Skip to content
/ virgil-crypto-net Public

Virgil .NET Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.

developer.virgilsecurity.com/docs/how-to#cryptography
5 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

VirgilSecurity/virgil-crypto-net

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
managed
managed
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Library: Virgil Crypto for managed .NET

This library implements ICrypto interface in Virgil SDK .NET using Bouncy Castle library and Chaos.NaCL Ed25519/Curve25519 implementation

Installation and usage

Nuget location: http://www.nuget.org/packages/virgil.sdk.managedcrypto

Install-Package Virgil.SDK -Pre
Install-Package Virgil.SDK.ManagedCrypto -Pre

Use this crypto with Virgil SDK that will provide your to create an secure application using Virgil Security services.

Usage

The ManagedCrypto class provides cryptographic operations in applications, such as hashing, signature generation and verification, and encryption and decryption.

var crypto = new ManagedCrypto();

Generate Keys

The following code sample illustrates key pair generation.

 var aliceKeys = crypto.GenerateKeys();

Import and Export Keys

All crypto api methods accept and return keys in an internal format. To get the raw key data as byte[] object use ExportPrivateKey and ExportPublicKey methods of crypto passing the appropriate internal key representation. To get the internal key representation out of the raw key data use ImportPrivateKey and ImportPublicKey respectively:

 var exportedPrivateKey = crypto.ExportPrivateKey(aliceKeys.PrivateKey);
 var exportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);

 var privateKey = crypto.importPrivateKey(exportedPrivateKey);
 var publicKey = crypto.importPublicKey(exportedPublicKey);

If you want to encrypt the private key before exporting it you must provide a password to encrypt the key with as a second parameter to ExportPrivateKey function. Similarly, if you want to import a private key that has been encrypted - provide a password as a second parameter to ImportPrivateKey method:

var exportedEncryptedKey = crypto.ExportPrivateKey(aliceKeys.PrivateKey, 'pa$$w0rd');
var importedEncryptedKey = crypto.ImportPublicKey(exportedPublicKey, 'pa$$w0rd');

Encryption and Decryption

Data encryption using ECIES scheme with AES-GCM.

Generate keypair

var alice = crypto.GenerateKeys();

Encrypt Data

The crypto.Encrypt method requires two parameters:

  • data - The data to be encrypted as a byte[]
  • recipients - Public key or an array of Public keys to encrypt the data with
var plaintext = Encoding.UTF8.GetBytes("Nice and easy");
var cipherData = crypto.Encrypt(plaintext, alice.PublicKey);

Decrypt Data

The crypto.Decrypt method requires two parameters:

  • cipherData - Encrypted data as a byte[]
  • privateKey - The Private key to decrypt with
var decryptedData = crypto.Decrypt(cipherData, alice.PrivateKey);

Signatures

This section walks you through the steps necessary to use the crypto to generate a digital signature for data and to verify that a signature is authentic.

Generate a new Public/Private keypair and data to be signed.

var alice = crypto.GenerateKeys();
var data = Encoding.UTF8.GetBytes("Hello Bob, How are you?");

Generate Signature

Sign the SHA-384 fingerprint of data using your private key. To generate the signature, simply call one of the sign methods:

var signature = crypto.Sign(data, alice.PrivateKey);

Verify Signature

Verify the signature of the SHA-384 fingerprint of data using Public key. The signature can now be verified by calling the verify method:

 var isValid = crypto.Verify(data, signature, alice.PublicKey);

Authenticated Encryption

Authenticated Encryption provides both data confidentiality and data integrity assurances to the information being protected.

 
var alice = crypto.GenerateKeys();
var bob = crypto.GenerateKeys();

// The data to be signed with alice's Private key
var data = Encoding.UTF8.GetBytes("Hello Bob, How are you?");

Sign then encrypt

Generates the signature, encrypts the data and attaches the signature to the cipher data. Returns a signed cipher data. To encrypt for multiple recipients, pass an array of public keys as third parameter

var cipherData = crypto.SignThenEncrypt(data, alice.PrivateKey, bob.PublicKey);

Decrypt then verify

Decrypts the data and verifies attached signature. Returns decrypted data if verification succeeded or throws CryptoException if it failed.

var decryptedData = crypto.DecryptThenVerify(cipherData, bob.PrivateKey, alice.PublicKey);

Fingerprint Generation

The default algorithm for Fingerprint generation is SHA-256.

var content = Encoding.UTF8.GetBytes("CONTENT_TO_CALCULATE_FINGERPRINT_OF");
var fingerprint = crypto.CalculateFingerprint(content);

It supports:

  • Ed25519 public/private keys import/export
  • ECIES encryption/decryption using Curve25519/AES-GCM/SHA384
  • EDDSA signatures

About

Virgil .NET Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.

developer.virgilsecurity.com/docs/how-to#cryptography

Topics

cryptography crypto encryption hipaa e2ee gdpr end-to-end-encryption

Resources

Readme
Activity
Custom properties

Stars

5 stars

Watchers

7 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages