The CLR Security Team just launched our CodePlex site: http://www.codeplex.com/clrsecurity. Currently, it contains two assemblies that provide additional functionality to the security APIs shipped in v3.5 of the .NET Framework.
We'd love your feedback on the currently offered libraries, and also welcome ideas for other libraries you'd like to see on our CodePlex site.
From the description page on the site, the two current libraries are:
Security.Cryptography.dll provides a new set of algorithm implementations to augment the built in .NET framework supported algorithms. It also provides some APIs to extend the existing framework cryptography APIs. Within this project you will find:
- A CNG implementation of the AES, RSA, and TripleDES encryption algorithms
- A CNG implementation of a random number generator
- A class that allows dynamically creating algorithms both from this library as well as all of the algorithms that ship with .NET 3.5
- An enumerator over all of the installed CNG providers on the current machine
- Extension methods that allow access to all of the keys installed in a CNG provider, as well as all of the algorithms the provider supports
Have you ever run into an indecipherable cryptographic exception complaining about "Padding is invalid and cannot be removed" when using the .NET Framework's symmetric algorithms? Since nearly all bugs relating to symmetric algorithms tend to result in this same exception, it can be incredibly difficult to track down exactly what went wrong to cause the exception. Security.Cryptography.Debug.dll is a tool that can be used in these circumstances in order to help you figure out the root cause of your cryptographic exception.