NSec

NSec is a modern and easy-to-use cryptographic library for .NET 6+ based on libsodium.

Example

The following C# example shows NSec can be used to sign some data with Ed25519 and verify the signature:

// select the Ed25519 signature algorithm
var algorithm = SignatureAlgorithm.Ed25519;

// create a new key pair
using var key = Key.Create(algorithm);

// generate some data to be signed
var data = Encoding.UTF8.GetBytes("Use the Force, Luke!");

// sign the data using the private key
var signature = algorithm.Sign(key, data);

// verify the data using the signature and the public key
if (algorithm.Verify(key.PublicKey, data, signature))
{
    // verified!
    ...
}

Installation

$ dotnet add package NSec.Cryptography --version 23.9.0-preview.3

NSec works with .NET 6 and later on Windows, Linux and macOS.

See Installation for more details.

Documentation

ClassAlgorithms
AeadAlgorithm ClassAEGIS-128L
AEGIS-256
AES256-GCM
ChaCha20-Poly1305
XChaCha20-Poly1305
HashAlgorithm ClassBLAKE2b (unkeyed)
SHA-256
SHA-512
KeyAgreementAlgorithm ClassX25519
KeyDerivationAlgorithm2 ClassHKDF-SHA-256
HKDF-SHA-512
MacAlgorithm ClassBLAKE2b (keyed)
HMAC-SHA-256
HMAC-SHA-512
PasswordBasedKeyDerivationAlgorithm ClassArgon2id
scrypt
SignatureAlgorithm ClassEd25519
SignatureAlgorithm2 ClassEd25519ph

See API Reference for detailed information.

Contributing

NSec is an open source project. Contributions to the code or documentation are highly welcome.

The development of NSec takes place in its GitHub repository. The easiest way to contribute is by submitting a pull request. Please ask before making a significant pull request (e.g., implementing any new features). If you’ve found a problem with NSec, please open an issue. Feature requests and questions are welcome, too.

Note

“Cryptography is not magic pixie dust that you can sprinkle on a system to make it secure.”

NSec aims to provide careful abstractions to make the work with modern cryptographic primitives relatively easy and pain-free. However, the primitives are not very useful by themselves and need to be combined into higher-level security protocols (such as TLS or CBOR Web Token). Don’t roll your own security protocols.

License

NSec is licensed under the MIT license.