DotNetExtras.Security 1.0.6

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher.
There is a newer version of this package available.
See the version list below for details. 
dotnet add package DotNetExtras.Security --version 1.0.6
                    


                    

                
NuGet\Install-Package DotNetExtras.Security -Version 1.0.6
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="DotNetExtras.Security" Version="1.0.6" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="DotNetExtras.Security" Version="1.0.6" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="DotNetExtras.Security" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add DotNetExtras.Security --version 1.0.6
                    


                    

                
#r "nuget: DotNetExtras.Security, 1.0.6"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package DotNetExtras.Security@1.0.6
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=DotNetExtras.Security&version=1.0.6
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=DotNetExtras.Security&version=1.0.6
                    


                            Install as a Cake Tool

DotNetExtras.Security

DotNetExtras.Security is a .NET Core library that implements most commonly used security operations.

Use the DotNetExtras.Security library to:

  • Generate random passwords.
  • Encrypt and decrypt data using the AES algorithm.
  • Hash data using secure hashing algorithms.
  • Generate and validate JSON web tokens (JWT).
  • Convert objects to JSON strings with sensitive properties masked.
  • Automatically mask sensitive object properties written to the logs.

Usage

The following examples illustrates various operations implemented by the DotNetExtras.Security library.

DotNetExtras.Security namespace

using DotNetExtras.Security;
...
// Generate a random password between 12 and 16 characters long.
string randomPassword = Password.Generate(12, 16);

using DotNetExtras.Security;
...
string plainText = "Hello, World!";
string password = "never-hard-code-passwords!";

// Encrypt the plain text using the password to generate the symmetric key.
string encrypted = Crypto.Encrypt(plainText, password)

// Decrypt the cipher text using the same password to get the original plain text.
string decrypted = Crypto.Decrypt(encryptedText, password);

using DotNetExtras.Security;
...
string plainText = "Hello, World!";

HashType hashType = HashType.SHA256;

// Use either option to generate the hash value.
// string hashText = Hash.Generate(hashType, plainText);
// or
string hashText = plainText.ToHash(hashType)

// Given the hash value, validate the plain text.
bool valid = Hash.Validate(hashType, hashText, "Hello, World!")

using System.Security.Claims;
using DotNetExtras.Security;
...
using System.Net.Sockets;

string secret = "never-hard-code-passwords!";
int    tokenExpirationSeconds = 3600; // 1 hour
string email = "joe.doe@sample.com";

Jwt jwt = new(secret, tokenExpirationSeconds);

string token = jwt.Generate(email);

ClaimsPrincipal principal = jwt.Validate(token);

Assert.NotNull(principal);
Assert.Equal(email, principal.FindFirst(ClaimTypes.Email)?.Value);

DotNetExtras.Security.Json namespace

Mask sensitive properties when serializing any objects to JSON via System.Text.Json.

using DotNetExtras.Security.Json;
...
User user = new()
{   UserName = "joe.doe",
    Password = "never-hard-code-passwords!",
    Email = "joe.doe@sample.com,
    PersonalData = new()
    {
        Ssn = "123-45-6789"
    }
};

string? json;

// Serialize the user object to JSON, 
// replacing the Password property value with null.
json = user.ToJson("Password");

// Serialize the user object to JSON, 
// replacing the Password and PersonalData.Ssn property values with "###".
json = user.ToJson("###", "Password", "PersonalData.Ssn");

// Serialize the user object to JSON, 
// masking the Password and PersonalData.Ssn property values
// with the asterisk characters,
// but leaving the first and last 2 characters in plain text.
json = user.ToJson('*', 2, 2, "Password", "PersonalData.Ssn");

Mask sensitive properties when serializing your objects to JSON via System.Text.Json.

using DotNetExtras.Security.Json;
...
// Value will be replaced with null.
[Mask(null)]
public string? Secret1 { get; set; }

// Value will be replaced with an empty string.
[Mask("")]
public string? Secret2 { get; set; }

// Value will be replaced with the literal string "***masked***".
[Mask("***masked***")]
public string? Secret3 { get; set; }

// Value will be replaced with the hex-encoded SHA-256 hash.
[Mask(HashType.SHA256)]
public string? Secret4 { get; set; }

// Value will be replaced with the asterisks
// and two first and last characters will be left in plain text.
[Mask('*', 2, 2)]
public string? Secret5 { get; set; }

Documentation

For complete documentation, usage details, and code samples, see:

Package

Install the latest version of the DotNetExtras.Security NuGet package from:

See also

Check out other DotNetExtras libraries at:

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.0.8 17 9/12/2025
1.0.7 126 9/10/2025
1.0.6 162 8/29/2025
1.0.5 171 8/28/2025
1.0.4 174 8/28/2025
1.0.0 127 8/11/2025

Simplified some classes. Improved documentation.