DGS-22964 Ensure all deps are strongly named (#2548)

* DGS-22964 Ensure all deps are strongly named

* Minor cleanup

* Upgrade Microsoft.Bcl.Cryptography

Author: rayokota

src/Confluent.SchemaRegistry.Encryption/Confluent.SchemaRegistry.Encryption.csproj

@@ -28,13 +28,13 @@
     </ItemGroup>
 
     <ItemGroup Condition="'$(TargetFramework)' == 'net462'">
-        <PackageReference Include="Microsoft.Bcl.Cryptography" Version="10.0.0-preview.6.25358.103" />
+        <PackageReference Include="Microsoft.Bcl.Cryptography" Version="10.0.0" />
     </ItemGroup>
 
     <ItemGroup>
         <PackageReference Include="Google.Protobuf" Version="3.26.1" />
-        <PackageReference Include="HKDF.Standard" Version="2.0.0" />
-        <PackageReference Include="Miscreant" Version="0.3.3" />
+        <!-- HKDF.Standard and Miscreant packages are vendored (source copied) instead of referenced as NuGet packages -->
+        <!-- because they are not strongly named. See Vendored/Miscreant and Vendored/HkdfStandard directories. -->
     </ItemGroup>
 
     <ItemGroup>
@@ -45,6 +45,13 @@
     <ItemGroup>
         <Compile Include="..\Shared\SetEqualityComparer.cs" Link="Includes/SetEqualityComparer.cs"/>
         <Compile Include="..\Shared\DictionaryEqualityComparer.cs" Link="Includes/DictionaryEqualityComparer.cs"/>
-    </ItemGroup>    
+    </ItemGroup>
+
+    <!-- Vendored source code for packages that are not strongly named -->
+    <!-- The .NET SDK automatically includes all .cs files, so we only need to include the license files -->
+    <ItemGroup>
+        <None Include="Vendored\Miscreant\LICENSE.txt" Pack="true" PackagePath="Vendored\Miscreant\" />
+        <None Include="Vendored\HkdfStandard\LICENSE" Pack="true" PackagePath="Vendored\HkdfStandard\" />
+    </ItemGroup>
 
 </Project>

src/Confluent.SchemaRegistry.Encryption/Cryptor.cs

@@ -3,7 +3,7 @@
 using System.Security.Cryptography;
 using Google.Crypto.Tink;
 using Google.Protobuf;
-using Miscreant;
+using Confluent.SchemaRegistry.Encryption.Vendored.Miscreant;
 
 namespace Confluent.SchemaRegistry.Encryption
 {

src/Confluent.SchemaRegistry.Encryption/KmsClients.cs

@@ -3,7 +3,7 @@
 using System.Collections.Generic;
 using System.IO;
 using System.Security.Cryptography;
-using Miscreant;
+using Confluent.SchemaRegistry.Encryption.Vendored.Miscreant;
 
 namespace Confluent.SchemaRegistry.Encryption
 {

src/Confluent.SchemaRegistry.Encryption/LocalKmsClient.cs

@@ -1,5 +1,5 @@
 using System;
-using HkdfStandard;
+using Confluent.SchemaRegistry.Encryption.Vendored.HkdfStandard;
 using System.Security.Cryptography;
 using System.Text;
 using System.Threading.Tasks;

