Add .NET 8.0 TFM and use new AesGcm constructor

UnitTests/AesGcmTest.cs

@@ -1,3 +1,5 @@
+using System;
+using System.Linq;
 using System.Text;
 using Jose;
 using Xunit;
@@ -39,5 +41,23 @@ public void Decrypt()
             //then
             Assert.Equal(Encoding.UTF8.GetBytes("decrypt me"), test);
         }
+
+        [Fact]
+        public void DecryptTruncatedTag()
+        {
+            //given
+            byte[] iv = { 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1 };
+            byte[] tag = { 121, 235, 93, 169, 185, 192, 202, 230, 130, 37, 35, 135, 46, 129, 168, 104 };
+            byte[] cipher = { 33, 6, 206, 1, 182, 114, 131, 218, 124, 60 };
+            byte[] aad = Encoding.UTF8.GetBytes("top secret");
+
+            tag = tag.SkipLast(1).ToArray();
+
+            Assert.Throws<ArgumentException>(() =>
+            {
+                //when
+                byte[] test = AesGcm.Decrypt(aes128Key, iv, aad, cipher, tag);
+            });
+        }
     }
 }

jose-jwt/JWTSettings.cs

@@ -13,7 +13,7 @@ public class JwtSettings
     {
         public JwtSettings()
         {
-#if NET472 || NETSTANDARD2_1 
+#if NET472 || NETSTANDARD2_1 || NET
 	    // By giving the Unix ECDHKeyManagement implementation to windows, we enable windows version of it to work with not only CngKey but also ECDiffieHellman.
             // Initially this was implemented separately, but unit tests were failing on windows due to the lack of ECDiffieHellman support. 
             // Since we don't know what the keys will be provided until runtime, and the registration happens before runtime, we need to make sure 
@@ -58,7 +58,7 @@ public JwtSettings()
             { JwsAlgorithm.ES256, new EcdsaUsingSha(256) },
             { JwsAlgorithm.ES384, new EcdsaUsingSha(384) },
             { JwsAlgorithm.ES512, new EcdsaUsingSha(521) }
-#elif NETSTANDARD || NET461 || NET472
+#elif NETSTANDARD || NET461 || NET472 || NET
             { JwsAlgorithm.ES256, new Jose.netstandard1_4.EcdsaUsingSha(256) },
             { JwsAlgorithm.ES384, new Jose.netstandard1_4.EcdsaUsingSha(384) },
             { JwsAlgorithm.ES512, new Jose.netstandard1_4.EcdsaUsingSha(521) }
@@ -169,7 +169,7 @@ public JwtSettings()
         private IJsonMapper jsMapper = new JSSerializerMapper();
 #elif NETSTANDARD1_4
         private IJsonMapper jsMapper = new NewtonsoftMapper();
-#elif NETSTANDARD2_1
+#elif NETSTANDARD2_1 || NET
         private IJsonMapper jsMapper = new JsonMapper();
 #endif
 

jose-jwt/crypto/AesGcm.cs

@@ -1,4 +1,4 @@
-#if !NETSTANDARD2_1
+#if !NETSTANDARD2_1 && !NET
 using System;
 using System.Runtime.InteropServices;
 using System.Security.Cryptography;

jose-jwt/crypto/AesGcmNetCore.cs

@@ -1,10 +1,13 @@
-#if NETSTANDARD2_1
+#if NETSTANDARD2_1 || NET
+using System;
 using System.Security.Cryptography;
 
 namespace Jose
 {
     public static class AesGcm
     {
+        public static int FixedTagLength => System.Security.Cryptography.AesGcm.TagByteSizes.MaxSize; // 16 bytes
+
         /// <summary>
         /// Performs AES encryption in GCM chaining mode over plain text
         /// </summary>
@@ -16,10 +19,15 @@ public static class AesGcm
         /// /// <exception cref="CryptographicException">if encryption failed by any reason</exception>
         public static byte[][] Encrypt(byte[] key, byte[] iv, byte[] aad, byte[] plainText)
         {
+#if NET
+            using var gcm =
+                new System.Security.Cryptography.AesGcm(key, FixedTagLength);
+#elif NETSTANDARD2_1
             using var gcm = new System.Security.Cryptography.AesGcm(key);
+#endif
 
