/NaCl.Core

🔑 NaCl.Core, a cryptography library for .NET

Primary LanguageC#MIT LicenseMIT

NaCl.Core, a cryptography library for .NET

Build Status CI Build status Build Status contributions welcome

Introduction

NaCl.Core is a managed-only cryptography library for .NET which provides modern cryptographic primitives.

Currently supported:

Crypto Description
Salsa20 A high-speed stream cipher part of the family of 256-bit stream ciphers designed in 2005 and submitted to eSTREAM, the ECRYPT Stream Cipher Project
ChaCha20 A high-speed stream cipher based on Salsa20
XChaCha20 Based on ChaCha20 IETF with extended nonce (192-bit instead of 96-bit)
Poly1305 A state-of-the-art secret-key message-authentication code (MAC) based on RFC8439
ChaCha20Poly1305 An Authenticated Encryption with Associated Data (AEAD) algorithm; IETF variant as defined in RFC8439 and in its predecessor RFC7539
XChaCha20Poly1305 A variant of ChaCha20-Poly1305 that utilizes the XChaCha20 construction in place of ChaCha20; as defined in the RFC Draft

Installation

NuGet CI NuGet

Install the NaCl.Core NuGet package from the .NET CLI using:

dotnet add package NaCl.Core

or from the NuGet package manager:

Install-Package NaCl.Core

Or alternatively, you can add the NaCl.Core package from within Visual Studio's NuGet package manager.

Daily NuGet builds of the project are also available in the Azure Artifacts feed:

https://pkgs.dev.azure.com/idaviddesmet/NaCl.Core/_packaging/NaCl.Core-CI/nuget/v3/index.json

Usage

Symmetric Key Encryption

// Create the primitive
var aead = new ChaCha20Poly1305(key);

// Use the primitive to encrypt a plaintext
aead.Encrypt(nonce, plaintext, ciphertext, tag, aad);

// ... or to decrypt a ciphertext
aead.Decrypt(nonce, ciphertext, tag, plaintext, aad);

MAC (Message Authentication Code)

// Use the primitive to compute a tag
Poly1305.ComputeMac(key, data, tag);

// ... or to verify a tag
Poly1305.VerifyMac(key, data, tag);

Test Coverage

Azure DevOps tests Azure DevOps coverage codecov

  • Includes the mandatory RFC test vectors.
  • Project Wycheproof by members of Google Security Team, for testing against known attacks (when applicable).

Learn More

License