src/Confluent.SchemaRegistry.Encryption/Vendored/HkdfStandard/Hkdf.cs

@@ -0,0 +1,130 @@
+using System;
+using System.Security.Cryptography;
+
+namespace Confluent.SchemaRegistry.Encryption.Vendored.HkdfStandard
+{
+    /// <summary>
+    /// Simplified HKDF implementation for use in the Confluent Schema Registry Encryption library.
+    /// This is a subset of the original HKDF.Standard library, containing only the methods needed.
+    /// Original source: https://github.com/andreimilto/HKDF.Standard
+    /// </summary>
+    public static class Hkdf
+    {
+        /// <summary>
+        /// Derives a key from the provided input key material using HKDF.
+        /// </summary>
+        /// <param name="hashAlgorithmName">The hash algorithm to use.</param>
+        /// <param name="ikm">The input key material.</param>
+        /// <param name="outputLength">The desired length of the output key in bytes.</param>
+        /// <param name="salt">Optional salt value (defaults to hash output length of zeros if null).</param>
+        /// <param name="info">Optional context information (defaults to empty if null).</param>
+        /// <returns>The derived key.</returns>
+        public static byte[] DeriveKey(HashAlgorithmName hashAlgorithmName, byte[] ikm, int outputLength, byte[] salt = null, byte[] info = null)
+        {
+            if (ikm == null)
+                throw new ArgumentNullException(nameof(ikm));
+            if (outputLength <= 0)
+                throw new ArgumentOutOfRangeException(nameof(outputLength));
+
+            // Extract
+            byte[] prk = Extract(hashAlgorithmName, ikm, salt);
+            
+            // Expand
+            return Expand(hashAlgorithmName, prk, outputLength, info);
+        }
+
+        /// <summary>
+        /// HKDF Extract step - extracts a pseudorandom key from input key material.
+        /// </summary>
+        private static byte[] Extract(HashAlgorithmName hashAlgorithmName, byte[] ikm, byte[] salt)
+        {
+            int hashLength = GetHashLength(hashAlgorithmName);
+            
+            // Use a salt of HashLen zeros if not provided
+            if (salt == null || salt.Length == 0)
+            {
+                salt = new byte[hashLength];
+            }
+
+            using (var hmac = CreateHMAC(hashAlgorithmName, salt))
+            {
+                return hmac.ComputeHash(ikm);
+            }
+        }
+
+        /// <summary>
+        /// HKDF Expand step - expands the pseudorandom key to desired length.
+        /// </summary>
+        private static byte[] Expand(HashAlgorithmName hashAlgorithmName, byte[] prk, int outputLength, byte[] info)
+        {
+            int hashLength = GetHashLength(hashAlgorithmName);
+            
+            if (prk.Length < hashLength)
+                throw new ArgumentException("PRK must be at least HashLen bytes.", nameof(prk));
+            
+            int n = (outputLength + hashLength - 1) / hashLength; // Ceiling division
+            if (n > 255)
+                throw new ArgumentOutOfRangeException(nameof(outputLength), "Output length too large.");
+
+            if (info == null)
+                info = new byte[0];
+
+            byte[] okm = new byte[outputLength];
+            byte[] t = new byte[0];
+            int offset = 0;
+
+            using (var hmac = CreateHMAC(hashAlgorithmName, prk))
+            {
+                for (byte i = 1; i <= n; i++)
+                {
+                    byte[] input = new byte[t.Length + info.Length + 1];
+                    Buffer.BlockCopy(t, 0, input, 0, t.Length);
+                    Buffer.BlockCopy(info, 0, input, t.Length, info.Length);
+                    input[input.Length - 1] = i;
+
+                    t = hmac.ComputeHash(input);
+                    
+                    int bytesToCopy = Math.Min(t.Length, outputLength - offset);
+                    Buffer.BlockCopy(t, 0, okm, offset, bytesToCopy);
+                    offset += bytesToCopy;
+                }
+            }
+
+            return okm;
+        }
+
+        /// <summary>
+        /// Gets the hash length in bytes for the specified algorithm.
+        /// </summary>
+        private static int GetHashLength(HashAlgorithmName hashAlgorithmName)
+        {
+            if (hashAlgorithmName == HashAlgorithmName.SHA1)
+                return 20;
+            if (hashAlgorithmName == HashAlgorithmName.SHA256)
+                return 32;
+            if (hashAlgorithmName == HashAlgorithmName.SHA384)
+                return 48;
+            if (hashAlgorithmName == HashAlgorithmName.SHA512)
+                return 64;
+            
+            throw new ArgumentOutOfRangeException(nameof(hashAlgorithmName), "Unsupported hash algorithm.");
+        }
+
+        /// <summary>
+        /// Creates an HMAC instance for the specified algorithm with the given key.
+        /// </summary>
+        private static HMAC CreateHMAC(HashAlgorithmName hashAlgorithmName, byte[] key)
+        {
+            if (hashAlgorithmName == HashAlgorithmName.SHA1)
+                return new HMACSHA1(key);
+            if (hashAlgorithmName == HashAlgorithmName.SHA256)
+                return new HMACSHA256(key);
+            if (hashAlgorithmName == HashAlgorithmName.SHA384)
+                return new HMACSHA384(key);
+            if (hashAlgorithmName == HashAlgorithmName.SHA512)
+                return new HMACSHA512(key);
+            
+            throw new ArgumentOutOfRangeException(nameof(hashAlgorithmName), "Unsupported hash algorithm.");
+        }
+    }
+}

