From b726837947e75e05f3e92a8fa7903373a683d655 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 15 Apr 2024 16:50:36 -0400
Subject: [PATCH] [deps]: Update dotnet monorepo to v8 (major) (#59)

* [deps]: Update dotnet monorepo to v8

* Additional changes for full .NET 8 upgrade

* Bump library versions available in Bookworm

* Bump YubiHSM package to match up with Bookworm

* Few more bumps

* Update KeyConnector.csproj

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
---
 .config/dotnet-tools.json                     | 10 ++++++++
 global.json                                   |  8 +++----
 src/KeyConnector/Dockerfile                   | 12 +++++-----
 .../Exceptions/InvalidKeyTypeException.cs     |  3 ---
 src/KeyConnector/KeyConnector.csproj          | 23 ++++++++++---------
 .../Services/CryptoFunctionService.cs         |  4 ++--
 6 files changed, 34 insertions(+), 26 deletions(-)
 create mode 100644 .config/dotnet-tools.json

diff --git a/.config/dotnet-tools.json b/.config/dotnet-tools.json
new file mode 100644
index 0000000..04065cb
--- /dev/null
+++ b/.config/dotnet-tools.json
@@ -0,0 +1,10 @@
+{
+  "version": 1,
+  "isRoot": true,
+  "tools": {
+    "dotnet-ef": {
+      "version": "8.0.2",
+      "commands": ["dotnet-ef"]
+    }
+  }
+}
diff --git a/global.json b/global.json
index a9b1166..391ba3c 100644
--- a/global.json
+++ b/global.json
@@ -1,6 +1,6 @@
 {
-    "sdk": {
-      "version": "6.0.100",
-      "rollForward": "latestFeature"
-    }
+  "sdk": {
+    "version": "8.0.100",
+    "rollForward": "latestFeature"
   }
+}
diff --git a/src/KeyConnector/Dockerfile b/src/KeyConnector/Dockerfile
index 90ea7c8..5772032 100644
--- a/src/KeyConnector/Dockerfile
+++ b/src/KeyConnector/Dockerfile
@@ -1,17 +1,17 @@
-FROM mcr.microsoft.com/dotnet/aspnet:6.0
+FROM mcr.microsoft.com/dotnet/aspnet:8.0
 
 LABEL com.bitwarden.product="bitwarden"
 
 RUN apt-get update \
     && apt-get install -y --no-install-recommends \
-        gosu=1.12* \
-        curl=7.74.0* \
-        libc6-dev=2.31* \
-        opensc=0.21.0* \
+    gosu=1.14* \
+    curl=7.88.1* \
+    libc6-dev=2.36* \
+    opensc=0.23.0* \
     && rm -rf /var/lib/apt/lists/*
 
 # Install YubiHSM2 SDK
-RUN curl -O https://developers.yubico.com/YubiHSM2/Releases/yubihsm2-sdk-2021-08-debian10-amd64.tar.gz \
+RUN curl -O https://developers.yubico.com/YubiHSM2/Releases/yubihsm2-sdk-2023-11-debian12-amd64.tar.gz \
     && tar -xzf yubihsm2-sdk-*.tar.gz \
     && rm yubihsm2-sdk-*.tar.gz \
     && dpkg -i yubihsm2-sdk/libyubihsm-http1_*_amd64.deb \
diff --git a/src/KeyConnector/Exceptions/InvalidKeyTypeException.cs b/src/KeyConnector/Exceptions/InvalidKeyTypeException.cs
index 8d93125..88a7cbf 100644
--- a/src/KeyConnector/Exceptions/InvalidKeyTypeException.cs
+++ b/src/KeyConnector/Exceptions/InvalidKeyTypeException.cs
@@ -13,8 +13,5 @@ namespace Bit.KeyConnector.Exceptions
 
