HeroCrypt v0.2.0

./nugetz

Framework	Version	Status	Notes
.NET Standard	2.0	✅ Full Support	Compatible with .NET Framework 4.6.1+, Unity, Xamarin
.NET	8.0	✅ Full Support	Long-term support (LTS)
.NET	9.0	✅ Full Support	Standard term support
.NET	10.0	✅ Full Support	Includes native post-quantum cryptography

dotnet add package HeroCrypt

using HeroCrypt;
using System.Security.Cryptography;
using System.Text;

var salt = RandomNumberGenerator.GetBytes(16);

// Hash a password (Argon2id via builder)
var hashBytes = HeroCryptBuilder.DeriveKey()
    .UseArgon2()
    .WithPassword(Encoding.UTF8.GetBytes("mySecurePassword"))
    .WithSalt(salt)
    .WithIterations(3)
    .WithParallelism(4)
    .WithKeyLength(32)
    .Build();

var hash = Convert.ToBase64String(hashBytes);

// Verify a password
var verifyBytes = HeroCryptBuilder.DeriveKey()
    .UseArgon2()
    .WithPassword(Encoding.UTF8.GetBytes("mySecurePassword"))
    .WithSalt(salt)
    .WithIterations(3)
    .WithParallelism(4)
    .WithKeyLength(32)
    .Build();

bool isValid = HeroCrypt.Security.SecureMemoryOperations.ConstantTimeEquals(
    hashBytes,
    verifyBytes);

using HeroCrypt.Cryptography.Blake2b;

// Simple hash
byte[] data = Encoding.UTF8.GetBytes("Hello, World!");
byte[] hash = Blake2bCore.ComputeHash(data, 32);  // 32-byte hash

// Keyed hash (MAC)
byte[] key = Encoding.UTF8.GetBytes("secret-key");
byte[] mac = Blake2bCore.ComputeHash(data, 32, key);

using HeroCrypt.Cryptography.RSA;

// Generate key pair
var keyPair = RsaCore.GenerateKeyPair(2048);

// Encrypt with OAEP padding
byte[] encrypted = RsaCore.Encrypt(
    data, 
    keyPair.PublicKey, 
    RsaPaddingMode.Oaep, 
    HashAlgorithmName.SHA256
);

// Decrypt
byte[] decrypted = RsaCore.Decrypt(
    encrypted, 
    keyPair.PrivateKey, 
    RsaPaddingMode.Oaep, 
    HashAlgorithmName.SHA256
);

using HeroCrypt.Fluent;

// Option 1: Using unified HeroCryptBuilder (recommended)
// ML-KEM: Quantum-resistant key encapsulation
using var keyPair = HeroCrypt.Create()
    .PostQuantum()
    .MLKem()
    .WithSecurityBits(192)
    .GenerateKeyPair();

// Sender: Encapsulate a shared secret
var (ciphertext, sharedSecret) = HeroCrypt.Create()
    .PostQuantum()
    .MLKem()
    .WithPublicKey(keyPair.PublicKeyPem)
    .Encapsulate();

// ML-DSA: Quantum-resistant digital signatures
var signature = HeroCrypt.Create()
    .PostQuantum()
    .MLDsa()
    .WithKeyPair(signingKey)
    .WithData("Important message")
    .WithContext("application-v1")
    .Sign();

// Option 2: Quick access static methods
using var quickKey = HeroCrypt.PostQuantum.MLKem.GenerateKeyPair();
bool isValid = HeroCrypt.PostQuantum.MLDsa.Verify(publicKey, data, signature);

// Option 3: Algorithm-specific builders
using var mlKemKey = MLKem.Create().WithSecurityBits(256).GenerateKeyPair();

Algorithm	Standard	Status
Argon2d	RFC 9106	✅ Fully Compliant
Argon2i	RFC 9106	✅ Fully Compliant
Argon2id	RFC 9106	✅ Fully Compliant
Blake2b	RFC 7693	✅ Fully Compliant
ChaCha20-Poly1305	RFC 8439	✅ Fully Compliant
Curve25519 (X25519)	RFC 7748	✅ Fully Compliant
Rabbit Stream Cipher	RFC 4503	✅ Fully Compliant
HKDF	RFC 5869	✅ Fully Compliant
ML-KEM (FIPS 203)	FIPS 203	✅ Production-ready (.NET 10+)
ML-DSA (FIPS 204)	FIPS 204	✅ Production-ready (.NET 10+)
SLH-DSA (FIPS 205)	FIPS 205	✅ Production-ready (.NET 10+)
RSA	RFC 8017	✅ Basic Support

KoalaFacts/HeroCryptv0.2.0

Get Started

Readme

HeroCrypt

✨ Features

🎯 Framework Support

Feature Availability by Framework

Core Cryptography (All Frameworks)

.NET 8.0+ Enhanced Features

.NET 10.0+ Only

.NET Standard 2.0 Compatibility

📦 Installation

🚀 Quick Start

Argon2 Password Hashing

Blake2b Hashing

RSA Encryption

Post-Quantum Cryptography (.NET 10+)

🏗️ Architecture

📊 RFC Compliance

🎯 Target Frameworks

🔒 Security

📖 Documentation

Getting Started

Production Use

Support

Technical Details

🤝 Contributing

📄 License

🙏 Acknowledgments