             var ciphertext = new byte[plainText.Length];
-            var tag = new byte[System.Security.Cryptography.AesGcm.TagByteSizes.MaxSize];
+            var tag = new byte[FixedTagLength];
 
             gcm.Encrypt(nonce: iv, plaintext: plainText, ciphertext: ciphertext, tag: tag, associatedData: aad);
 
@@ -37,7 +45,14 @@ public static byte[][] Encrypt(byte[] key, byte[] iv, byte[] aad, byte[] plainTe
         /// <exception cref="CryptographicException">if decryption failed by any reason</exception>
         public static byte[] Decrypt(byte[] key, byte[] iv, byte[] aad, byte[] cipherText, byte[] authTag)
         {
+#if NET
+            using var gcm =
+                new System.Security.Cryptography.AesGcm(key, FixedTagLength);
+#elif NETSTANDARD2_1
+            if (authTag.Length != FixedTagLength)
+                throw new ArgumentException("The specified tag is not a valid size for this algorithm (must be " + FixedTagLength + " bytes).", nameof(authTag));
             using var gcm = new System.Security.Cryptography.AesGcm(key);
+#endif
 
             var plaintext = new byte[cipherText.Length];
 

jose-jwt/crypto/AesKeyWrap.cs

@@ -100,7 +100,7 @@ private static byte[] AesDec(byte[] sharedKey, byte[] cipherText)
                     }
                 }
             }
-#elif NETSTANDARD
+#elif NETSTANDARD || NET
             using (Aes aes = System.Security.Cryptography.Aes.Create())
             {
                 aes.Key = sharedKey;
@@ -147,7 +147,7 @@ private static byte[] AesEnc(byte[] sharedKey, byte[] plainText)
                     }
                 }
             }
-        #elif NETSTANDARD || NET472
+        #elif NETSTANDARD || NET472 || NET
             using (Aes aes = System.Security.Cryptography.Aes.Create())
             {
                 aes.Key = sharedKey;

jose-jwt/crypto/ConcatKDF.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Runtime.Versioning;
 using System.Security.Cryptography;
 using Jose.native;
 using Microsoft.Win32.SafeHandles;
@@ -9,9 +10,10 @@ public static class ConcatKDF
     {
         // Microsoft CNG implementation is unusable on NIST-384 and NISP-521 curves due to broken key derivation
         // https://stackoverflow.com/questions/10879658/existing-implementations-for-nist-sp-800-56a-concatenation-single-step-key-deriv
+        [SupportedOSPlatform("windows")]
         public static byte[] DeriveKey(CngKey externalPubKey, CngKey privateKey, int keyBitLength, byte[] algorithmId, byte[] partyVInfo, byte[] partyUInfo, byte[] suppPubInfo)
         {
-#if NET40 || NET461 || NET472 || NETSTANDARD2_1
+#if NET40 || NET461 || NET472 || NETSTANDARD2_1 || NET
             using (var cng = new ECDiffieHellmanCng(privateKey))
             {
                 using (SafeNCryptSecretHandle hSecretAgreement = cng.DeriveSecretAgreementHandle(externalPubKey))
@@ -45,7 +47,7 @@ public static byte[] DeriveKey(CngKey externalPubKey, CngKey privateKey, int key
             throw new NotImplementedException("not yet");
 #endif
         }
-#if NET472 || NETSTANDARD2_1        
+#if NET472 || NETSTANDARD2_1 || NET
         public static byte[] DeriveEcdhKey(ECDiffieHellman externalPubKey, ECDiffieHellman privateKey, int keyBitLength, byte[] algorithmId, byte[] partyVInfo, byte[] partyUInfo, byte[] suppPubInfo)
         {
             // Concat KDF, as defined in Section 5.8.1 of [NIST.800-56A]
@@ -63,16 +65,16 @@ public static byte[] DeriveEcdhKey(ECDiffieHellman externalPubKey, ECDiffieHellm
                     suppPubInfo
                 );
 
