ApiKeyGenerator 0.9.2
See the version list below for details.
dotnet add package ApiKeyGenerator --version 0.9.2
NuGet\Install-Package ApiKeyGenerator -Version 0.9.2
<PackageReference Include="ApiKeyGenerator" Version="0.9.2" />
paket add ApiKeyGenerator --version 0.9.2
#r "nuget: ApiKeyGenerator, 0.9.2"
// Install ApiKeyGenerator as a Cake Addin #addin nuget:?package=ApiKeyGenerator&version=0.9.2 // Install ApiKeyGenerator as a Cake Tool #tool nuget:?package=ApiKeyGenerator&version=0.9.2
API Key Generator
A DotNet library for generating and validating API keys. Although there are lots of libraries out there that help you implement API key logic using middleware, this library attempts to isolate exactly the code that does API key generation and validation using relatively safe practices.
The goal of this library is to strike the right balance between usability and reliability.
This library implements encryption of API keys as follows:
- The default algorithm uses BCrypt on key + salt.
- You can choose SHA256 or SHA512 if you prefer.
- Keys and salts are 512 bits of randomness.
The library is intended to support future generations of algorithms while still being compatible with previously generated API keys.
For usability, this library works on a few basic principles:
- API key validation should be able to give clear error messages if the key is malformed.
- An API key is in the form
<prefix><key ID>:<client secret><suffix>
. - The prefix and suffix values determine if the client is sending the wrong API key, or if the key has been truncated.
- The prefix and suffix also determine which generation of algorithm your key uses.
- The Key ID is a GUID that can be used to uniquely identify the key in your storage system.
- Salt and hash values can be stored wherever you like, as long as you can fetch them back for validation.
- The validation and key generation logic are as general purpose as possible so you can fit this library anywhere.
Algorithm Performance
These performance statistics were measured on my laptop, a Dell I7-12700H. Benchmarks measure the length of time taken to do 1,000 iterations of Generate or Validate.
Method | HashType | Mean | Error | StdDev |
---|---|---|---|---|
Generate | SHA256 | 2.659 ms | 0.0269 ms | 0.0239 ms |
Validate | SHA256 | 1.214 ms | 0.0091 ms | 0.0085 ms |
Generate | SHA512 | 3.321 ms | 0.0217 ms | 0.0203 ms |
Validate | SHA512 | 1.821 ms | 0.0078 ms | 0.0061 ms |
Generate | BCrypt | 12,097.053 ms | 32.9440 ms | 30.8158 ms |
Validate | BCrypt | 12,183.813 ms | 39.5346 ms | 36.9807 ms |
Generate | PBKDF2100K | 9,105.861 ms | 32.3737 ms | 30.2824 ms |
Validate | PBKDF2100K | 9,153.661 ms | 51.2219 ms | 47.9130 ms |
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
.NET Core | netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
.NET Standard | netstandard2.0 is compatible. netstandard2.1 was computed. |
.NET Framework | net461 was computed. net462 was computed. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed. |
MonoAndroid | monoandroid was computed. |
MonoMac | monomac was computed. |
MonoTouch | monotouch was computed. |
Tizen | tizen40 was computed. tizen60 was computed. |
Xamarin.iOS | xamarinios was computed. |
Xamarin.Mac | xamarinmac was computed. |
Xamarin.TVOS | xamarintvos was computed. |
Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETStandard 2.1
- BCrypt.Net-Next (>= 4.0.3)
- SimpleBase (>= 4.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
# 0.9.2
July 13, 2023
Switch to BCrypt for the default API key hash algorithm.
* Support for SHA256, SHA512, BCrypt, and PBKDF2 with 100K iterations.
* Switched from Base64 encoding to Base58, and replaced the colon separator with an underscore. Using
this approach, no un-copyable characters appear in an API key. This should lead to users being able
to double click an API key and copy it easily.
* Added many more tests.