Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Cryptography the .NET Way : Page 2

The .NET Framework classes for cryptography don't require you to become an expert mathematician or a cryptography guru. You'll find symmetric and asymmetric cryptographic providers as well as hash providers. Some of these provider classes end up calling into the unmanaged CryptoAPI library while other parts of the .NET cryptography solution are purely managed code.


advertisement
Cryptographic API
The .NET cryptographic classes are located in the System.Security.Cryptography namespace. Below this common root you'll find specialized namespaces for symmetric and asymmetric algorithms, hash functions, digital signatures, and random number generators. The .NET Framework implementation of cryptography builds on top of the unmanaged implementation of Microsoft CryptoAPI even though there are areas in it that are purely made of managed code.

The object model for the cryptographic API is layered and includes a first abstract level in which classes of algorithm are defined: SymmetricAlgorithm, AsymmetricAlgorithm, and HashAlgorithm. Each class contains a bunch of still abstract but more specific subclasses. Each subclass identifies a particular algorithm such as RC2, DES, and SHA1 (as well as others). Finally, the full implementation of cryptographic functions is available within provider classes that you actually use in .NET applications.

An application—no matter the model, be it Windows Forms, ASP.NET, or Web services—calls into the high-level API exposed by the classes. These classes in turn define a wrapper object to access the cryptographic service provider (CSP) implementation of the particular algorithm chosen.

From a design point of view, the CSP is the component that encrypts and decrypts. It is a separate component from the provider class that exposes the algorithm to the end user application. In general, a CSP is a server capable of performing a standard set of tasks related to cryptography. Each provider class—the class that .NET applications work with to do cryptographic tasks—relies on the CSP to physically perform the task. The CSP is hidden to the programmer in the sense that a developer uses a higher level programming interface. The CSP can be a Win32 unmanaged library or a managed class. If it is a Win32 component, it is one defined within the CryptoAPI library. In the .NET Framework, most classes use unmanaged Win32 providers defined by the CryptoAPI framework.

In Table 1 I've listed the cryptographic classes for symmetric algorithms. Table 2 and Table 3 list the classes for asymmetric and hash algorithms, respectively. As you can see, the classes with the Managed suffix are based on managed code; all the other classes call back into the unmanaged CryptoAPI service providers.

Table 1: Classes available for symmetric encryption. All classes inherit from SymmetricAlgorithm

Algorithm

Cryptographic class



Description

DES

DESCryptoServiceProvider

Wrapper class to access the standard CSP for the Data Encryption Standard (DES) algorithm

RC2

RC2CryptoServiceProvider

Wrapper class to access the standard CSP for the RC2 algorithm

Rijndael

RijndaelManaged

Wrapper class to access the standard CSP for the Rijndael algorithm. The CSP is made of managed code.

TripleDES

TripleDESCryptoServiceProvider

Wrapper class to access the standard CSP for the Triple DES algorithm



Table 2: Classes available for asymmetric encryption. All classes inherit from AsymmetricAlgorithm.

Algorithm

Cryptographic class

Description

DSA

DSACryptoServiceProvider

Wrapper class to access the standard CSP for the Digital Signature Algorithm (DSA) algorithm.

RSA

RSACryptoServiceProvider

Wrapper class to access the standard CSP for the RSA algorithm.



Table 3: Classes available for hash functions.

Algorithm

Cryptographic class

Description

MD5

MD5CryptoServiceProvider

Computes the MD5 hash for the input data using the implementation provided by the CSP.

SHA1

SHA1CryptoServiceProvider, SHA1Managed

The classes compute the SHA1 hash for the input data using the implementation provided by the CSP. The former class uses unmanaged code; the latter is based on managed code.

SHA256

SHA256Managed

Computes the SHA256 hash for the input data using managed code.

SHA384

SHA384Managed

Computes the SHA384 hash for the input data using managed code.

SHA512

SHA512Managed

Computes the SHA512 hash for the input data using managed code.




Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
Thanks for your registration, follow us on our social networks to keep up-to-date