStr trap typeof with cur echo

    Constructors

    Properties

    type$: Type

    Methods

    • Obtain a builder that can be used to configure signing options for generating a signed certificate from a CSR.

      cert := Crypto.cur.certSigner(csr)
        .ca(caKeys, "cn=example,ou=example.org,o=Example Inc,c=US")
        .notAfter(Date.today + 365day)
        .sign

      Parameters

      Returns CertSigner

    • Return a negative integer, zero, or a positive integer if this object is less than, equal to, or greater than the specified object:

      this < that   =>  <0
      this == that  =>  0
      this > that   =>  >0

      This method may also be accessed via the < <= <=> >= and > shortcut operators. If not overridden the default implementation compares the toStr representations. Also see docLang.

      Examples:

      3.compare(8)  =>  -1
      8.compare(3)  =>  1
      8.compare(8)  =>  0
      3 <=> 8       =>  -1  // shortcut for 3.compare(8)

      Parameters

      Returns number

    • Get a Digest for the given algorithm.

      buf := Crypto.cur.digest("SHA-256").update("foo".toBuf).digest

      Parameters

      • algorithm: string

      Returns Digest

    • Compare this object to the specified for equality. This method may be accessed via the == and != shortcut operators. If not overridden the default implementation compares for reference equality using the === operator. If this method is overridden, then hash() must also be overridden such that any two objects which return true for equals() must return the same value for hash(). This method must accept null and return false.

      Parameters

      Returns boolean

    • Generate a Certificate Signing Request (CSR). The subjectDn must be a valid X.500 distinguised name as defined in RFC4514.

      By default, the implementation should choose a "strong" signing algorithm for signing the CSR. All implementations must support the algorithm option with one of the following values:

      • sha256WithRSAEncryption
      • sha512WithRSAEncryption
      // Generate a csr signed with the default algorithm
      csr := Crypto.cur.genCsr(pair, "cn=test")

      // Generate a csr signed with SHA-512
      csr := Crypto.cru.genCsr(pair, "cn=test", ["algorithm": "sha512WithRSAEncryption"])

      Parameters

      Returns Csr

    • Generate an asymmetric key pair with the given algorithm and key size (in bits). Throws Err if the algorithm or key size is not supported.

      pair := Crypto.cur.genKeyPair("RSA", 2048)

      Parameters

      • algorithm: string
      • bits: number

      Returns KeyPair

    • Return a unique hashcode for this object. If a class overrides hash() then it must ensure if equals() returns true for any two objects then they have same hash code.

      Returns number

    • Return if this Obj is immutable and safe to share between threads:

      • an instance of a const class
      • the result of toImmutable on List, Map, or Buf
      • a Func object may or may not be immutable - see sys::Func.
      • other instances are assumed mutable and return false

      Returns boolean

    • Attempt to load the full certificate chain for the given uri. If the certificate chain cannot be obtained, throw an sys::Err.

      This is an optional operation and implementations may throw sys::UnsupportedErr.

      certs := Crypto.cur.loadCertForUri(`https://my.server.com/`)

      Parameters

      Returns List<Cert>

    • Load a JSON Web Key (Jwk) from a Map.

      Throws an error if unable to determine the JWK type.

      jwkRsa  := Crypto.cur.loadJwk(["kty":"RSA", "alg":"RS256", ...])
      jwkEc   := Crypto.cur.loadJwk(["kty":"EC", "alg":"ES256", ...])
      jwkHmac := Crypto.cur.loadJwk(["kty":"oct", "alg":"HS256", ...])

      Parameters

      Returns Jwk

    • Import JSON Web Key Set from a Uri

      jwks := Crypto.cur.loadJwksForUri(`https://example.com/jwks.json`)

      Parameters

      • uri: Uri
      • OptionalmaxKeys: number

      Returns List<Jwk>

    • Load a KeyStore from the given file. If file is null, then a new, empty keystore in the PKCS12 format will be returned. The keystore format is determined by the file extension:

      • .p12, .pfx: PKCS12 format
      • .jks: Java KeyStore (JAVA only)

      If the file does not have an extension, then PKCS12 format will be assumed. Other formats may be supported depending on the runtime implementation. Throws an Err if the format is not supported or there is a problem loading the keystore.

      The following options may be supported by the implementation:

      • password: (Str) - the password used to unlock the keystore or perform integrity checks.
      ks := Crypto.cur.loadKeyStore(`keystore.p12`, ["password":"changeit"])

      Parameters

      Returns KeyStore

    • Load the next PEM-encoded object from the input stream. Returns one of the following depending on the PEM encoding:

      For PKCS#8, the algorithm argument will be used for decoding. This argument is ignored for PKCS#1 where the alogithm is inferred.

      Returns null if there are no more PEM objects to decode. The input stream will be closed in this case.

      key  := Crypto.cur.loadPem(`server.key`) as PrivKey
      cert := Crypto.cur.loadPem(`server.pem`) as Cert

      Parameters

      Returns JsObj

    • Load all X.509 certificates from the given input stream.

      The stream will be closed after reading the certificates.

      cert := Crypto.cur.loadX509(`server.cert`).first

      Parameters

      Returns List<Cert>

    • Get an immutable representation of this instance or throw NotImmutableErr if this object cannot be represented as an immutable:

      • if type is const, return this
      • if already an immutable List, Map, Buf, or Func return this
      • if a List, then attempt to perform a deep clone by calling toImmutable on all items
      • if a Map, then attempt to perform a deep clone by calling toImmutable on all values (keys are already immutable)
      • some Funcs can be made immutable - see sys::Func
      • if a Buf create immutable copy, see sys::Buf
      • any other object throws NotImmutableErr

      Returns Readonly<this>

    • Return a string representation of this object.

      Returns string

    • Trap a dynamic call for handling. Dynamic calls are invoked with the -> shortcut operator:

      a->x        a.trap("x", null)
      a->x()      a.trap("x", null)
      a->x = b    a.trap("x", [b])
      a->x(b)     a.trap("x", [b])
      a->x(b, c)  a.trap("x", [b, c])

      The default implementation provided by Obj attempts to use reflection. If name maps to a method, it is invoked with the specified arguments. If name maps to a field and args.size is zero, get the field. If name maps to a field and args.size is one, set the field and return args[0]. Otherwise throw UnknownSlotErr.

      Parameters

      Returns JsObj

    • Get the Type instance which represents this object's class. Also seeType.of or Pod.of.

      Returns Type

    • This method called whenever an it-block is applied to an object. The default implementation calls the function with this, and then returns this.

      Parameters

      • f: (arg0: this) => void

      Returns this

    • Get the installed crypto implementation for this runtime.

      Returns Crypto

    • Write x.toStr to standard output followed by newline. If x is null then print "null". If no argument is provided then print an empty line.

      Parameters

      Returns void

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Methods