Outbox AesGcm in to Microsoft.Bcl.Cryptography

dotnet · Feb 14, 2025 · 09c5809 · 09c5809
1 parent 10532bf
commit 09c5809
Show file tree

Hide file tree

Showing 21 changed files with 550 additions and 227 deletions.
diff --git a/src/libraries/Common/src/Interop/Windows/BCrypt/BCryptAeadHandleCache.cs b/src/libraries/Common/src/Interop/Windows/BCrypt/BCryptAeadHandleCache.cs
@@ -10,15 +10,17 @@ namespace Internal.Cryptography
 {
     internal static class BCryptAeadHandleCache
     {
-        private static SafeAlgorithmHandle? s_aesCcm;
         private static SafeAlgorithmHandle? s_aesGcm;
+#if NET
+        private static SafeAlgorithmHandle? s_aesCcm;
         private static SafeAlgorithmHandle? s_chaCha20Poly1305;
 
-        internal static SafeAlgorithmHandle AesCcm => GetCachedAlgorithmHandle(ref s_aesCcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_CCM);
-        internal static SafeAlgorithmHandle AesGcm => GetCachedAlgorithmHandle(ref s_aesGcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_GCM);
-
         internal static bool IsChaCha20Poly1305Supported { get; } = OperatingSystem.IsWindowsVersionAtLeast(10, 0, 20142);
         internal static SafeAlgorithmHandle ChaCha20Poly1305 => GetCachedAlgorithmHandle(ref s_chaCha20Poly1305, Cng.BCRYPT_CHACHA20_POLY1305_ALGORITHM);
+        internal static SafeAlgorithmHandle AesCcm => GetCachedAlgorithmHandle(ref s_aesCcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_CCM);
+#endif
+
+        internal static SafeAlgorithmHandle AesGcm => GetCachedAlgorithmHandle(ref s_aesGcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_GCM);
 
         private static SafeAlgorithmHandle GetCachedAlgorithmHandle(ref SafeAlgorithmHandle? handle, string algId, string? chainingMode = null)
         {

diff --git a/...curity/Cryptography/AeadCommon.Windows.cs → ...curity/Cryptography/AeadCommon.Windows.cs b/...curity/Cryptography/AeadCommon.Windows.cs → ...curity/Cryptography/AeadCommon.Windows.cs
diff --git a/...c/System/Security/Cryptography/AesAEAD.cs → ...c/System/Security/Cryptography/AesAEAD.cs b/...c/System/Security/Cryptography/AesAEAD.cs → ...c/System/Security/Cryptography/AesAEAD.cs
@@ -1,15 +1,13 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using Internal.Cryptography;
-
 namespace System.Security.Cryptography
 {
-    internal static partial class AesAEAD
+    internal static class AesAEAD
     {
-        public static void CheckKeySize(int keySizeInBytes)
+        internal static void CheckKeySize(int keySizeInBytes)
         {
-            if (keySizeInBytes != (128 / 8) && keySizeInBytes != (192 / 8) && keySizeInBytes != (256 / 8))
+            if (keySizeInBytes is not (128 / 8 or 192 / 8 or 256 / 8))
             {
                 throw new CryptographicException(SR.Cryptography_InvalidKeySize);
             }

diff --git a/...m/Security/Cryptography/AesGcm.Windows.cs → ...m/Security/Cryptography/AesGcm.Windows.cs b/...m/Security/Cryptography/AesGcm.Windows.cs → ...m/Security/Cryptography/AesGcm.Windows.cs
@@ -4,43 +4,46 @@
 using System.Diagnostics.CodeAnalysis;
 using Internal.Cryptography;
 using Internal.NativeCrypto;
+using System.Runtime.InteropServices;
 
 namespace System.Security.Cryptography
 {
     public partial class AesGcm
     {
         private SafeKeyHandle _keyHandle;
+        private static readonly KeySizes s_tagByteSizes = new KeySizes(12, 16, 1);
 
-        public static bool IsSupported => true;
-        public static KeySizes TagByteSizes { get; } = new KeySizes(12, 16, 1);
+        public static partial bool IsSupported => true;
+
+        public static partial KeySizes TagByteSizes => s_tagByteSizes;
 
         [MemberNotNull(nameof(_keyHandle))]
-        private void ImportKey(ReadOnlySpan<byte> key)
+        private partial void ImportKey(ReadOnlySpan<byte> key)
         {
             _keyHandle = Interop.BCrypt.BCryptImportKey(BCryptAeadHandleCache.AesGcm, key);
         }
 
-        private void EncryptCore(
+        private partial void EncryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> plaintext,
             Span<byte> ciphertext,
             Span<byte> tag,
-            ReadOnlySpan<byte> associatedData = default)
+            ReadOnlySpan<byte> associatedData)
         {
             AeadCommon.Encrypt(_keyHandle, nonce, associatedData, plaintext, ciphertext, tag);
         }
 
-        private void DecryptCore(
+        private partial void DecryptCore(
             ReadOnlySpan<byte> nonce,
             ReadOnlySpan<byte> ciphertext,
             ReadOnlySpan<byte> tag,
             Span<byte> plaintext,
-            ReadOnlySpan<byte> associatedData = default)
+            ReadOnlySpan<byte> associatedData)
         {
             AeadCommon.Decrypt(_keyHandle, nonce, associatedData, ciphertext, tag, plaintext, clearPlaintextOnFailure: true);
         }
 
-        public void Dispose()
+        public partial void Dispose()
         {
             _keyHandle.Dispose();
         }