diff --git a/Cipher/AesFactories.cs b/Cipher/AesFactories.cs index c4f0ec3..947b72a 100644 --- a/Cipher/AesFactories.cs +++ b/Cipher/AesFactories.cs @@ -7,8 +7,10 @@ public static class AesFactories { internal static readonly Func ManagedAes = () => new AesManaged(); internal static readonly Func FipsAes = Environment.OSVersion.Platform == PlatformID.Win32NT ? - (Func)(() => new AesCng()) : // Windows - () => new AesCryptoServiceProvider(); // non-Windows +#pragma warning disable CA1416 // Validate platform compatibility + (Func)(() => new AesCng()) : // Windows +#pragma warning restore CA1416 // Validate platform compatibility + () => new AesCryptoServiceProvider(); // non-Windows public static readonly Func Aes = Utils.AllowOnlyFipsAlgorithms ? FipsAes : ManagedAes; }//class AesFactories diff --git a/Extensions/CngKeyExtensions.cs b/Extensions/CngKeyExtensions.cs index 576b717..f498921 100644 --- a/Extensions/CngKeyExtensions.cs +++ b/Extensions/CngKeyExtensions.cs @@ -6,29 +6,72 @@ namespace SecurityDriven.Inferno.Extensions { public static class CngKeyExtensions { +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif static readonly CngKeyCreationParameters cngKeyCreationParameters = new CngKeyCreationParameters { ExportPolicy = CngExportPolicies.AllowPlaintextExport }; + +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif static readonly CngProperty exportPolicy_AllowPlaintextExport = new CngProperty("Export Policy", BitConverter.GetBytes((int)CngExportPolicies.AllowPlaintextExport), CngPropertyOptions.None); +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif public static CngKey CreateNewDhmKey(string name = null) { return CngKey.Create(CngAlgorithm.ECDiffieHellmanP384, name, cngKeyCreationParameters); } +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif public static CngKey CreateNewDsaKey(string name = null) { return CngKey.Create(CngAlgorithm.ECDsaP384, name, cngKeyCreationParameters); } +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif public static byte[] GetPrivateBlob(this CngKey key) { return key.Export(CngKeyBlobFormat.EccPrivateBlob); } +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif public static byte[] GetPublicBlob(this CngKey key) { return key.Export(CngKeyBlobFormat.EccPublicBlob); } +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif public static CngKey ToPrivateKeyFromBlob(this byte[] privateBlob) { var key = CngKey.Import(privateBlob, CngKeyBlobFormat.EccPrivateBlob); @@ -36,6 +79,12 @@ public static CngKey ToPrivateKeyFromBlob(this byte[] privateBlob) return key; } +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif public static CngKey ToPublicKeyFromBlob(this byte[] publicBlob) { return CngKey.Import(publicBlob, CngKeyBlobFormat.EccPublicBlob); @@ -44,9 +93,15 @@ public static CngKey ToPublicKeyFromBlob(this byte[] publicBlob) /// /// Both parties are static and authenticated. /// +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif public static byte[] GetSharedDhmSecret(this CngKey privateDhmKey, CngKey publicDhmKey, byte[] contextAppend = null, byte[] contextPrepend = null) { -#if (NET462 || NETCOREAPP3_1) +#if (NET462 || NETCOREAPP3_1 || NET5_0 || NET6_0) using (var ecdh = new ECDiffieHellmanCng(privateDhmKey) { HashAlgorithm = CngAlgorithm.Sha384, SecretAppend = contextAppend, SecretPrepend = contextPrepend }) return ecdh.DeriveKeyMaterial(publicDhmKey); #elif NETSTANDARD2_0 @@ -60,6 +115,12 @@ public static byte[] GetSharedDhmSecret(this CngKey privateDhmKey, CngKey public /// Sender is anonymous and keyless. /// Receiver is static and authenticated. /// +#if NET5_0_OR_GREATER + [System.Runtime.Versioning.SupportedOSPlatform("windows")] +#elif NETSTANDARD2_0_OR_GREATER || NET461_OR_GREATER || NETCOREAPP3_1 +#else +#error Target Framework is not supported +#endif public static SharedEphemeralBundle GetSharedEphemeralDhmSecret(this CngKey receiverDhmPublicKey, byte[] contextAppend = null, byte[] contextPrepend = null) { using (var sender = CreateNewDhmKey()) diff --git a/SecurityDriven.Inferno.csproj b/SecurityDriven.Inferno.csproj index de8753c..b22215a 100644 --- a/SecurityDriven.Inferno.csproj +++ b/SecurityDriven.Inferno.csproj @@ -1,7 +1,7 @@  - netcoreapp3.1;net462;netstandard2.0 + net5;net6;netcoreapp3.1;net462;netstandard2.0 latest true SecurityDriven.Inferno @@ -26,6 +26,7 @@ Inferno.snk false warnings +