[Mono-list] System.Security library

Sebastien Pouliot spouliot@videotron.ca
Mon, 07 Mar 2005 07:06:33 -0500


Hello Kala,

> What is the library used internally to implement
> System.Security.Cryptography in mono?

You're mixing two concept here.

First the System.Security.dll assembly (library) only contains support for
XML Digital Signature in Fx 1.0 and 1.1. Fx 2.0 also adds support for XML
Encryption, PKCS7 envelopes and better X.509 certificate support.

Second the System.Security.Cryptography.* namespaces include code for
cryptography and X.509 certificate support. This code is mostly located in
mscorlib.dll assembly (with a little bit in System.dll) in Fx 1.0/1.1. Fx
2.0 also has part of this namespace inside System.Security.dll.

More details available at: http://www.mono-project.com/Cryptography

> Is it openssl ?

No. As Joerg replied all crypto (except the random number generator) are
implemented in 100% managed code (C#). The RNG use /dev/[u]random on Linux
(and optionally an EGD socket) or CryptoAPI on Windows.

The design of the .NET cryptographic classes allows easy extensions. So it
would be possible top use OpenSSL as the source of cryptographic algorithms
inside Mono by adding (and configuring) a new assembly (e.g.
Mono.OpenSsl.dll). There is something similar existing in the
Mono.Security.Win32.dll assembly (for CryptoAPI under Windows).

Sebastien Pouliot
home: spouliot@videotron.ca
blog: http://pages.infinit.net/ctech/poupou.html