SafeOrbit 0.3.0
See the version list below for details.
dotnet add package SafeOrbit --version 0.3.0
NuGet\Install-Package SafeOrbit -Version 0.3.0
<PackageReference Include="SafeOrbit" Version="0.3.0" />
paket add SafeOrbit --version 0.3.0
#r "nuget: SafeOrbit, 0.3.0"
// Install SafeOrbit as a Cake Addin #addin nuget:?package=SafeOrbit&version=0.3.0 // Install SafeOrbit as a Cake Tool #tool nuget:?package=SafeOrbit&version=0.3.0
SafeOrbit - Protect your data and detect injections
SafeOrbit is easy-to-use and strong security toolkit for .NET and .NET CORE.
It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience. -Auguste Kerckhoffs
SafeOrbit is a security toolset including different high performance algorithms and easy to use classes for advanced memory protection.
SafeOrbit's primarly focus is strong memory protection. It protects every byte in your application with encryption in transit and at rest. It safeguards your application against memory injections and timing attacks.
- You have SafeBytes to protect binaries,
- SafeString to protect strings,
- and even more to detect memory injections.
SafeOrbit provides also bunch of tools to implement strong and high performance algorithms for encryption, hashing and random.
SafeOrbit is well tested as it should be for a security library. It has more than 3.000 green tests for around 3.000 lines of code (v0.1).
SafeOrbit is easy to use as it does not require you to have any knowledge of cryptology to take advantage of high security.
SafeOrbit is performance friendly. It's up to you to decide for trade-off between speed and more security. Services have Safe or Fast prefixes. Fast classes strive for both performance and security, but Safe classes focuses the security over performance. For example while SafeEncryptor uses lots of iterations, salts, and IV, FastEncryptor uses a faster encryption alghoritm without any key deriving function. Furthermore most of the classes has a way to disable its protection. They let you change/disable the security level of the protection dynamically to gain more performance.
Contribute
Feel free to contribute by joining the coding process or opening issues. Read more on wiki.
License
It means that you're free to use SafeOrbit freely in any application, copy, and modify its code.
Quick Documentation
Memory security
SafeString (wiki)
SafeStringrepresents an encrypted string that guarantees to not leak your data in the memory while allowing modifications and comparisons.- It has more advantages over
System.Security.SecureStringbecause of the security design of the SafeOrbit.
SafeString vs System.Security.SecureString
SafeBytes (wiki)
SafeBytesis protected sequence of bytes in memory.- It's a lower level module used by
SafeString. - You can hide any data from the memory, then modify and compare them safely without revealing the bytes.
Detect injections
- You can detect injections for any of your
.NETclass including their- the state (data in the memory)
- code that's loaded in memory
- Internal protection for
SafeOrbitlibrary be enabled as default.- You can disable it to gain more performance by changing SafeOrbit's security settings.
SafeObject (wiki)
An object that can detect memory injections to itself.
var safeObject = new SafeObject<Customer>();
// Each change to the object's state or code must be using ApplyChanges
safeObject.ApplyChanges((customer) => customer.SensitiveInfo = "I'm protected!");
// Retrieve safe data
var safeInfo = safeObject.Object.SensitiveInfo; // returns "I'm protected!" or alerts if any injection is detected
SafeContainer (wiki)
SafeContaineris a dependency container that detects and notifies injections to its instances.- It's security mode can be changed dynamically.
InjectionDetector (wiki)
- A service that's consumed by
SafeContainerandSafeObject. - Lowest level of the injection detection and alerting mechanism.
Cryptography
Encryption (wiki)
Supported:
- Asynchronous encryption
- Aes-256 implementation with Pbkdf2, random IV and salt. Aes-256 is considered as one of the strongest encryption algorithms. It's implemented with more security layers with a very easy to use interface in SafeOrbit.
- Blowfish is implemented with a more secure CBC mode with IV. The implementation passes the vector tests. The algorithm is considered as one of the fastest encryption algorithms.
Hashers (wiki)
Supported :
- MurmurHash (Murmur32) for better performance, it should be seeded and salted.
- SHA512 for higher security.
Random (wiki)
What if your OS crypto random has in any way been undermined (for example, by a nefarious government agency, or simple incompetence)?
SafeOrbit guarantees not to reduce the strength of your crypto random. It has the ability to improve the strength of your crypto random.
Speed up
For better performance, it's highly recommended to start the application early in your application start with this line :
SafeOrbitCore.Current.StartEarly();Memory injection is enabled as default.
