CLR Security Site on CodePlex
In the words of Shawn Farkas….
“You can find it at http://www.codeplex.com/clrsecurity. Currently there are two libraries up on the site:
Security.Cryptography.dll
This provides several CNG implementations of cryptographic algorithms to extend the set that shipped in .NET 3.5. You’ll find AES, RSA, RNG, and 3DES in the assembly. It also adds some extension methods to the existing CNG classes that allow you to enumerate the keys, algorithms and providers supported on the current machine. Finally, it has CryptoConfig2 which supersedes the standard CryptoConfig by allowing you to .Create algorithms from both Security.Cryptography.dll as well as System.Core.dll (which never appeared in the standard CryptoConfig due to .NET 3.5 layering restrictions).
Security.Cryptography.Debug.dll –
This assembly helps to analyse the most common causes of the “Padding is invalid and cannot be removed” CryptographicException. Generally, when these come in to be debugged the root cause is either one of the parameters to the decryption transform didn’t match the parameter to the encryption transform, or there was some incorrect multi-threaded use of the transform without holding a correct lock. This library tries to detect both of these problems, and instead of throwing an invalid padding exception throws a CryptographicDiagnosticException with details about exactly what it found to be going wrong. (Obviously this is for debugging use only, since it holds as internal state a bunch of sensitive data that you wouldn’t want floating around production code).”
