Friday, August 07, 2009

Bonnie.Net – A free (reg-ware) .NET Framework Cryptographic API/library

Visual Studio Gallery - Bonnie.NET Standard Edition - .NET Framework Cryptographic API

Bonnie.NET is a cryptographic API written for the Microsoft® .NET Framework. It allows the generation and management of cryptographic objects based on the today most used cryptographic algorithms.

Bonnie.NET reorganized the cryptographic classes of the Microsoft® .NET Framework giving to them a more developer-friendly common interfaces. Those permit the utilization of cryptographic elements even to the novices, allowing however the possibility to the cryptographic experts to implement complex cryptographic systems.

From a security point of view, Bonnie.NET is developed and maintained with great attention about security and code security. 

In fact, all the cryptographic operation are based on the today most secure standards and those are combined with the excellent protection level achieved by the .NET framework 3.5.  

All cryptographic data are kept secure in memory by the utilization of the SecureString class and ProtectedMemory class of the .NET framework. Moreover, the cryptographic objects inside the API are disposed and immediately garbage collected as soon as they complete their job.

…”

wecoffeeBonnie.Net

“…

Bonnie.NET is a Microsoft® .NET framework API that implements almost all the instruments needed when developing code with enhanced data protection based on cryptography.

Bonnie.NET includes a complete set of instruments for X509 certificates and Smart Card based cryptography management

image

…”

From the PDF in the MSI;

“…

image

The principal crypto-objects are:
SymCrypter object: It implements all the methods needed to perform symmetric encryption using the common today adopted algorithms (AES, DES, RCS, TripleDES, Rijndael)

HashBuilder object: It permits to generate hashes of input data using algorithms such as MD5, SHA1, SHA256, SHA384, SHA512 and RIPEMD160

KeyedHashBuilder object: It generates message authentication codes (MAC) utilizing an Hash algorithm and an input secret key by utilizing well know algorithms such as HMACMD5, HMACSHA1, HMACSHA256, HMACSHA384, HMACSHA512, HMACRIPEMD160 and MacTripleDES.

Signer object: this object, with its derived classes, is responsible for signatures generation and validation. It utilized RSA or DSA asymmetric algorithms in conjunction with hash algorithms to obtain the signature of input data.

…”

From the license.txt;

“…

This software is free to use for commercial and non-commercial purposes. No commercial license is required.

…”

Plus there’s a good number of code samples;

image

 

Yes, I know .Net includes a number of native cryptographic features, but this free library seems to make them almost drop dead easy to use, all in a 125kb DLL.

Why do it the hard way when you can stand on the shoulders of giants? (when it’s free ;)

No comments: