{"id":21015574,"url":"https://github.com/lostbeard/spawndev.blazorjs.cryptography","last_synced_at":"2025-07-30T03:03:42.509Z","repository":{"id":262519091,"uuid":"887500285","full_name":"LostBeard/SpawnDev.BlazorJS.Cryptography","owner":"LostBeard","description":"A cross platform cryptography library that supports encryption with AES-GCM and AES-CBC, shared secret generation with ECDH, data signatures with ECDSA, and hashing with SHA on Windows, Linux, and Browser (Blazor WebAssembly) platforms.","archived":false,"fork":false,"pushed_at":"2025-05-05T13:17:53.000Z","size":293,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-08T18:50:58.122Z","etag":null,"topics":["aes-cbc","aes-gcm","blazor","blazor-webassembly","cryptography","csharp","dotnet","ecdh","ecdsa","encryption","server","sha-hashes","subtlecrypto","webbrowser"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/LostBeard.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-12T20:55:45.000Z","updated_at":"2025-05-05T13:17:56.000Z","dependencies_parsed_at":"2024-11-12T21:48:19.809Z","dependency_job_id":null,"html_url":"https://github.com/LostBeard/SpawnDev.BlazorJS.Cryptography","commit_stats":null,"previous_names":["lostbeard/spawndev.blazorjs.cryptography"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LostBeard%2FSpawnDev.BlazorJS.Cryptography","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LostBeard%2FSpawnDev.BlazorJS.Cryptography/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LostBeard%2FSpawnDev.BlazorJS.Cryptography/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LostBeard%2FSpawnDev.BlazorJS.Cryptography/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/LostBeard","download_url":"https://codeload.github.com/LostBeard/SpawnDev.BlazorJS.Cryptography/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254282235,"owners_count":22045123,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes-cbc","aes-gcm","blazor","blazor-webassembly","cryptography","csharp","dotnet","ecdh","ecdsa","encryption","server","sha-hashes","subtlecrypto","webbrowser"],"created_at":"2024-11-19T10:10:27.549Z","updated_at":"2025-05-15T05:32:11.030Z","avatar_url":"https://github.com/LostBeard.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SpawnDev.BlazorJS.Cryptography\n\n[![NuGet](https://badge.fury.io/nu/SpawnDev.BlazorJS.Cryptography.svg?delta=9\u0026label=SpawnDev.BlazorJS.Cryptography)](https://www.nuget.org/packages/SpawnDev.BlazorJS.Cryptography)\n\n.Net cryptography library for Blazor, .Net Web APIs, and .Net apps. Supports browser and non-browser platforms.\n\n### The problem this library solves\nMost of Microsoft's System.Security.Cryptography library is marked `[UnsupportedOSPlatform(\"browser\")]`. To work around this limitation, the browser's built in [SubtleCrypto](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto) API is used when running in the browser and Microsoft's System.Security.Cryptography libraries are used when running on non-browser platforms.\n\n### Features\n- AES-GCM - symmetric encryption and decryption\n- ECDH - shared secret generation (enables asymmetric encryption)\n- ECDSA - data signing and verification\n- SHA - data hashing\n\n### PortableCrypto Classes\nThe classes `DotNetCrypto`, `BrowserCrypto`, and `BrowserWASMCrypto` all inherit from [`PortableCrypto`](#portablecrypto-abstract-class) to provide a shared interface to common cryptography methods regardless of the platform the app is being executed on.\n   \n**DotNetCrypto**  \n- Uses .Net System.Security.Cryptography on the executing platform\n- Browser platform not supported\n- Supports non-browser platforms (windows, linux, etc)\n- Targets Blazor server, .Net Web APIs, any non-browser platform .Net Apps\n  \n**BrowserCrypto**\n- Uses IJSRuntime to access the browser's [SubtleCrypto](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto) API\n- Supports both server rendering and WebAssembly rendering modes\n- Targets the browser platform via Blazor server or Blazor WebAssembly\n  \n**BrowserWASMCrypto**\n- Uses IJInProcessSRuntime to access the browser's [SubtleCrypto](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto) API\n- Supports only WebAssembly rendering\n- Targets the browser via Blazor WebAssembly\n\n### Getting started\n\nAdd the Nuget package\n```nuget\ndotnet add package SpawnDev.BlazorJS.Cryptography\n```\n\n#### Web API Server Project\nWeb API Server Program.cs\n```cs\n// Crypto for the server. Uses System.Security.Cryptography.\nbuilder.Services.AddSingleton\u003cDotNetCrypto\u003e();\n```\n\n#### Blazor Server Project\nBlazor Server Program.cs\n```cs\n\n// Add BlazorJSRuntime service\nbuilder.Services.AddBlazorJSRuntime();\n\n// Crypto for the server. Uses System.Security.Cryptography.\nbuilder.Services.AddSingleton\u003cDotNetCrypto\u003e();\n\n// Crypto for the browser. Uses the browser's SubtleCrypto API via IJSRuntime.\n// Used on server for server side rendering\nbuilder.Services.AddScoped\u003cBrowserCrypto\u003e();\n```\n\n#### Blazor WebAssembly\nWebAssembly Program.cs \n```cs\n// Add BlazorJSRuntime service\nbuilder.Services.AddBlazorJSRuntime();\n\n// Crypto for the browser. Uses the browser's SubtleCrypto API.\n// Used in Blazor WebAssembly for WebAssembly rendering\nbuilder.Services.AddScoped\u003cBrowserCrypto\u003e();\n```\n\n### SHA Example\n- The below example, taken from the demo project, runs in Blazor server side rendering to test SHA hashing using the DotNetCrypto on the server and BrowserCrypto using IJSRuntime to run on the client browser.\n```cs\nvar data = new byte[] { 0, 1, 2 };\n// - Server\n// DotNetCrypto indicated by the appended D, executes on the server using Microsoft.Security.Cryptography\nvar hashD = await DotNetCrypto.Digest(\"SHA-512\", data);\n\n// - Browser\n// BrowserCrypto indicated by the appended B, executes on the browser using Javascript's SubtleCrypto APIs\nvar hashB = await BrowserCrypto.Digest(\"SHA-512\", data);\n\n// verify the hashes match\nif (!hashB.SequenceEqual(hashD))\n{\n    throw new Exception(\"Hash mismatch\");\n}\n```\n\n### ECDH Example\n- The below example, taken from the demo project, runs in Blazor server side rendering to test ECDH using the DotNetCrypto on the server and BrowserCrypto using IJSRuntime to run on the client browser.\n```cs\n// - Server\n// generate server ECDH key\nvar ecdhD = await DotNetCrypto.GenerateECDHKey();\n// export ecdhD public key for browser to use\nvar ecdhDPublicKeyBytes = await DotNetCrypto.ExportPublicKeySpki(ecdhD);\n\n// - Browser\n// generate browser ECDH key\nvar ecdhB = await BrowserCrypto.GenerateECDHKey();\n// export ecdhB public key for server to use\nvar ecdhBPublicKeyBytes = await BrowserCrypto.ExportPublicKeySpki(ecdhB);\n\n// - Server\n// import the browser's ECDH public key using DotNetCrypto so DotNetCrypto can work with it\nvar ecdhBPublicKeyD = await DotNetCrypto.ImportECDHKey(ecdhBPublicKeyBytes);\n// create shared secret\nvar sharedSecretD = await DotNetCrypto.DeriveBits(ecdhD, ecdhBPublicKeyD);\n\n// - Browser\n// import the server's ECDH public key using BrowserCrypto so BrowserCrypto can work with it\nvar ecdhDPublicKeyB = await BrowserCrypto.ImportECDHKey(ecdhDPublicKeyBytes);\n// create shared secret\nvar sharedSecretB = await BrowserCrypto.DeriveBits(ecdhB, ecdhDPublicKeyB);\n\n// verify the shared secrets match\nif (!sharedSecretB.SequenceEqual(sharedSecretD))\n{\n    