Pandatech.Crypto 2.5.1

There is a newer version of this package available.
See the version list below for details.
dotnet add package Pandatech.Crypto --version 2.5.1                
NuGet\Install-Package Pandatech.Crypto -Version 2.5.1                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Pandatech.Crypto" Version="2.5.1" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Pandatech.Crypto --version 2.5.1                
#r "nuget: Pandatech.Crypto, 2.5.1"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Pandatech.Crypto as a Cake Addin
#addin nuget:?package=Pandatech.Crypto&version=2.5.1

// Install Pandatech.Crypto as a Cake Tool
#tool nuget:?package=Pandatech.Crypto&version=2.5.1                

1. PandaTech.Crypto

1.1. Introduction

Pandatech.Crypto is a powerful cryptographic utility library backed by 99% test coverage through unit tests. The library offers an array of static methods for secure data operations, including AES256 encryption and decryption, Argon2Id password hashing and verification, as well as utilities for generating cryptographic random bytes and passwords. Now, it also includes GZip compression and decompression functionalities.

Designed to work efficiently in containerized environments, the library performs effectively even with limited resources—hash generation takes under 500ms on a container with 1 vCore and 1GB of RAM.

1.2. Features

  • AES 256-bit Encryption/Decryption: Encrypt your data and get the IV and encrypted bytes in one array. Decrypt it back to its original form, seamlessly handling the IV. Note that you have option to encrypt with hash and decrypt ignoring hash. (for cases where you want to apply filtering on the encrypted data or check uniqueness of the encrypted data)
  • Argon2Id Hashing: Perform password hashing and verification with a focus on security and performance, leveraging the Argon2Id algorithm.
  • SHA-3 Hashing: Utilize 512-bit SHA-3 hashing for various applications.
  • Random Number/Password Generation: Generate cryptographic random bytes, AES256 keys, or strong passwords with specific character sets.
  • GZip Compression/Decompression: Efficiently compress and decompress data using GZip, with support for byte arrays and streams.
  • Masking: Mask sensitive information like email addresses and phone numbers, ensuring that they are partially hidden and thus safeguarded.
  • Performance Optimized: Tested to run efficiently in resource-constrained environments.
  • High Test Coverage: Confidence backed by 99% unit test coverage.

1.3. Installation

To use PandaTech.Crypto in your project, install the NuGet package using the following command in the Package Manager Console: Install-Package PandaTech.Crypto or, search for "PandaTech.Crypto" in the NuGet Package Manager and install it from there.

1.4. How to Use

1.4.1. Configuring Dependency Injection

First, you'll need to configure Aes256 and Argon2Id in your application. To do so, add the following code to your Program.cs file:

using Pandatech.Crypto;

// For Aes256
builder.services.AddPandatechCryptoAes256(options =>
{
  options.Key = "YourAes256KeyHere"; // Make sure to use a secure key
});

// For Argon2Id overriding default configurations
  builder.services.AddPandatechCryptoArgon2Id(options =>
{
   options.SaltSize = 16;
   options.DegreeOfParallelism = 8;
   options.Iterations = 5;
   options.MemorySize = 128 * 1024;
});

1.4.2. AES256 Class

1.4.2.1. Immutable Configurations
  1. IV: A random IV is generated for each Encryption, enhancing security.
  2. PaddingMode: PKCS7
1.4.2.2. Encryption/Decryption methods with hashing
byte[] cipherText = aes256.Encrypt("your-plaintext");
string plainText = aes256.Decrypt(cipherText);
1.4.2.3. Encryption/Decryption methods without hashing
byte[] cipherText = aes256.EncryptWithout("your-plaintext");
string plainText = aes256.DecryptWithout(cipherText);
1.4.2.4. Encryption/Decryption methods with custom key (overriding options for one time)
string customKey = "your-custom-base64-encoded-key";
byte[] cipherText = aes256.Encrypt("your-plaintext", customKey);
string plainText = aes256.Decrypt(cipherText, customKey);
1.4.2.5. Stream-based Encryption/Decryption methods

The AES256 class also supports stream-based operations, allowing for encryption and decryption directly on streams, which is ideal for handling large files or data streams efficiently.

using var inputStream = new MemoryStream(Encoding.UTF8.GetBytes("your-plaintext"));
using var outputStream = new MemoryStream();
aes256.EncryptStream(inputStream, outputStream, "your-custom-base64-encoded-key");
byte[] encryptedBytes = outputStream.ToArray();

using var inputStream = new MemoryStream(encryptedBytes);
using var outputStream = new MemoryStream();
aes256.DecryptStream(inputStream, outputStream, "your-custom-base64-encoded-key");
string decryptedText = Encoding.UTF8.GetString(outputStream.ToArray());

1.4.3. Argon2id Class

1.4.3.1. Default Configurations
  1. Salt: A random salt is generated for each password hash, enhancing security.
  2. DegreeOfParallelism: 8
  3. Iterations: 5
  4. MemorySize: 128 MB
1.4.3.2 Hash password and verify hash
// Example usage for hashing
var hashedPassword = _argon2Id.HashPassword("yourPassword");

