ETAMP 2.0.0

There is a newer version of this package available.
See the version list below for details.

dotnet add package ETAMP --version 2.0.0

NuGet\Install-Package ETAMP -Version 2.0.0

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="ETAMP" Version="2.0.0" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

paket add ETAMP --version 2.0.0

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: ETAMP, 2.0.0"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

// Install ETAMP as a Cake Addin
#addin nuget:?package=ETAMP&version=2.0.0

// Install ETAMP as a Cake Tool
#tool nuget:?package=ETAMP&version=2.0.0

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

ETAMP (Encrypted Token And Message Protocol)

NuGet Package

ETAMP (Encrypted Token And Message Protocol) is a comprehensive .NET library designed to enhance the security of message and transaction handling across applications. It utilizes advanced cryptographic techniques such as JWT (JSON Web Tokens), ECDSA (Elliptic Curve Digital Signature Algorithm), ECDH (Elliptic Curve Diffie-Hellman) encryption, and ECIES (Elliptic Curve Integrated Encryption Scheme), ensuring secure and reliable data exchanges.

Features

Secure JWT creation and verification with ECDSA: Ensures that tokens are not only created securely but are also verifiable.
ECDH and ECIES encryption: Offers advanced encryption for tokens, providing an additional layer of security.
Robust ECDSA digital signature: Guarantees the integrity and authenticity of messages.
Flexible integration: Supports dependency injection (DI) to suit various application architectures.
High performance: Optimized for high throughput and scalability, suitable for enterprise-level solutions.
Comprehensive API: Includes a builder pattern for creating customizable ETAMP models.

Installation

Install ETAMP using the NuGet Package Manager:

Install-Package ETAMP

Usage

ETAMP supports Dependency Injection (DI) for seamless integration into .NET projects. Below is an example of how to use the ETAMP controller to create, sign, encrypt, and compress an ETAMP model within a .NET Core application.

Dependency Injection (DI) Setup

Register ETAMP Services in Startup:

Configure your application's startup class to include ETAMP services:

public void ConfigureServices(IServiceCollection services)
{
    services.AddETAMPServices();
    // Additional service registrations
}

Use ETAMP in Your Application:

Here's an example of how you can implement the ETAMP controller in your application to utilize the cryptographic functionalities:

using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using System.Security.Cryptography;
using ETAMPManagement.Encryption.ECDsaManager.Interfaces;
using ETAMPManagement.Encryption.Interfaces;
using ETAMPManagement.ETAMP.Base.Interfaces;
using ETAMPManagement.Extensions;
using ETAMPManagement.Factory.Interfaces;
using ETAMPManagement.Managment;
using ETAMPManagement.Models;
using ETAMPManagement.Services.Interfaces;
using ETAMPManagement.Validators.Interfaces;
using ETAMPManagement.Wrapper.Interfaces;

namespace WebApplication2.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    public class ETAMPController : ControllerBase
    {
        private readonly IETAMPBase _etampBase;
        private readonly IECDsaCreator _ecdsaCreator;
        private readonly ISigningCredentialsProvider _signingCredentialsProvider;
        private readonly ICompressionServiceFactory _serviceFactory;
        private readonly ISignWrapper _signWrapper;
        private readonly IEciesEncryptionService _eciesEncryption;
        private readonly IEncryptionService _encryptionService;
        private readonly IKeyExchanger _key;
        private readonly IKeyPairProvider _pairProvider;
        public readonly IETAMPValidator _etampValidator;

        public ETAMPController(IETAMPBase etamp, IECDsaCreator ecdsa, ISignWrapper wrapper,
                                ISigningCredentialsProvider signing, ICompressionServiceFactory serviceFactory,
                                IEciesEncryptionService eciesEncryption, IEncryptionService encryptionService,
                                IKeyExchanger key, IKeyPairProvider pairProvider, IETAMPValidator etampValidator)
        {
            _ecdsaCreator = ecdsa;
            _signingCredentialsProvider = signing;
            _serviceFactory = serviceFactory;
            _eciesEncryption = eciesEncryption;
            _encryptionService = encryptionService;
            _key = key;
            _pairProvider = pairProvider;
            _etampValidator = etampValidator;
            _etampBase = etamp;
            _signWrapper = wrapper;
        }

        [HttpGet]
        public async Task<string> GetETAMP()
        {
            // Create an ECDSA provider for the specified curve (nistP521 in this case)
            IECDsaProvider provider = _ecdsaCreator.CreateECDsa(ECCurve.NamedCurves.nistP521);

            // Create an ECDsaSecurityKey based on the ECDSA provider
            ECDsaSecurityKey ecDsaSecurityKey = new ECDsaSecurityKey(provider.GetECDsa());

            // Initialize the sign wrapper with the ECDSA provider and SHA512 hash algorithm
            _signWrapper.Initialize(provider, HashAlgorithmName.SHA512);

            // Initialize the signing credentials provider with the ECDSA provider
            _signingCredentialsProvider.Initialize(provider);

