AspdotnetCodes.com
Search
Articles
Books
Resources
Asp.Net News
Downloads
Free Tech Magazines
Asp.Net Web Hosting
Archives
Softwares
Newsletter
Suggest Us
Link to Us
Feeds Subscription
Articles
Questions & Answers
Tips & Tricks
 Bonnie.NET Cryptographic API (Free)
Post New Projects
 
Bonnie.NET is a cryptographic API written for the Microsoft® .NET Framework. It allows the generation and management of cryptographic objects based on the today most used cryptographic algorithms.

Bonnie.NET reorganized the cryptographic classes of the Microsoft® .NET Framework giving to them a more developer-friendly common interfaces. Those permit the utilization of cryptographic elements even to the novices, allowing however the possibility to the cryptographic experts to implement complex cryptographic systems.


From a security point of view, Bonnie.NET is developed and maintained with great attention about security and code security. In fact, all the cryptographic operation are based on the today most secure standards and those are combined with the excellent protection level achieved by the .NET framework 3.5.

All cryptographic data are kept secure in memory by the utilization of the SecureString class and ProtectedMemory class of the .NET framework. Moreover, the cryptographic objects inside the API are disposed and immediately garbage collected as soon as they complete their job. All the assembly methods are controlled by implementing the code access security (CAS) features of the .NET framework. This permits to control, inside the assembly, every operation that can be exposed to a security risk.

Bonnie.NET implements CAS policy in such a way that, accessing to the system resource, all permissions are denied exception made for those that must be strictly utilized. For those, checks about permissions of the callers are made.

Finally, all the methods of the API implement a sophisticated mechanism for the exception management, allowing the developer the control, in an accurate way, of all the exception conditions that can occur during the Bonnie.NET utilization, giving to her/him the possibility to monitor all the security checks performed when those checks detect some failure.

Bonnie.NET is based on a series of objects that encapsulated common related cryptographic algorithm. Every object need a keys and random string generation source. This is represented by the static class CryptoSeedsGenerator. It contains methods that permits the generation of common cryptographic elements, such as random string and keys. Those elements act as seeds for the related cryptographic algorithms.

To generate a random string, the following method must be utilize:

string pwd = CryptoSeedsGenerator.GenerateRandomString(10);

It generates a string of 10 character, mixing alphanumeric and non-alphanumeric characters. Other overload of the method permits to generate random strings in more granular way.

The string generated can be utilize for the generation of crytpographic keys using the RFC2898 methods:


byte[] key = CryptoObjectsGenerator.GenerateRfc2898DerivedKey(pwd, SymKeyLenght.Bit256);


It generated a cryptographic key (as array of bytes) made by 256 bit.



To perform symmetric encryption, the SymCrypter object must be utilize. It implements all the methods needed to perform symmetric encryption using the common today adopted algorithms (AES, DES, RCS, TripleDES, Rijndael) For example:

/*Instantiate the object*/
SymCrypter crypter = new SymCrypter();

/*Let key and ivVector two byte array generate as in the previous example.
Then fills the crypter with those inizialization data*/

crypter.Create(key, ivVector);

/*Let text being the input string and w the output encrypted string. Then:
encrypts the input string*/

string w = crypter.Encrypt(text);


To perform hash generation, the HashBuilder object must be utilize. It generate hashes of input data using algorithms such as MD5, SHA1, SHA256, SHA384, SHA512 and RIPEMD160. To utilize it for SHA1 hash generation, use the following piece of code:

/*creates an HashBuilder objects*/

HashBuilder hBuilder = new HashBuilder();

/*fills the HashBuilder object with its inizialization data*/

hBuilder.Create(HashAlgorithmType.SHA1);

/*Let text being the input text and hsh the output hashed string.
Then: creates the hash string*/

string hsh = hBuilder.ComputeHash(text);

The Hash can be verified with the following method:

/*verifies the hash created*/

bool isOk = hBuilder.VerifyHash(hsh,text);


Bonnie.NET can perform keyed hash generation too. The object that must be utilize for that is KeyedHashBuilder object. It generates message authentication codes (MAC) utilizing an Hash algorithm and an input secret key by utilizing well know algorithms such as HMACMD5, HMACSHA1, HMACSHA256, HMACSHA384, HMACSHA512, HMACRIPEMD160 and MacTripleDES:

/*creates a KeyedHashBuilder objects*/

KeyedHashBuilder khBuilder = new KeyedHashBuilder();

/*Let key being the key generated with the method seen previously.
Then fills the KeyedHashBuilder object with its inizialization data*/

khBuilder.Create(KeyedHashAlgorithmType.HMACSHA1,key);

/*creates the keyed-hash string*/

string kHsh = khBuilder.ComputeHash(text);


The Keyed Hash can be verified with the following method:


/*verifies the hash created*/

bool isOk = khBuilder.VerifyHash(kHsh,text);


Finally, Bonnie.NET allows the signature of texts, bytes array and streams. In this case, an object derived form Signer object must be utilize. It can be a SystemSigner, that utilize cryptographic asymmetric keys generate with Microsoft Crypto Service Provider and stored on your computer, a SmartCardSigner, that utilize a Crypto Service Provider stored on some type of Smart Card or a X509Signer, that utilizes a X509 certificate to perform signature.

For example, to perform signature utilizing a X509 certificate stored on your computer with friendly name given by "test-certificate" the following piece of code must be utilize:

/*creates an X509Signer objects*/

X509Signer signer = new X509Signer();

/*fills the X509Signer object with its inizialization data*/

signer.Create("test-certificate");

/*Let text being the input text and signature the output signed string.
Then computes the signature*/

string signature = signer.Sign(text);

The signature can then be verified:

/*verifies the signature computed.*/

bool ok = signer.Verify(text,signature);

Disclaimer: AspdotnetCodes.com provides no guarantee or warrantee that this component will work on every system or environment. This component is supplied free of cost only for the purpose of educating our website users. It is up to the user to set it up to function properly. And AspdotnetCodes.com declares this as a 3rd Party component and we haven’t tested and verified the functionality or the accuracy of this component.

Click here to download Bonnie.NET Cryptographic API
Sponsored by
The JavaScript Anthology: 101 Essential Tips, Tricks & Hacks - Free 158 Page Preview
Easing the Migration to Microsoft SQL Server 2005
Integrating Silverlight 4 with SharePoint 2010 - Free 42 Page Sample Chapter