Home

Awesome

Library: Virgil Crypto for managed .NET

This library implements ICrypto interface in Virgil SDK .NET using Bouncy Castle library and Chaos.NaCL Ed25519/Curve25519 implementation

Installation and usage

Nuget location: http://www.nuget.org/packages/virgil.sdk.managedcrypto

Install-Package Virgil.SDK -Pre
Install-Package Virgil.SDK.ManagedCrypto -Pre

Use this crypto with Virgil SDK that will provide your to create an secure application using Virgil Security services.

Usage

The ManagedCrypto class provides cryptographic operations in applications, such as hashing, signature generation and verification, and encryption and decryption.

var crypto = new ManagedCrypto();

Generate Keys

The following code sample illustrates key pair generation.

 var aliceKeys = crypto.GenerateKeys();

Import and Export Keys

All crypto api methods accept and return keys in an internal format. To get the raw key data as byte[] object use ExportPrivateKey and ExportPublicKey methods of crypto passing the appropriate internal key representation. To get the internal key representation out of the raw key data use ImportPrivateKey and ImportPublicKey respectively:

 var exportedPrivateKey = crypto.ExportPrivateKey(aliceKeys.PrivateKey);
 var exportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);

 var privateKey = crypto.importPrivateKey(exportedPrivateKey);
 var publicKey = crypto.importPublicKey(exportedPublicKey);

If you want to encrypt the private key before exporting it you must provide a password to encrypt the key with as a second parameter to ExportPrivateKey function. Similarly, if you want to import a private key that has been encrypted - provide a password as a second parameter to ImportPrivateKey method:

var exportedEncryptedKey = crypto.ExportPrivateKey(aliceKeys.PrivateKey, 'pa$$w0rd');
var importedEncryptedKey = crypto.ImportPublicKey(exportedPublicKey, 'pa$$w0rd');

Encryption and Decryption

Data encryption using ECIES scheme with AES-GCM.

Generate keypair

var alice = crypto.GenerateKeys();

Encrypt Data

The crypto.Encrypt method requires two parameters:

var plaintext = Encoding.UTF8.GetBytes("Nice and easy");
var cipherData = crypto.Encrypt(plaintext, alice.PublicKey);

Decrypt Data

The crypto.Decrypt method requires two parameters:

var decryptedData = crypto.Decrypt(cipherData, alice.PrivateKey);

Signatures

This section walks you through the steps necessary to use the crypto to generate a digital signature for data and to verify that a signature is authentic.

Generate a new Public/Private keypair and data to be signed.

var alice = crypto.GenerateKeys();
var data = Encoding.UTF8.GetBytes("Hello Bob, How are you?");

Generate Signature

Sign the SHA-384 fingerprint of data using your private key. To generate the signature, simply call one of the sign methods:

var signature = crypto.Sign(data, alice.PrivateKey);

Verify Signature

Verify the signature of the SHA-384 fingerprint of data using Public key. The signature can now be verified by calling the verify method:

 var isValid = crypto.Verify(data, signature, alice.PublicKey);

Authenticated Encryption

Authenticated Encryption provides both data confidentiality and data integrity assurances to the information being protected.

 
var alice = crypto.GenerateKeys();
var bob = crypto.GenerateKeys();

// The data to be signed with alice's Private key
var data = Encoding.UTF8.GetBytes("Hello Bob, How are you?");

Sign then encrypt

Generates the signature, encrypts the data and attaches the signature to the cipher data. Returns a signed cipher data. To encrypt for multiple recipients, pass an array of public keys as third parameter

var cipherData = crypto.SignThenEncrypt(data, alice.PrivateKey, bob.PublicKey);

Decrypt then verify

Decrypts the data and verifies attached signature. Returns decrypted data if verification succeeded or throws CryptoException if it failed.

var decryptedData = crypto.DecryptThenVerify(cipherData, bob.PrivateKey, alice.PublicKey);

Fingerprint Generation

The default algorithm for Fingerprint generation is SHA-256.

var content = Encoding.UTF8.GetBytes("CONTENT_TO_CALCULATE_FINGERPRINT_OF");
var fingerprint = crypto.CalculateFingerprint(content);

It supports: