Snail.Toolkit.Cryptography 1.0.2

.NET 9.0 This package targets .NET 9.0. The package is compatible with this framework or higher. 
dotnet add package Snail.Toolkit.Cryptography --version 1.0.2
                    


                    

                
NuGet\Install-Package Snail.Toolkit.Cryptography -Version 1.0.2
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Snail.Toolkit.Cryptography" Version="1.0.2" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Snail.Toolkit.Cryptography" Version="1.0.2" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Snail.Toolkit.Cryptography" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Snail.Toolkit.Cryptography --version 1.0.2
                    


                    

                
#r "nuget: Snail.Toolkit.Cryptography, 1.0.2"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#addin nuget:?package=Snail.Toolkit.Cryptography&version=1.0.2
                    


                            Install Snail.Toolkit.Cryptography as a Cake Addin
                        

                    

                
#tool nuget:?package=Snail.Toolkit.Cryptography&version=1.0.2
                    


                            Install Snail.Toolkit.Cryptography as a Cake Tool

Toolkit.Cryptography

A robust extension for System.Security.Cryptography providing simplified symmetric encryption using AES with PBKDF2 key derivation.

Features

  • AES Encryption: 128/192/256-bit symmetric encryption
  • PBKDF2 Key Derivation: Secure password-based key generation
  • Async API: All operations are asynchronous
  • Multiple Input Formats: Support for raw bytes and Base64 strings
  • Configurable Security: Customizable iterations, hash algorithms, and key lengths

Installation

dotnet add package Snail.Toolkit.Cryptography

Configuration

Basic Setup

builder.Services.AddSymmetricCipher(o =>
{
    o.Passphrase = "YourSecurePassphrase123!"; // Minimum 12 characters
    o.IV = "Random16ByteValue=="; // Should be cryptographically random
    o.Iterations = 600_000; // Recommended ≥100,000 for production
    o.HashMethod = HashAlgo.SHA512;
    o.DesiredKeyLength = 32; // 256-bit AES
});

Configuration from appsettings.json

{
  "Cryptography": {
    "Passphrase": "YourSecurePassphrase123!",
    "IV": "Random16ByteValue==",
    "Salt": "Random16ByteSalt==",
    "Iterations": 600000,
    "DesiredKeyLength": 32,
    "HashMethod": "SHA512"
  }
}

builder.Services.AddSymmetricCipher(builder.Configuration);

Default Values (Development Only)

builder.Services.AddSymmetricCipher(); // INSECURE for production!

Usage

Dependency Injection

public class MyService(ISymmetricCipher crypto)
{
    public async Task<string> SecureOperation(string data)
    {
        var encrypted = await crypto.EncryptToBase64Async(data);
        // ... store encrypted data
        return await crypto.DecryptFromBase64Async(encrypted);
    }
}

Basic Operations

// Encryption
var ciphertext = await _crypto.EncryptToBase64Async("Sensitive data");
var rawCipher = await _crypto.EncryptAsync(new byte[] { 1, 2, 3, 4, 5 });

// Decryption
var plaintext = await _crypto.DecryptFromBase64Async(ciphertext);
var rawBytes = await _crypto.DecryptAsync(rawCipher);

Security Recommendations

  1. Passphrase:

    • Use 12+ characters with mixed cases, numbers, and symbols
    • Store in secure secret manager (not in code/config files)

  2. Initialization Vector (IV):

    • Should be 16 random bytes (128 bits)
    • Never reuse with same key
    • Store with ciphertext (doesn't need to be secret)

  3. Key Derivation:

    • Use ≥100,000 iterations for PBKDF2
    • Prefer SHA-384 or SHA-512 as hash algorithm
    • Always use random salt (16+ bytes recommended)

  4. Key Length:

    • Use 32 bytes (256-bit) for maximum AES security

Supported Algorithms

Hash Algorithms

  • ✅ SHA-256 (minimum recommended)
  • ✅ SHA-384 (balanced security/performance)
  • ✅ SHA-512 (maximum security)
  • ⚠️ SHA-1 (deprecated - legacy support only)

Unsupported Algorithms

  • ❌ MD5 (cryptographically broken)
  • ❌ SHA-3 variants (future implementation)

Security Considerations

⚠️ Important: The default configuration is INSECURE and should only be used for development/testing. Always provide proper configuration in production environments.

License

Toolkit.Cryptography is a free and open source project, released under the permissible MIT license.

Product Compatible and additional computed target framework versions.
.NET net9.0 is compatible.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on Snail.Toolkit.Cryptography:

Package Downloads
Snail.Toolkit.Blazor.Extensions.Cryptography

Extension for the framework Blazor

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.2 105 5/31/2025
1.0.1 84 5/31/2025
1.0.0 216 5/15/2025