// Example usage for verifying a hash
var isPasswordValid = _argon2Id.VerifyHash("yourPassword", hashedPassword);

1.4.4. Random Class

var randomBytes = Random.GenerateBytes(16);
var aesKey = Random.GenerateAes256KeyString();
var unimaginableUniqueAndRandomToken = Random.GenerateSecureToken() //256-bit token in string format

1.4.5. Password Class

var includeUppercase = true;
var includeLowercase = true;
var includeDigits = true;
var includeSpecialChars = true;

//Method for generating random password
string password = Password.GenerateRandom(16, includeUppercase, includeLowercase, includeDigits, includeSpecialChars);

//Method for validation of password
bool isValid = Password.Validate(password, 16, includeUppercase, includeLowercase, includeDigits, includeSpecialChars);

1.4.6. Sha3 Class

// Example usage for generating hash
var sha3Hash = Sha3.Hash("yourPlainText");

// Example usage for verifying a hash
var isHashValid = Sha3.VerifyHash("yourPlainText", sha3Hash);

1.4.7. GZip Class

Compression and Decompression The GZip class provides methods for compressing and decompressing data using GZip. It supports operations on strings, byte arrays, and streams.

Example usage for compressing and decompressing a string:

using Pandatech.Crypto;

// Compress a string
string data = "Sample Data";
byte[] compressedData = GZip.Compress(data);

// Decompress back to string
string decompressedData = Encoding.UTF8.GetString(GZip.Decompress(compressedData));

Example usage for compressing and decompressing with streams:

using var inputStream = new MemoryStream(Encoding.UTF8.GetBytes("Sample Data"));
using var compressedStream = new MemoryStream();
GZip.Compress(inputStream, compressedStream);
byte[] compressedData = compressedStream.ToArray();

using var inputStream = new MemoryStream(compressedData);
using var decompressedStream = new MemoryStream();
GZip.Decompress(inputStream, decompressedStream);
string decompressedData = Encoding.UTF8.GetString(decompressedStream.ToArray());

1.4.8. Mask Class

The Mask class in the PandaTech.Crypto library provides methods to mask sensitive information like email addresses and phone numbers, ensuring that they are partially hidden and thus safeguarded.

1.4.8.1. Masking Email Addresses

The MaskEmail method masks the local part of an email address, showing only the first two characters and replacing the rest with asterisks (*), keeping the domain part intact.

// Example usage for masking an email
string maskedEmail = Mask.MaskEmail("example@email.com");

// Output: "ex*****@email.com"
// Example usage for masking a phone number
string maskedPhone = Mask.MaskPhoneNumber("1234567890");

// Output: "******7890"

// You can also use the MaskEmail and MaskPhoneNumber methods as extension methods on strings
string maskedEmail = "example@email.com";
string maskedPhone = "1234567890";

string maskedEmail = maskedEmail.MaskEmail();
string maskedPhone = maskedPhone.MaskPhoneNumber();

1.5. License

PandaTech.Crypto is licensed under the MIT License.

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (2)

Showing the top 2 NuGet packages that depend on Pandatech.Crypto:

Package Downloads
Pandatech.SharedKernel

Pandatech.SharedKernel provides centralized configurations, utilities, and extensions for ASP.NET Core projects. For more information refere to readme.md document.

Pandatech.SharedKernel.Postgres

Pandatech.SharedKernel.Postgres simplifies PostgreSQL integration in ASP.NET Core applications by providing utilities for Entity Framework Core setup, health checks, and other enhancements.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
4.1.1 164 11/28/2024
4.1.0 93 11/26/2024
4.0.0 124 11/21/2024
3.0.0 93 10/28/2024
2.6.1 112 10/19/2024
2.6.0 100 10/19/2024
2.5.1 115 10/18/2024
2.5.0 157 6/21/2024
2.4.1 121 6/14/2024
2.4.0 129 6/13/2024
2.3.2 282 5/9/2024
2.3.1 608 3/6/2024
2.3.0 130 3/6/2024
2.2.11 120 3/6/2024
2.2.10 124 3/1/2024
2.2.9 148 2/17/2024
2.2.8 107 2/17/2024
2.2.7 136 2/12/2024
2.2.6 146 1/23/2024
2.2.5 116 1/23/2024
2.2.4 127 1/19/2024
2.2.3 482 11/29/2023
2.2.2 125 11/29/2023
2.2.1 234 11/23/2023
2.2.0 157 11/21/2023
2.1.10 152 11/11/2023
2.1.9 138 11/9/2023
2.1.8 232 11/7/2023
2.1.7 210 11/6/2023
2.1.6 126 11/3/2023
2.1.5 148 11/2/2023
2.1.4 132 11/1/2023
2.1.3 140 11/1/2023
2.1.2 139 10/31/2023
2.1.1 140 10/31/2023
2.1.0 139 10/31/2023
2.0.0 331 10/30/2023
1.1.6 153 10/30/2023
1.1.5 146 10/27/2023
1.1.4 130 10/27/2023
1.1.3 156 10/27/2023
1.1.2 169 10/16/2023
1.1.1 168 10/14/2023
1.1.0 159 10/14/2023
1.0.0 156 10/13/2023

Secure token generate method added