Welcome

Welcome to the home page for the Bouncy Castle C# API!

The Legion of the Bouncy Castle C# Port

Software produced by this site is covered by the following license and was made possible with the help of the following contributors.

Release 1.3, 8th December 2007

Release includes the full lightweight API, as well as APIs for OpenPGP, CMS, TLS, X.509, and PKCS#12.
bccrypto-net-1.3-bin.zip Compiled assembly only.
      checksums: md5 41582f69026015d3ec025c1121831576
sha1 73d8a06c56f1c139bc6858142c75a56a2ee9dc9b
bccrypto-net-1.3-src.zip Source code, examples, tests, documentation.
      checksums: md5 78f12ded99fadd73bb7cba19ad1c04c8
sha1 5951c63bd04ddfcbb8c40646bbfd14063f50c0d3
Changes in this release:
  • ASN.1 stream parsing now handles definite length encodings efficiently.
  • Buffering in the streaming CMS has been reworked. Throughput is now usually higher and the behaviour is more predictable.
  • BcpgInputStream now handles data blocks in the 2**31->2**32-1 range.
  • Some confusion over the parameters J and L in connection with Diffie-Hellman has been resolved.
  • Added CryptoApiRandomGenerator, a wrapper for RNGCryptoServiceProvider.
  • Added VMPC stream cipher, VMPCMAC and a VMPC-based implementation of IRandomGenerator.
  • Added support in OpenPGP for fetching keyrings by case-insensitive user ID [#BMA-8].
  • Fixed a vulnerability of CMS signatures that do not use signed attributes (Bleichenbacher RSA forgery).
  • Fixed a bug causing second and later encrypted objects to be ignored in KeyBasedFileProcessor example.
  • Fixed case-sensitivity issue with deletion from a PKCS#12 file.
  • Fixed problem overwriting entities in a PKCS#12 file.
  • Fixed PgpUtilities.MakeKeyFromPassPhrase for 8-bit characters [#BMA-13].
  • Fixed duplicate certificate problem in Pkcs12Store.Save [#BMA-12].
  • Fixed NAnt build under Mono [#BMA-10].
  • Fixed BigInteger.ModPow for negative exponents [#BMA-7].

Release 1.2, 5th July 2007

Release includes the full lightweight API, as well as APIs for OpenPGP, CMS, TLS, X.509, and PKCS#12.
bccrypto-net-1.2-bin.zip Compiled assembly only.
      checksums: md5 7141ba8bc67317b71510ee0ab1251abf
sha1 5345e528436318cc1e2f523d5e5e1cac6f597ad5
bccrypto-net-1.2-src.zip Source code, examples, tests, documentation.
      checksums: md5 bc2bb75a4227f30ba0ff64d40424571c
sha1 09d0931d8c54075d19c130eb6082444deac9394b
Changes in this release:
  • Source now builds on .NET Compact Framework 1.0 (compilation flag NETCF_1_0).
  • Release assembly now signed with a strong name.
  • Added CCM and EAX block cipher modes.
  • Added Noekeon block cipher.
  • Added HC-128, HC-256, and ISAAC stream ciphers.
  • Added RIPEMD160withECDSA signature algorithm.
  • Added support for notation data signature subpackets to OpenPGP.
  • Added support for parsing of experimental signatures to OpenPGP.
  • Added the complete set of SEC-2 EC curves.
  • Added support for implicit tagging to DerApplicationSpecific.
  • Added remaining ASN.1 structures from RFC 3126 to Asn1.Esf namespace.
  • Performance of ECDSA improved.
  • Performance of ASN.1 stream parsing improved.
  • Fixed default private key length for Diffie-Hellman parameters.
  • Fixed DerT61String to correctly support 8-bit characters.
  • Fixed duplicate attribute problem in Pkcs12Store.Save.
  • Fixed a problem writing public keys in OpenPGP [#BMA-5].

Release 1.1, 4th May 2007

Release includes the full lightweight API, as well as APIs for OpenPGP, CMS, X.509, and PKCS#12.
bccrypto-net-1.1-bin.zip Compiled assembly only.
      checksums: md5 083ed774b70c2d5f39aab47966855b45 sha1 5c0ffa6a661bf28e3eb577a3ea0a2ab69dcbd354
bccrypto-net-1.1-src.zip Source code, examples, tests, documentation.
      checksums: md5 0795d7939b2fd982fc3db3209346135d sha1 3a252c379879ee5fbd389e7134a8aef20b9e74ea
Changes in this release:
  • Added support for writing DSA private keys, and more encodings, in OpenSsl (PemReader/PemWriter).
  • Removed SharpZipLib dependency.
  • Added RSA blinded signature classes.
  • Added Asn1.IsisMtt namespace (ISIS-MTT ASN.1 classes).
  • Added SEED block cipher engine.
  • Added Salsa20 stream cipher engine.
  • Performance optimisations for F2m elliptic curves.
  • Fixed OpenPGP bug decrypting files with multiple types of encryption on the session key.

Release 1.0, 19th January 2007

Release includes the full lightweight API, as well as APIs for OpenPGP, CMS, X.509, and PKCS#12.
bccrypto-net-1.0-bin.zip Compiled assembly only (SharpZipLib is required, but not included).
      checksums: md5 d1ab2bcfce6fb1b03b9a42a36ee171b0 sha1 3a545c220e79a5b2115bfc4c31a5a805965e4c8f
bccrypto-net-1.0-src.zip Source code, examples, tests, documentation.
      checksums: md5 ab75e0d50fc8dbea84a9297a574b03cf sha1 bd5ca9292615431f2a7c13e071e2191c747301d5

CVS Access

Instructions for anonymous CVS access: 

    CVSROOT=:pserver:anonymous@cvs.bouncycastle.org:/home/users/bouncy/cvsroot
And then 
    cvs co csharp
Using your favorite CVS client.