- It provides self security on client side applications, but on a protected server disabling the memory injection for more performance is recommended. Read more on wiki.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
| .NET Core | netcoreapp1.0 was computed. netcoreapp1.1 was computed. netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
| .NET Standard | netstandard1.6 is compatible. netstandard2.0 is compatible. netstandard2.1 was computed. |
| .NET Framework | net45 is compatible. net451 is compatible. net452 is compatible. net46 is compatible. net461 is compatible. net462 is compatible. net463 was computed. net47 is compatible. net471 is compatible. net472 is compatible. net48 was computed. net481 was computed. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen30 was computed. tizen40 was computed. tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETFramework 4.5
- No dependencies.
-
.NETFramework 4.5.1
- No dependencies.
-
.NETFramework 4.5.2
- No dependencies.
-
.NETFramework 4.6
- No dependencies.
-
.NETFramework 4.6.1
- No dependencies.
-
.NETFramework 4.6.2
- No dependencies.
-
.NETFramework 4.7
- System.ComponentModel (>= 4.3.0)
- System.Reflection.Metadata (>= 1.6.0)
- System.Reflection.TypeExtensions (>= 4.5.1)
- System.Runtime.Serialization.Primitives (>= 4.3.0)
- System.Security.Cryptography.Algorithms (>= 4.3.1)
- System.Security.Cryptography.ProtectedData (>= 4.5.0)
- System.Security.Permissions (>= 4.5.0)
- System.Threading.Tasks.Parallel (>= 4.3.0)
- System.Threading.Thread (>= 4.3.0)
- System.Threading.ThreadPool (>= 4.3.0)
- System.Xml.ReaderWriter (>= 4.3.1)
-
.NETFramework 4.7.1
- System.ComponentModel (>= 4.3.0)
- System.Reflection.Metadata (>= 1.6.0)
- System.Reflection.TypeExtensions (>= 4.5.1)
- System.Runtime.Serialization.Primitives (>= 4.3.0)
- System.Security.Cryptography.Algorithms (>= 4.3.1)
- System.Security.Cryptography.ProtectedData (>= 4.5.0)
- System.Security.Permissions (>= 4.5.0)
- System.Threading.Tasks.Parallel (>= 4.3.0)
- System.Threading.Thread (>= 4.3.0)
- System.Threading.ThreadPool (>= 4.3.0)
- System.Xml.ReaderWriter (>= 4.3.1)
-
.NETFramework 4.7.2
- System.ComponentModel (>= 4.3.0)
- System.Reflection.Metadata (>= 1.6.0)
- System.Reflection.TypeExtensions (>= 4.5.1)
- System.Runtime.Serialization.Primitives (>= 4.3.0)
- System.Security.Cryptography.Algorithms (>= 4.3.1)
- System.Security.Cryptography.ProtectedData (>= 4.5.0)
- System.Security.Permissions (>= 4.5.0)
- System.Threading.Tasks.Parallel (>= 4.3.0)
- System.Threading.Thread (>= 4.3.0)
- System.Threading.ThreadPool (>= 4.3.0)
- System.Xml.ReaderWriter (>= 4.3.1)
-
.NETStandard 1.6
- NETStandard.Library (>= 1.6.1)
- System.ComponentModel (>= 4.3.0)
- System.Reflection.Metadata (>= 1.4.2)
- System.Reflection.TypeExtensions (>= 4.5.1)
- System.Runtime.Serialization.Primitives (>= 4.3.0)
- System.Security.Cryptography.Algorithms (>= 4.3.1)
- System.Security.Cryptography.ProtectedData (>= 4.3.0)
- System.Threading.Tasks.Parallel (>= 4.3.0)
- System.Threading.Thread (>= 4.3.0)
- System.Threading.ThreadPool (>= 4.3.0)
- System.Xml.ReaderWriter (>= 4.3.1)
-
.NETStandard 2.0
- System.ComponentModel (>= 4.3.0)
- System.Reflection.Metadata (>= 1.6.0)
- System.Reflection.TypeExtensions (>= 4.5.1)
- System.Runtime.Serialization.Primitives (>= 4.3.0)
- System.Security.Cryptography.Algorithms (>= 4.3.1)
- System.Security.Cryptography.ProtectedData (>= 4.5.0)
- System.Security.Permissions (>= 4.5.0)
- System.Threading.Tasks.Parallel (>= 4.3.0)
- System.Threading.Thread (>= 4.3.0)
- System.Threading.ThreadPool (>= 4.3.0)
- System.Xml.ReaderWriter (>= 4.3.1)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.