Correct way to use encryption in Xamarin shared project

Question

I'm currently developing a Xamarin Forms Project and I need to use a few encryption methods that would normally be available through namespace System.Security.Cryptography namely RSACryptoServiceProvider. So far I have been using PCLCrypto nuget package to use other methods such MD5 hashing but I haven't figured out how to use RSA specifically. I was also wondering if it would be better to implement those methods directly on each native Project instead and then use them on the shared one instead of using the nuget.

Any thoughts on this? If someone could point me towards some documentation for PCLCrypto equivalent to what I need it would be fine as well, I just need some lights on this concern and some clarification since I've read some other questions but there isn't really a consensus.

Answer 1

Because the Nuget package for Cryptography is not PCL friendly, you might want to utilize Xamarin.Forms DependencyService. You can implement those Crypto methods natively and just call the actual implementations via the DependencyService.

1. Create an interface in your PCL (e.g. ICrypto).

2. Create a method in that interface that, for example, validates a password (e.g. bool PasswordValid).

3. Add the Nuget package for System.Security.Cryptography to your native project.

4. Create a class in your native code that will implement that interface (e.g. Crypto_Android) and have an implementation for the method (e.g. bool PasswordValid)

5. Call this code from your PCL via DependencyService. The syntax would be something like this:

bool valid = DependencyService.Get< ICrypto >().PasswordValid(password);

NOTE: For the code on actual Cryptography you can check the PCLCrypto Github link provided above by Tifa.

A simple DependencyService example can be found here.

Answer 2

I don't know if AES could be interesting for you but maybe you can take at look at this sample.

byte[] keyMaterial;
byte[] data;
var provider = WinRTCrypto.SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithm.AesCbcPkcs7);
var key = provider.CreateSymmetricKey(keyMaterial);

// The IV may be null, but supplying a random IV increases security.
// The IV is not a secret like the key is.
// You can transmit the IV (w/o encryption) alongside the ciphertext.
var iv = WinRTCrypto.CryptographicBuffer.GenerateRandom(provider.BlockLength);

byte[] cipherText = WinRTCrypto.CryptographicEngine.Encrypt(key, data, iv);

// When decrypting, use the same IV that was passed to encrypt.
byte[] plainText = WinRTCrypto.CryptographicEngine.Decrypt(key, cipherText, iv);

Source: PCLCrypto Github

Maybe this link could help you with crypto on Xamarin.Forms project (Using Cryptography in Portable Xamarin Forms (Windows Phone, Android and IOS))