[Mono-devel-list] Cryptography using Mono.Security assembly on .NET on Windows

Wed Mar 31 11:12:39 EST 2004

Hi, 
First of all thank you guys a lot. You have done an excellent job. I have 
seen mono in Novell brainshare and it was amazing.
-------------------------------------------------------------------------------------------------------------------------------------

Short story:
-----------------
Is it possible to use Mono.Security assembly on .NET on windows for 
cryptography (in general) and does it offer a complete services (i.e. 
complete support for X.509 Certificates)? 
Where can I get it to install it on windows and How? 
Is there a documentation for it? 
Does it use the same cryptography architecture of .NET (i.e. only an 
implementation for this architecture)? 
Is it compatable with BouncyCastle on Java :-)? 

I am sorry if some questions are not reasonable but I am new to .NET (only 
one month) with a good Java background
-------------------------------------------------------------------------------------------------------------------------------------

Long Story :
------------------
I have a project which consists of: 
1- Clients develped by different companies, some using .NET and some using 
Java but all running on Windows Desktop :-(.
2- Number of webservices running on .NET on windows 2003 which are accesed 
by previous mentioned clients.
3- Clients upload data stored in XML files to webservices.

I was asked to develop two cryptographic libraries to:
1- Encrypt data (XML files) on clients machines before sending them.
2- and then decrypt this data after recieving them thorugh webservices.

The encryption will consists of two steps:
1- Create a security provider for the chosen - symmetric - algorithm and 
encrypt the XML data file.
2- Encrypt the session key using the public key of the server.

Now on Java I have BouncyCastle library which is a very good cryptography 
library and completely developped on Java (completly "managed" code). 
On the other hand on .NET I have only wrappers to access CryptoAPI (I 
think through COM objects). 
I have seen that mono has a completly managed code cryptography library 
packaged in Mono.Security assembly ?!!. 

The questions are: 
1- Can I use this library from .NET on windows? 
2- if yes then How can I get this assembly and its documentation? 
3- Does if follow the same architecture of .NET cryptography? 
4- Is it compatable with BouncyCastle especially with the key exchage. 
(i.e. if one client encrypts using BouncyCastle, the webservices could 
decrypt it using Mono library).

Thank you for your time. Regards
---------------------------------------------------------------------------

Muath A. Al-Khalaf,  GSEC
Information Security Engineer
ELM Information Security Co.
Email: muath at elm.com.sa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ximian.com/pipermail/mono-devel-list/attachments/20040331/09ca9433/attachment.html 