ApiKeyGenerator 0.9.3

There is a newer version of this package available.
See the version list below for details.
dotnet add package ApiKeyGenerator --version 0.9.3                
NuGet\Install-Package ApiKeyGenerator -Version 0.9.3                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="ApiKeyGenerator" Version="0.9.3" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add ApiKeyGenerator --version 0.9.3                
#r "nuget: ApiKeyGenerator, 0.9.3"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install ApiKeyGenerator as a Cake Addin
#addin nuget:?package=ApiKeyGenerator&version=0.9.3

// Install ApiKeyGenerator as a Cake Tool
#tool nuget:?package=ApiKeyGenerator&version=0.9.3                

Nuget GitHub Workflow Status SonarCloud Coverage SonarCloud Bugs SonarCloud Vulnerabilities

API Key Generator

A DotNet library for generating and validating API keys. Although there are lots of libraries out there that help you implement API key logic using middleware, this library attempts to isolate exactly the code that does API key generation and validation using relatively safe practices.

The goal of this library is to strike the right balance between usability and reliability.

This library implements encryption of API keys as follows:

  • The default algorithm uses BCrypt on key + salt.
  • Hashing algorithms available include SHA256, SHA512, BCrypt, and PBKDF with 100k iterations.
  • Key and salt length is configurable, defaulting to 512 bits / 64 bytes of randomness.

The library is intended to support future generations of algorithms while still being compatible with previously generated API keys.

For usability, this library works on a few basic principles:

  • API key validation should be able to give clear error messages if the key is malformed.
  • API keys are encoded with Base58 so they can be double-clicked to select the entire key.
  • An API key is in the form <prefix><key ID>_<client secret><suffix>.
  • The prefix and suffix values determine if the client is sending the wrong API key, or if the key has been truncated.
  • The prefix and suffix also determine which generation of algorithm your key uses.
  • The Key ID is a GUID that can be used to uniquely identify the key in your storage system.
  • Salt and hash values can be stored wherever you like, as long as you can fetch them back for validation.
  • The validation and key generation logic are as general purpose as possible so you can fit this library anywhere.

Citations and references

The following articles are relevant to this library:

Algorithm Performance

These performance statistics were measured on my laptop, a Dell I7-12700H. Benchmarks measure the length of time taken to do 1,000 iterations of Generate or Validate.

Method HashType Mean Error StdDev
Generate SHA256 2.659 ms 0.0269 ms 0.0239 ms
Validate SHA256 1.214 ms 0.0091 ms 0.0085 ms
Generate SHA512 3.321 ms 0.0217 ms 0.0203 ms
Validate SHA512 1.821 ms 0.0078 ms 0.0061 ms
Generate BCrypt 12,097.053 ms 32.9440 ms 30.8158 ms
Validate BCrypt 12,183.813 ms 39.5346 ms 36.9807 ms
Generate PBKDF2100K 9,105.861 ms 32.3737 ms 30.2824 ms
Validate PBKDF2100K 9,153.661 ms 51.2219 ms 47.9130 ms
Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
0.9.5 501 9/24/2023
0.9.4 144 9/22/2023
0.9.3 208 7/14/2023
0.9.2 176 7/14/2023
0.9.1 198 7/13/2023

# 0.9.3
July 14, 2023

Switch default algorithm to PBKDF2 with 100K iterations as specified by NIST 800-63B section 5.1.1.2.