         public InvalidKeyTypeException(string message, Exception innerException)
             : base(message, innerException) { }
-
-        protected InvalidKeyTypeException(SerializationInfo info, StreamingContext context)
-            : base(info, context) { }
     }
 }
diff --git a/src/KeyConnector/KeyConnector.csproj b/src/KeyConnector/KeyConnector.csproj
index 03b3ad1..78f7510 100644
--- a/src/KeyConnector/KeyConnector.csproj
+++ b/src/KeyConnector/KeyConnector.csproj
@@ -1,10 +1,11 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
     <RootNamespace>Bit.KeyConnector</RootNamespace>
     <UserSecretsId>bitwarden-KeyConnector</UserSecretsId>
-    <GenerateRuntimeConfigurationFiles>True</GenerateRuntimeConfigurationFiles>
+    <GenerateRuntimeConfigurationFiles>True</GenerateRuntimeConfigurationFiles>   
+    
     <Version>2024.3.1</Version>
   </PropertyGroup>
 
@@ -18,22 +19,22 @@
     <PackageReference Include="Google.Cloud.Kms.V1" Version="3.7.0"/>
     <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="3.0.1"/>
     <PackageReference Include="JsonFlatFileDataStore" Version="2.4.2"/>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.14">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="8.0.2">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="7.0.14"/>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="7.0.14"/>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="7.0.14"/>
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="8.0.2"/>
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="8.0.2"/>
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="8.0.2"/>
     <PackageReference Include="MongoDB.Driver" Version="2.22.0"/>
-    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="7.0.11"/>
+    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="8.0.2"/>
     <PackageReference Include="Pkcs11Interop" Version="5.1.2"/>
-    <PackageReference Include="Pomelo.EntityFrameworkCore.MySql" Version="7.0.0"/>
-    <PackageReference Include="Serilog.AspNetCore" Version="7.0.0"/>
-    <PackageReference Include="Serilog.Settings.Configuration" Version="7.0.1"/>
+    <PackageReference Include="Pomelo.EntityFrameworkCore.MySql" Version="8.0.1"/>
+    <PackageReference Include="Serilog.AspNetCore" Version="8.0.1"/>
+    <PackageReference Include="Serilog.Settings.Configuration" Version="8.0.0"/>
     <PackageReference Include="Serilog.Sinks.Console" Version="5.0.1"/>
     <PackageReference Include="Serilog.Sinks.File" Version="5.0.0"/>
     <PackageReference Include="VaultSharp" Version="1.7.0"/>
   </ItemGroup>
 
-</Project>
\ No newline at end of file
+</Project>
diff --git a/src/KeyConnector/Services/CryptoFunctionService.cs b/src/KeyConnector/Services/CryptoFunctionService.cs
index 1e69834..ce1126f 100644
--- a/src/KeyConnector/Services/CryptoFunctionService.cs
+++ b/src/KeyConnector/Services/CryptoFunctionService.cs
@@ -8,7 +8,7 @@ namespace Bit.KeyConnector.Services
     {
         public async Task<byte[]> AesGcmEncryptAsync(byte[] data, byte[] key)
         {
-            using var aes = new AesGcm(key);
+            using var aes = new AesGcm(key, AesGcm.TagByteSizes.MaxSize);
             var iv = await GetRandomBytesAsync(AesGcm.NonceByteSizes.MaxSize);
             var tag = new byte[AesGcm.TagByteSizes.MaxSize];
             var encData = new byte[data.Length];
@@ -25,7 +25,7 @@ namespace Bit.KeyConnector.Services
 
         public Task<byte[]> AesGcmDecryptAsync(byte[] data, byte[] key)
         {
-            using var aes = new AesGcm(key);
+            using var aes = new AesGcm(key, AesGcm.TagByteSizes.MaxSize);
             var endDataLength = data.Length - AesGcm.TagByteSizes.MaxSize - AesGcm.NonceByteSizes.MaxSize;
             var encData = new ArraySegment<byte>(data, 0, endDataLength);
             var tag = new ArraySegment<byte>(data, endDataLength, AesGcm.TagByteSizes.MaxSize);