# Crypto {% hint style="info" %} You can easily import all the functions from the `crypto` registry by including the following import statement in your code ```go import "github.com/go-sprout/sprout/registry/crypto" ``` {% endhint %} {% hint style="warning" %} Directly using cryptographic functions in templates poses significant security risks. This package is included in Sprout solely for backward compatibility with Sprig. **We strongly recommend** generating certificates and performing other cryptographic operations outside of templates to maintain security and follow best practices. > *In future versions, this package will be removed from Sprout.* > {% endhint %} ### bcrypt The function generates a bcrypt hash from the given input string, providing a secure way to store passwords or other sensitive data. {% hint style="warning" %} Be careful, this method uses the default cost of the library and can cause security vulnerabilities. {% endhint %}

Name	Value
Signature	`Bcrypt(input string) (string, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ "Hello World" | bcrypt }} // Output: "$2a$12$C1qL8XVjIuGKzQXwC6g6tO" ``` {% endtab %} {% endtabs %} ### htpasswd The function generates an Htpasswd hash from the given username and password strings, typically used for basic authentication in web servers. {% hint style="warning" %} Be careful, this method uses the default cost of the library and can cause security vulnerabilities. {% endhint %}

Name	Value
Signature	`Htpasswd(username string, password string) (string, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ htpasswd "username" "password" }} // Output: "$2a$12$C1qL8XVjIuGKzQXwC6g6tO" ``` {% endtab %} {% endtabs %} ### derivePassword The function derives a password based on the provided counter, password type, password, user, and site, generating a consistent and secure password using these inputs.

Name	Value
Signature	`DerivePassword(counter uint32, passwordType, password, user, site string) (string, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ derivePassword 1 "long" "password" "user" "example.com" }} // Output: "$2a$12$C1qL8XVjIuGKzQXwC6g6tO" ``` {% endtab %} {% endtabs %} ### genPrivateKey The function generates a private key of the specified type, allowing for the creation of cryptographic keys used in various security protocols.

Name	Value
Signature	`GeneratePrivateKey(typ string) (string, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ generatePrivateKey "rsa" }} // Output: "-----BEGIN RSA PRIVATE KEY-----" ``` {% endtab %} {% endtabs %} ### buildCustomCert The function builds a custom certificate using a base64 encoded certificate and private key, enabling the creation of customized SSL/TLS certificates for secure communications.

Name	Value
Signature	`BuildCustomCertificate(b64cert string, b64key string) (Certificate, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ buildCustomCertificate "b64cert" "b64key" }} // Output: {"Cert":"b64cert","Key":"b64key"} ``` {% endtab %} {% endtabs %} ### genCA Generates a certificate authority (CA) using the provided common name and validity period, creating the root certificate needed to sign other certificates.

Name	Value
Signature	`GenerateCertificateAuthority(cn string, daysValid int) (Certificate, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ generateCertificateAuthority "example.com" 365 }} // Output: {"Cert":"b64cert","Key":"b64key"} ``` {% endtab %} {% endtabs %} ### genCAWithKey Generates a certificate authority using the provided common name, validity period, and an existing private key in PEM format, allowing for more customized or pre-existing key usage in CA creation.

Name	Value
Signature	`GenerateCertificateAuthorityWithPEMKey( cn string, daysValid int, privPEM string, ) (Certificate, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ generateCertificateAuthorityWithPEMKey "example.com" 365 "privPEM" }} // Output: {"Cert":"b64cert","Key":"b64key"} ``` {% endtab %} {% endtabs %} ### genSelfSignedCert The function generates a new, self-signed x509 certificate using a 2048-bit RSA private key, allowing for secure communication without relying on an external certificate authority.

Name	Value
Signature	`GenerateSelfSignedCertificate( cn string, ips []any, alternateDNS []any, daysValid int, ) (Certificate, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ generateSelfSignedCertificate "example.com" ["127.0.0.1"] ["localhost"] 365 }} // Output: {"Cert":"b64cert","Key":"b64key"} ``` {% endtab %} {% endtabs %} ### genSelfSignedCertWithKey The function generates a new, self-signed x509 certificate using a provided private key in PEM format. This allows you to create a self-signed certificate with an existing PEM-encoded private key, offering more control over the certificate generation process.

Name	Value
Signature	`GenerateSelfSignedCertificateWithPEMKey( cn string, ips []any, alternateDNS []any, daysValid int, privPEM string, ) (Certificate, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ generateSelfSignedCertificateWithPEMKey "example.com" ["127.0.0.1"] ["localhost"] 365 "privPEM" }} // Output: {"Cert":"b64cert","Key":"b64key"} ``` {% endtab %} {% endtabs %} ### genSignedCert The function generates a new x509 certificate that is signed by a given Certificate Authority (CA) certificate. This allows for the creation of certificates that are trusted by the CA, ensuring secure communication within a trusted network.

Name	Value
Signature	`GenerateSignedCertificate( cn string, ips []any, alternateDNS []any, daysValid int, ca Certificate, ) (Certificate, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ generateSignedCertificate "example.com" ["127.0.0.1"] ["localhost"] 365 ca }} // Output: {"Cert":"b64cert","Key":"b64key"} ``` {% endtab %} {% endtabs %} ### genSignedCertWithKey The function generates a new, signed x509 certificate using a given Certificate Authority (CA) certificate and a private key in PEM format. This allows for the creation of a certificate that is not only signed by a trusted CA but also utilizes a specific PEM-encoded private key, ensuring secure and authenticated communication.

Name	Value
Signature	`GenerateSignedCertificateWithPEMKey( cn string, ips []any, alternateDNS []any, daysValid int, ca Certificate, privPEM string, ) (Certificate, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ generateSignedCertificateWithPEMKey "example.com" ["127.0.0.1"] ["localhost"] 365 ca "privPEM" }} // Output: {"Cert":"b64cert","Key":"b64key"} ``` {% endtab %} {% endtabs %} ### encryptAES The function encrypts a plaintext string using AES encryption, with the encryption key derived from the provided password. This ensures that the data is securely encrypted, making it unreadable without the correct password.

Name	Value
Signature	`EncryptAES(password string, plaintext string) (string, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ encryptAES "password" "plaintext" }} // Output: "b64encrypted" ``` {% endtab %} {% endtabs %} ### decryptAES The function decrypts a base64-encoded string that was encrypted using AES encryption, using the provided password to return the original plaintext.

Name	Value
Signature	`DecryptAES(password string, crypt64 string) (string, error)`

{% tabs %} {% tab title="Template Example" %} ```go {{ decryptAES "password" "b64encrypted" }} // Output: "plaintext" ``` {% endtab %} {% endtabs %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.atom.codes/sprout/registries/crypto.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.