src/Confluent.SchemaRegistry.Encryption/Vendored/HkdfStandard/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Andrei Milto
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

src/Confluent.SchemaRegistry.Encryption/Vendored/Miscreant/Aead.cs

@@ -0,0 +1,115 @@
+using System;
+using System.Security.Cryptography;
+
+namespace Confluent.SchemaRegistry.Encryption.Vendored.Miscreant
+{
+	/// <summary>
+	/// The Aead class provides authenticated encryption with associated
+	/// data. This class provides a high-level interface to Miscreant's
+	/// misuse-resistant encryption.
+	/// </summary>
+	public sealed class Aead : IDisposable
+	{
+		private readonly AesSiv siv;
+		private bool disposed;
+
+		private Aead(AesSiv siv)
+		{
+			this.siv = siv;
+		}
+
+		/// <summary>
+		/// Generates a random nonce.
+		/// </summary>
+		/// <param name="size">Nonce size in bytes.</param>
+		/// <returns>Generated nonce.</returns>
+		public static byte[] GenerateNonce(int size)
+		{
+			if (size < Constants.BlockSize)
+			{
+				throw new CryptographicException("Nonce size is too small.");
+			}
+
+			return Utils.GetRandomBytes(size);
+		}
+
+		/// <summary>
+		/// Generates a random 32-byte encryption key.
+		/// </summary>
+		/// <returns>Generated key.</returns>
+		public static byte[] GenerateKey256()
+		{
+			return Utils.GetRandomBytes(Constants.AesSiv256KeySize);
+		}
+
+		/// <summary>
+		/// Generates a random 64-byte encryption key.
+		/// </summary>
+		/// <returns>Generated key.</returns>
+		public static byte[] GenerateKey512()
+		{
+			return Utils.GetRandomBytes(Constants.AesSiv512KeySize);
+		}
+
+		/// <summary>
+		/// Initializes a new AEAD instance using the AES-CMAC-SIV algorithm.
+		/// </summary>
+		/// <param name="key">The secret key for AES-CMAC-SIV encryption.</param>
+		/// <returns>An AEAD instance.</returns>
+		public static Aead CreateAesCmacSiv(byte[] key)
+		{
+			return new Aead(AesSiv.CreateAesCmacSiv(key));
+		}
+
+		/// <summary>
+		/// Initializes a new AEAD instance using the AES-PMAC-SIV algorithm.
+		/// </summary>
+		/// <param name="key">The secret key for AES-PMAC-SIV encryption.</param>
+		/// <returns>An AEAD instance.</returns>
+		public static Aead CreateAesPmacSiv(byte[] key)
+		{
+			return new Aead(AesSiv.CreateAesPmacSiv(key));
+		}
+
+		/// <summary>
+		/// Seal encrypts and authenticates plaintext, authenticates
+		/// the associated data, and returns the result.
+		/// </summary>
+		/// <param name="plaintext">The plaintext to encrypt.</param>
+		/// <param name="nonce">The nonce for encryption.</param>
+		/// <param name="data">Associated data to authenticate.</param>
+		/// <returns>Concatenation of the authentication tag and the encrypted data.</returns>
+		public byte[] Seal(byte[] plaintext, byte[] nonce = null, byte[] data = null)
+		{
+			return siv.Seal(plaintext, data, nonce);
+		}
+
+		/// <summary>
+		/// Open decrypts ciphertext, authenticates the decrypted plaintext
+		/// and the associated data and, if successful, returns the result.
+		/// In case of failed decryption, this method throws
+		/// <see cref="CryptographicException"/>.
+		/// </summary>
+		/// <param name="ciphertext">The ciphertext to decrypt.</param>
+		/// <param name="nonce">The nonce for encryption.</param>
+		/// <param name="data">Associated data to authenticate.</param>
+		/// <returns>The decrypted plaintext.</returns>
+		/// <exception cref="CryptographicException">Thrown when the ciphertext is invalid.</exception>
+		public byte[] Open(byte[] ciphertext, byte[] nonce = null, byte[] data = null)
+		{
+			return siv.Open(ciphertext, data, nonce);
+		}
+
+		/// <summary>
+		/// Disposes this object.
+		/// </summary>
+		public void Dispose()
+		{
+			if (!disposed)
+			{
+				siv.Dispose();
+				disposed = true;
+			}
+		}
+	}
+}