throw new Exception(\"Shared secret mismatch\");\n}\n```\n\n## PortableCrypto Abstract Class\n\n### SHA - Data Hashing\n\n#### `Task\u003cbyte[]\u003e Digest(string hashName, byte[] data)`\n- Hash the specified data using the specified hash algorithm\n\n### ECDH - Shared secret generation\n\n#### `Task\u003cPortableECDHKey\u003e GenerateECDHKey(string namedCurve = NamedCurve.P521, bool extractable = true)`\n- Generate a new ECDH crypto key\n\n#### `Task\u003cbyte[]\u003e ExportPublicKeySpki(PortableECDHKey key)`\n- Export the ECDH public key in Spki format\n\n#### `Task\u003cbyte[]\u003e ExportPrivateKeyPkcs8(PortableECDHKey key)`\n- Export the ECDH private key in Pkcs8 format\n\n#### `Task\u003cPortableECDHKey\u003e ImportECDHKey(byte[] publicKeySpki, string namedCurve = NamedCurve.P521, bool extractable = true)`\n- Import the ECDH public key\n\n#### `Task\u003cPortableECDHKey\u003e ImportECDHKey(byte[] publicKeySpki, byte[] privateKeyPkcs8, string namedCurve = NamedCurve.P521, bool extractable = true)`\n- Import the ECDH private key\n\n#### `Task\u003cbyte[]\u003e DeriveBits(PortableECDHKey localPartyKey, PortableECDHKey otherPartyKey, int bitLength)`\n- Create a shared secret that is cross-platform compatible\n\n#### `Task\u003cbyte[]\u003e DeriveBits(PortableECDHKey localPartyKey, PortableECDHKey otherPartyKey)`\n- Create a shared secret that is cross-platform compatible\n\n### ECDSA - Data Signing\n\n#### `Task\u003cPortableECDSAKey\u003e GenerateECDSAKey(string namedCurve = NamedCurve.P521, bool extractable = true)`\n- Generate a new ECDSA key\n\n#### `Task\u003cbyte[]\u003e ExportPublicKeySpki(PortableECDSAKey key)`\n- Exports the ECDSA public key in Spki format\n\n#### `Task\u003cbyte[]\u003e ExportPrivateKeyPkcs8(PortableECDSAKey key)`\n- Exports the ECDSA private key in Pkcs8 format\n\n#### `Task\u003cPortableECDSAKey\u003e ImportECDSAKey(byte[] publicKeySpkiData, string namedCurve = NamedCurve.P521, bool extractable = true)`\n- Import an ECDSA public key\n\n#### `Task\u003cPortableECDSAKey\u003e ImportECDSAKey(byte[] publicKeySpkiData, byte[] privateKeyPkcs8Data, string namedCurve = NamedCurve.P521, bool extractable = true)`\n- Import an ECDSA public and private key\n\n#### `Task\u003cbool\u003e Verify(PortableECDSAKey key, byte[] data, byte[] signature, string hashName = HashName.SHA512)`\n- Verify a data signature\n\n#### `Task\u003cbyte[]\u003e Sign(PortableECDSAKey key, byte[] data, string hashName = HashName.SHA512)`\n- Sign data using an ECDSA key\n\n### AES-GCM - Data Encryption\n\n#### `Task\u003cPortableAESGCMKey\u003e GenerateAESGCMKey(byte[] secret, int iterations = 25000, string hashName = HashName.SHA256, int keySizeBytes = 32, int tagSizeBytes = 16, int nonceSizeBytes = 12, bool extractable = true)`\n- Generate an AES-GCM key using a secret byte array\n\n#### `Task\u003cPortableAESGCMKey\u003e GenerateAESGCMKey(byte[] secret, byte[] salt, int iterations = 25000, string hashName = HashName.SHA256, int keySizeBytes = 32, int tagSizeBytes = 16, int nonceSizeBytes = 12, bool extractable = true)`\n- Generate an AES-GCM key using a secret byte array and a salt\n\n#### `Task\u003cbyte[]\u003e Encrypt(PortableAESGCMKey key, byte[] plainBytes)`\n- Encrypt data using an AES-GCM key\n\n#### `Task\u003cbyte[]\u003e Decrypt(PortableAESGCMKey key, byte[] encryptedData)`\n- Decrypt data using an AES-GCM key","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flostbeard%2Fspawndev.blazorjs.cryptography","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flostbeard%2Fspawndev.blazorjs.cryptography","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flostbeard%2Fspawndev.blazorjs.cryptography/lists"}