-            for (int c = 1; c <= reps; c++)
-            {
+            for (int c = 1; c <= reps; c++)
+            {
                 byte[] keyMaterial = privateKey.DeriveKeyFromHash(
                     externalPubKey.PublicKey,
                     HashAlgorithmName.SHA256,
                     Arrays.IntToBytes(c),
-                    otherInfo);
-
-                K[c - 1] = keyMaterial;
-
+                    otherInfo);
+
+                K[c - 1] = keyMaterial;
+
             }
 
             return Arrays.LeftmostBits(Arrays.Concat(K), keyBitLength);

jose-jwt/crypto/RsaPss.cs

@@ -68,10 +68,10 @@ private static HashAlgorithm HashAlgorithm(CngAlgorithm hash)
                 return new SHA384Cng();
             if (hash == CngAlgorithm.Sha512)
                 return new SHA512Cng();
-
-            throw new ArgumentException(string.Format("RsaPss expects hash function to be SHA256, SHA384 or SHA512, but was given:{0}", hash));
-
-#elif NETSTANDARD
+
+            throw new ArgumentException(string.Format("RsaPss expects hash function to be SHA256, SHA384 or SHA512, but was given:{0}", hash));
+
+#elif NETSTANDARD || NET
             throw new NotImplementedException("not yet");
 #endif
         }

jose-jwt/jose-jwt.csproj

@@ -46,7 +46,7 @@ JSON Web Key (RFC 7517):
     <NeutralLanguage>en-US</NeutralLanguage>
     <VersionPrefix>5.0.0</VersionPrefix>
     <Authors>Dmitry Vsekhvalnov</Authors>
-    <TargetFrameworks>net40;net461;net472;netstandard1.4;netstandard2.1</TargetFrameworks>
+    <TargetFrameworks>net40;net461;net472;netstandard1.4;netstandard2.1;net8.0</TargetFrameworks>
     <LangVersion>latest</LangVersion>
     <AssemblyName>jose-jwt</AssemblyName>
     <PackageId>jose-jwt</PackageId>

jose-jwt/jose-jwt.net40.csproj

@@ -90,14 +90,15 @@
     <Compile Include="util\Compact.cs" />
     <Compile Include="util\Dictionaries.cs" />
     <Compile Include="util\Ensure.cs" />
+    <Compile Include="util\SupportedOSPlatform.cs" />
   </ItemGroup>
   <ItemGroup />
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
-       Other similar extension points exist, see Microsoft.Common.targets.
-  <Target Name="BeforeBuild">
-  </Target>
-  <Target Name="AfterBuild">
-  </Target>
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
   -->
 </Project>

jose-jwt/jose-jwt.net46.csproj

@@ -92,6 +92,7 @@
     <Compile Include="util\Compact.cs" />
     <Compile Include="util\Dictionaries.cs" />
     <Compile Include="util\Ensure.cs" />
+    <Compile Include="util\SupportedOSPlatform.cs" />
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 

jose-jwt/jose-jwt.net47.csproj

@@ -99,6 +99,7 @@
     <Compile Include="util\Compact.cs" />
     <Compile Include="util\Dictionaries.cs" />
     <Compile Include="util\Ensure.cs" />
+    <Compile Include="util\SupportedOSPlatform.cs" />
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
 </Project>

jose-jwt/json/JsonMapper.cs

@@ -1,4 +1,4 @@
-#if NETSTANDARD2_1
+#if NETSTANDARD2_1 || NET
 using System;
 using System.Collections.Generic;
 using System.Text.Encodings.Web;

