Rebex Cryptography for Windows Store Apps and Windows Phone 8.1 (deprecated)

With .NET Standard 2.0, the good old System.Security.Cryptography namespace returned to UWP platform (successor to Windows 8 Store Apps), making this project unnecessary.

Porting cryptographic applications from classic .NET to target Windows Store Apps or Windows Phone 8.1 was difficult. The new platforms lack the good old System.Security.Cryptography namespace. Instead, they offered a new cryptographic API in Windows.Security.Cryptography namespace (based on Windows Runtime API), but it was completely different and lacks many previously-available features.

Rebex Cryptography library aimed to solve this problem by reimplementing most System.Security.Cryptography classes on top of Windows Runtime's Windows.Security.Cryptography classes and Rebex Security, making it possible to reuse existing .NET code on Microsoft's new Windows 8 Store and Windows 8.1 Store platforms.

It is available for free.

Download Rebex Cryptography for Windows Store, Windows Phone 8.1 and Universal Windows Platform »


1.4 - 2016-09-09 - Changed the namespace to Rebex.Legacy.Cryptography, added managed SHA-2 algorithms, new Universal Windows Platform (UWP) version.
1.3 - 2015-11-25 - Added PasswordDeriveBytes class.
1.2 - 2015-01-07 - Added support for OAEP padding to RSACryptoServiceProvider.
1.0 - 2015-01-06 - First version released.

Supported platforms

Supported objects

All of the supported objects are available in Rebex.Legacy.Cryptography namespace.

Contact us at, through our forum, or on Twitter.


Not all functionality is available. For example, RSA and DSA CSP objects don't support persisting keys in Windows key storage.

Sample code

Most classic .NET code using one of the objects listed above should work without changes. The following samples only demonstrate a small part of the what's available.

RSA signing and signature verification

// generate private/public key pair
string privateKey;
string publicKey;
using (var rsa = new RSACryptoServiceProvider(2048))
	privateKey = rsa.ToXmlString(true);
	publicKey = rsa.ToXmlString(false);

// sign data using the private key
byte[] data = Encoding.UTF8.GetBytes("Message to sign.");
byte[] signature;
using (var rsa = new RSACryptoServiceProvider())
	signature = rsa.SignData(data, SHA1.Create());

// verify signature using the public key
bool valid;
using (var rsa = new RSACryptoServiceProvider())
	valid = rsa.VerifyData(data, SHA1.Create(), signature);

SHA-2 hashing

// create an instance of SHA-256 hash algorithm object
using (var sha2 = SHA256.Create())
	// compute hash value of sample emssage
	byte[] data = Encoding.UTF8.GetBytes("Sample message.");
	byte[] hash = sha2.ComputeHash(data);
	// ...

AES cryptographic streams

// initialize AES cryptographic object
var aes = new AesCryptoServiceProvider();
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;

// generate symmetric key and initialization vector
byte[] key = aes.Key;
byte[] iv = aes.IV;

// create an instance of memory-based stream to hold encrypted data
var ms = new MemoryStream();

// create an encryptor, create a CryptoStream and wrap a StreamWriter around it
using (var cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write))
using (var writer = new StreamWriter(cs, Encoding.UTF8))
	// write some data to the encrypted stream
	writer.WriteLine("Writing to an instance of CryptoStream.");
	writer.WriteLine("More data.");
	writer.WriteLine("And even more data.");

// create a copy of the memory-based stream
ms = new MemoryStream(ms.ToArray());

// create a decryptor, create a CryptoStream and wrap a StreamReader around it
string contents;
using (var cs = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Read))
using (var reader = new StreamReader(cs, Encoding.UTF8))
	// read the contents of the encrypted stream
	contents = reader.ReadToEnd();

Send us feedback

Do you have any questions, would you like to discuss anything or do you have any kind of feedback?

Contact us at or