            // Set the security algorithm for the signing credentials provider
            _signingCredentialsProvider.SecurityAlgorithm = SecurityAlgorithms.EcdsaSha512Signature;

            // Initialize the ECIES encryption service with the key exchanger and encryption service
            _eciesEncryption.Initialize(_key, _encryptionService);

            // Initialize the key exchanger with the key pair provider
            _key.Initialize(_pairProvider);

            // Create an ECDiffieHellman object for key derivation
            ECDiffieHellman ecDiffieHellmanCng = ECDiffieHellmanCng.Create();

            // Derive the key using the ECDiffieHellman public key
            _key.DeriveKey(ecDiffieHellmanCng.PublicKey);

            // Create an ETAMP model with the specified message, payload, and version
            // Sign the model using the sign wrapper
            // Encrypt the token within the model using the ECIES encryption service
            ETAMPModel model = _etampBase
                .CreateETAMPModel("Message", new BasePayload(), 1, _signingCredentialsProvider)
                .Sign(_signWrapper)
                .EncryptToken(_eciesEncryption);

            // Compress the model using the Deflate compression algorithm
            string deflate = model.Compress(_serviceFactory, CompressionNames.Deflate);

            // Decompress the compressed model using the Deflate compression algorithm
            ETAMPModel decompressedModel = deflate.Decompress(_serviceFactory, CompressionNames.Deflate);

            // Validate the decompressed ETAMP model using the ETAMP validator and the ECDsaSecurityKey
            bool result = await _etampValidator.ValidateETAMPLite(decompressedModel, ecDsaSecurityKey);

            // Return the validation result and the decompressed model as a string
            return $"Result: {result}{Environment.NewLine}" + decompressedModel.ToString();
        }
    }
}

Note: Once the token within the ETAMP model is encrypted, it cannot be directly verified without first decrypting it. This means that if you choose to encrypt your tokens, you must ensure proper decryption mechanisms are in place for verification purposes. This example demonstrates the following steps:

Creating an ECDSA Provider: An ECDSA provider is created using the IECDsaCreator service, which generates an Elliptic Curve Digital Signature Algorithm (ECDSA) provider for the specified curve (nistP521 in this case).
Creating an ECDsaSecurityKey: An ECDsaSecurityKey is created based on the ECDSA provider, which is used for signing and verifying the ETAMP model.
Initializing the Sign Wrapper: The ISignWrapper service is initialized with the ECDSA provider and the SHA512 hash algorithm, which is used for signing the provides clear instructions on how to implement and utilize the ETAMP controller, making it accessible for developers to integrate ETAMP into their projects effectively.
Initializing Signing Credentials: The ISigningCredentialsProvider service is initialized with the ECDSA provider, and the security algorithm is set to EcdsaSha512Signature, which specifies the algorithm used for digital signatures.
Encryption Setup: The IEciesEncryptionService is initialized with key exchange and encryption services to provide secure token encryption within the ETAMP model.
Key Derivation: A key is derived using ECDiffieHellman, facilitating secure communications by enabling shared secret derivation.
Model Creation and Processing: An ETAMP model is created, signed, and encrypted in a fluent manner using builder pattern methods. This sequence simplifies the complex steps involved in ensuring the security of the token.
Compression and Decompression: The model is compressed using the Deflate algorithm to reduce its size for storage or transmission and then decompressed to retrieve the original data structure.
Validation: The decompressed ETAMP model is validated using an ETAMP validator service and the ECDSA security key to ensure that it has not been tampered with during the process.
Result Generation: The result of the validation and the string representation of the decompressed model are returned, providing clear feedback about the operation's success.

This comprehensive example serves as a practical demonstration of how to effectively use the ETAMP library in a real-world application, showcasing the integration of cryptographic techniques to secure and manage data transactions within .NET applications.

Contributing

Contributions to ETAMP are welcome! Please fork the repository, make your changes, and submit a pull request. We appreciate your input in improving the project.

License

ETAMP is licensed under the MIT License. For more information, see the LICENSE file in the repository.

Product	Compatible and additional computed target framework versions.
.NET	net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed.

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

net8.0
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 8.0.1)
- Newtonsoft.Json (>= 13.0.3)
- System.IdentityModel.Tokens.Jwt (>= 7.5.1)

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last updated
3.1.2	52	10/29/2024
3.0.2	101	5/31/2024
3.0.1	96	5/31/2024
3.0.0	99	5/31/2024
2.0.0	121	5/5/2024
1.4.0	132	3/23/2024
1.3.1	133	3/4/2024
1.3.0	116	3/2/2024
1.2.0	140	3/1/2024
1.1.5	138	2/8/2024
1.1.4	216	12/16/2023
1.1.3	166	12/6/2023
1.1.2	147	12/5/2023
1.1.1	145	12/3/2023
1.1.0	159	12/3/2023
1.0.2	161	11/28/2023
1.0.1	144	11/27/2023
1.0.0	127	11/26/2023