Just want to look at the source? The source code repository is accessible via ViewCVS from here.

Current feature list:

  • Generation and parsing of PKCS#12 files.
  • X.509: Generators and parsers for V1 and V3 certificates, V2 CRLs and attribute certificates.
  • PBE algorithms supported by PBEUtil: PBEwithMD2andDES-CBC, PBEwithMD2andRC2-CBC, PBEwithMD5andDES-CBC, PBEwithMD5andRC2-CBC, PBEwithSHA1andDES-CBC, PBEwithSHA1andRC2-CBC, PBEwithSHA-1and128bitRC4, PBEwithSHA-1and40bitRC4, PBEwithSHA-1and3-keyDESEDE-CBC, PBEwithSHA-1and2-keyDESEDE-CBC, PBEwithSHA-1and128bitRC2-CBC, PBEwithSHA-1and40bitRC2-CBC, PBEwithHmacSHA-1, PBEwithHmacSHA-224, PBEwithHmacSHA-256, PBEwithHmacRIPEMD128, PBEwithHmacRIPEMD160, and PBEwithHmacRIPEMD256.
  • Signature algorithms supported by SignerUtilities: MD2withRSA, MD4withRSA, MD5withRSA, RIPEMD128withRSA, RIPEMD160withRSA, RIPEMD256withRSA, SHA-1withRSA, SHA-224withRSA, SHA-256withRSAandMGF1, SHA-384withRSAandMGF1, SHA-512withRSAandMGF1, SHA-1withDSA, and SHA-1withECDSA.
  • Symmetric key algorithms: AES, Blowfish, Camellia, CAST5, CAST6, DESede, DES, GOST28147, HC-128, HC-256, IDEA, NaccacheStern, RC2, RC4, RC5-32, RC5-64, RC6, Rijndael, Serpent, Skipjack, TEA/XTEA, Twofish, and VMPC.
  • Symmetric key modes: CBC, CFB, CTS, GOFB, OFB, OpenPGPCFB, and SIC (or CTR).
  • Symmetric key paddings: ISO10126d2, ISO7816d4, PKCS#5/7, TBC, X.923, and Zero Byte.
  • Asymmetric key algorithms: RSA (with blinding), ElGamal, DSA, ECDSA.
  • Asymmetric key paddings/encodings: ISO9796d1, OAEP, and PKCS#1.
  • Digests: GOST3411, MD2, MD4, MD5, RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, Tiger, and Whirlpool.
  • Signer mechanisms: DSA, ECDSA, ECGOST3410, GOST3410, ISO9796d2, PSS, RSA.
  • Key Agreement: Diffie-Hellman and EC-DH.
  • Macs: CBCBlockCipher, CFBBlockCipher, GOST28147, HMac, and ISO9797 Alg. 3.
  • PBE generators: PKCS#12, and PKCS#5 - schemes 1 and 2.
  • OpenPGP (RFC 2440)
  • Cryptographic Message Syntax (CMS, RFC 3852), including streaming API.
  • Online Certificate Status Protocol (OCSP, RFC 2560).
  • Time Stamp Protocol (TSP, RFC 3161).

Porting notes from the old ASN.1 library For the most part code using the old subset of ASN.1 classes should be easy to transfer, providing the following changes are made:

  • DERObject becomes ASN1Object
  • DEREncodable becomes ASN1Encodable
  • getDERObject() becomes toASN1Object()
  • BERConstructedOctetString becomes BEROctetString
  • If you were using the older mutable DERConstructedSequence/Set and BERConstructedSequence, use an ASN1EncodableVector in conjunction with DERSequence/Set and BERSequence
  • BERInputStream and DERInputStream are replaced with ASN1InputStream
  • AsymmetricKeyParameter is now in the org.bouncycastle.crypto namespace

Keep in touch!

For those who are interested, there are two mailing lists for participation in this project. To subscribe use the links below. (To unsubscribe, replace subscribe with unsubscribe in the message body)

announce-crypto-csharp-request@bouncycastle.org with subscribe in the message body. This mailing list is for new release announcements only, general subscribers cannot post to it.

dev-crypto-csharp-request@bouncycastle.org with subscribe in the message body. This mailing list is for discussion of development of the package. This includes bugs, comments, requests for enhancements, questions about use or operation.

NOTE:You need to be subscribed to send mail to the above mailing list.

A searchable archive of the dev mailing list is accessible off the mailing lists page.

If you want to provide feedback, offers of jobs (or more importantly beer) directly to the members of The Legion then please use feedback-crypto@bouncycastle.org

Prior Releases

The original C# port: lcrypto-csharp-119.zip - note: the original port is now well out of date, we strongly recommend migrating to the official release stream, apart from anything BigInteger is substantially faster and the new release supports OpenPGP, PKCS#12, CMS, and TSP as well.

MD5 checksum 3d95c79f6d5c6809a44d0032f64d33e0

Patch, 22 Nov 2004: (Only required for the original C# port) BigInteger.cs Fix to prevent BigInteger prime generation in original port from going into an infinite loop.

 

News

Release 1.3

Saturday 8th December 2007

Update to official release. Performance has been improved for ASN1, CMS, and BcpgInputStream now handles the maximum data block size. The VMPC algorithm has been added and a number of other bug fixes and enhancements have been made. See the release notes for details.

Archive for dev-crypto-csharp.

Wednesday 28th June 2006

See the C# mailing lists page.

Sponsored Links