Security Tools for .NET 2.0
The Mentalis.org Security Tools library is an add-on for the .NET framework.
Its goal is to provide some useful cryptographic tools that do not yet exist for the .NET 2.0 Framework.
The current release consists of a .NET library that can be used to do the following things:
Strong Name Files: Strong Name files (or SNK files) can be created and used by Microsoft's
sn.exe tool. However, sometimes it's useful to create these files manually from code, or to
use the keys in these files in your code. Using the StrongNameFile
class, you can do these things! You can initialize instances of this class using your own RSA
parameters, and then save them to SNK files where they can be used to sign code for instance.
Or you can open an existing SNK file, and initialize a new RSACryptoServiceProvider instance
with the public/private key pair contained in the SNK file.
Private Key Files: Apart from Strong Name files, Private Key files (also called PVK files)
can also be opened by this library. The PrivateKeyFile class can open a PVK file and associate
it with the corresponding X509 certificate that you have. This way, the X509Certificate instance
can be used to encrypt/verify and decrypt/sign data.
RSA Exponent-of-one Keys: Exponent-of-one keys are special RSA keys, in the sense that the output
buffer matches the input buffer for any RSA encryption or decryption. Practically, this means
that if you generate a key-exchange message using an RSAPKCS1KeyExchangeFormatter instance that
was initialized with such a special key, the resulting key exchange buffer will include the secret
key unencrypted. Exponent-of-one keys are very useful when you're in the debugging stage of your
application. You can use these keys instead of 'normal' RSA keys, and the entire system keeps
working as expected. The only difference is that the 'encrypted' data is the same as the
unencrypted data - a very useful feature for debugging purposes.
Self-signed certificates: When you need to create X509 certificates at runtime, you can use
the new X509CertificateGenerator that creates self-signed certificates with the parameters that
you specify. You can set the public/private key, the subject name, the validity period and add
certificate extensions. The library returns an X509Certificate instance that can then be used
or saved to disk.
The library ships with extensive documentation that can also be
If you have questions about the library, you can ask them on the
Security Tools forum
You can download the Mentalis.org Security Tools for .NET 2.0 library