Org.X509Crypto
1.3.0
dotnet add package Org.X509Crypto --version 1.3.0
NuGet\Install-Package Org.X509Crypto -Version 1.3.0
<PackageReference Include="Org.X509Crypto" Version="1.3.0" />
paket add Org.X509Crypto --version 1.3.0
#r "nuget: Org.X509Crypto, 1.3.0"
// Install Org.X509Crypto as a Cake Addin #addin nuget:?package=Org.X509Crypto&version=1.3.0 // Install Org.X509Crypto as a Cake Tool #tool nuget:?package=Org.X509Crypto&version=1.3.0
Introducing the X509Crypto Data Encryption API
X509Crypto obfuscates most of the complexity involved with protecting data in .NET applications using encryption. It allows you to encrypt and recover text expressions and files using X509 digital certificates and key pairs. The latest release utilizes CNG and features an all-new companion PowerShell module! X509Crypto eliminates the need to include any secrets (even in an encrypted form) in your source code, configuration files or database tables.
API Documentation
The full X509Crypto API documentation can be found here
X509Crypto makes it easy to encrypt and recover text expressions in your .NET projects:
1. Install the X509Crypto PowerShell module:
The X509Crypto PowerShell module can be installed from the PowerShell Gallery.
> Install-Module X509Crypto
# ...Or if you are not an admin:
> Install-Module X509Crypto -Scope CurrentUser
2. Use the New-X509Alias cmdlet:
This cmdlet instantiates a new X509Crypto Alias (which stores encrypted secrets). In this example, we don't have a previously-existing certificate and key pair, so we'll execute the cmdlet without the -Thumbprint parameter, which will trigger the creation of a new certificate that will be automatically associated with this X509Alias.
> $Alias = New-X509Alias -Name myvault -Location user
New alias "myvault" committed to "user" X509Context
Thumbprint: B31FE7E7AE5229F8186782742CF579197FA859FD
3. Use the Protect-X509CryptoSecret PowerShell cmdlet to encrypt a secret
In this example, we'll be storing an API authentication key in the X509Alias "myvault". Secrets are stored in X509Aliases as key/value pairs, so we'll assign the identifier "apikey" to this new secret.
> $Alias | Protect-X509CryptoSecret -Id apkikey -Input '80EAF03248965AC2B78090'
Secret "apkikey" added to X509Alias "myvault4" in the user X509Context
3. Reference the secret in your program
Once you have an X509Alias established with your secret(s) added, it is trivial to retreive them in your program with the Org.X509Crypto nuget package installed:
using Org.X509Crypto;
namespace SampleApp
{
class Program
{
static void Main(string[] args)
{
// Instantiate the X509Alias object, referencing the "myvault" alias in the CurrentUser context
using (var Alias = new X509Alias(@"myvault", X509Context.UserReadOnly))
{
// Recover the plaintext secret "apikey" as plaintext in a string variable
string apiKey = Alias.RecoverSecret(@"apikey");
// Use the secret before leaving the "using" block so that it will be garbage-collected promptly
MyApi.Connect(apiKey);
}
}
}
}
<br>
Note that anything that can be done using the X509Crypto PowerShell module or the X509Crypto commandline utility can also be accomplished directly in the API.
Reach out to the project Owner: Mike Bruno with any questions or comments.
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. |
.NET Core | netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 is compatible. |
.NET Standard | netstandard2.0 is compatible. netstandard2.1 was computed. |
.NET Framework | net461 was computed. net462 is compatible. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed. |
MonoAndroid | monoandroid was computed. |
MonoMac | monomac was computed. |
MonoTouch | monotouch was computed. |
Tizen | tizen40 was computed. tizen60 was computed. |
Xamarin.iOS | xamarinios was computed. |
Xamarin.Mac | xamarinmac was computed. |
Xamarin.TVOS | xamarintvos was computed. |
Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETCoreApp 3.1
- BouncyCastle (>= 1.8.6.1)
- System.DirectoryServices (>= 5.0.0)
-
.NETFramework 4.6.2
- BouncyCastle (>= 1.8.6.1)
- System.DirectoryServices (>= 5.0.0)
-
.NETStandard 2.0
- BouncyCastle (>= 1.8.6.1)
- System.DirectoryServices (>= 5.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
1.3.0 | 514 | 12/4/2020 |
1.1.0 | 434 | 6/22/2020 |
1.1.0-beta | 486 | 6/19/2020 |
1.0.0 | 662 | 2/2/2019 |