jose-jwt/jwa/EcdhKeyManagementUnix.cs

@@ -6,7 +6,7 @@
 
 namespace Jose
 {
-#if NET472 || NETSTANDARD2_1
+#if NET472 || NETSTANDARD2_1 || NET
     public class EcdhKeyManagementUnix : IKeyManagement
     {
         private readonly string algIdHeader;
@@ -79,7 +79,7 @@ public virtual byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, I
                 {
                     privateKey = jwk.EcDiffieHellmanKey();
                 }
-            }
+            }
             else if (key is ECDsa ecdsa)
             {                               
                 privateKey = EcdhKey.FromPrivate(ecdsa);

jose-jwt/jwa/EcdhKeyManagementWin.cs

@@ -1,10 +1,12 @@
 using System.Collections.Generic;
+using System.Runtime.Versioning;
 using System.Security.Cryptography;
 using System.Text;
 using Jose.keys;
 
 namespace Jose
 {
+    [SupportedOSPlatform("windows")]
     public class EcdhKeyManagementWin : IKeyManagement
     {
         private readonly IKeyManagement ecdhKeyManagementUnix;
@@ -18,7 +20,7 @@ public EcdhKeyManagementWin(bool isDirectAgreement, IKeyManagement ecdhKeyManage
 
         public virtual byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary<string, object> header)
         {
-#if NET472 || NETSTANDARD2_1
+#if NET472 || NETSTANDARD2_1 || NET
             if (key is ECDiffieHellman || key is ECDsa || key is Jwk)
             {
                 return ecdhKeyManagementUnix.WrapNewKey(cekSizeBits, key, header);
@@ -69,7 +71,7 @@ public virtual byte[] Wrap(byte[] cek, object key)
 
         public virtual byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, IDictionary<string, object> header)
         {
-#if NET472 || NETSTANDARD2_1
+#if NET472 || NETSTANDARD2_1 || NET
             if (key is ECDiffieHellman || key is ECDsa  || key is Jwk)
             {
                 return ecdhKeyManagementUnix.Unwrap(encryptedCek, key, cekSizeBits, header);

jose-jwt/jwa/EcdhKeyManagementWinWithAesKeyWrap.cs

@@ -1,9 +1,11 @@
 using System;
 using System.Collections.Generic;
+using System.Runtime.Versioning;
 using System.Security.Cryptography;
 
 namespace Jose
 {
+    [SupportedOSPlatform("windows")]
     public class EcdhKeyManagementWinWithAesKeyWrap : EcdhKeyManagementWin
     {
         private readonly AesKeyWrapManagement aesKW;
@@ -19,7 +21,7 @@ public EcdhKeyManagementWinWithAesKeyWrap(int keyLengthBits, AesKeyWrapManagemen
 
         public override byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary<string, object> header)
         {
-    #if NET472 || NETSTANDARD2_1
+    #if NET472 || NETSTANDARD2_1 || NET
             if (key is ECDiffieHellman || key is ECDsa || key is Jwk)
             {
                 return ecdhKeyManagementUnixWithAesKeyWrap.WrapNewKey(cekSizeBits, key, header);
@@ -32,7 +34,7 @@ public override byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary<str
 
         public override byte[] WrapKey(byte[] cek, object key, IDictionary<string, object> header)
         {
-    #if NET472 || NETSTANDARD2_1
+    #if NET472 || NETSTANDARD2_1 || NET
             if (key is ECDiffieHellman || key is ECDsa || key is Jwk)
             {
                 return ecdhKeyManagementUnixWithAesKeyWrap.WrapKey(cek, key, header);
@@ -47,7 +49,7 @@ public override byte[] WrapKey(byte[] cek, object key, IDictionary<string, objec
 
         public override byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, IDictionary<string, object> header)
         {
-    #if NET472 || NETSTANDARD2_1
+    #if NET472 || NETSTANDARD2_1 || NET
             if (key is ECDiffieHellman || key is ECDsa || key is Jwk)
             {
                 return ecdhKeyManagementUnixWithAesKeyWrap.Unwrap(encryptedCek, key, cekSizeBits, header);