build: Update NET Framework target to 4.8 #271
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR updates the project to target .NET Framework 4.8 instead of 4.7 while also upgrading several dependencies to their latest versions. Key changes include the update of TargetFrameworks in both project files, adjustments to comments and preprocessor directives to reflect .NET 4.8, and modifications in the nuspec file to include .NETFramework4.8 support.
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| Yubico.YubiKey/src/Yubico.YubiKey.csproj | Updated target framework and upgraded dependency package versions. |
| Yubico.NativeShims/Yubico.NativeShims.nuspec | Added .NETFramework4.8 group and file entries; still retains .NETFramework4.7 group. |
| Yubico.Core/src/Yubico/PlatformInterop/Libraries.cs | Updated comments and preprocessor directives to use net48. |
| Yubico.Core/src/Yubico/PlatformInterop/Libraries.Net48.cs | Replaced framework-specific references from NET47 to NET48. |
| Yubico.Core/src/Yubico/Core/Devices/Hid/WindowsHidDevice.cs | Updated comment reference to reflect net48 support. |
| Yubico.Core/src/Yubico.Core.csproj | Updated TargetFrameworks and dependency versions to 9.0.6. |
Comments suppressed due to low confidence (1)
Yubico.NativeShims/Yubico.NativeShims.nuspec:15
- The nuspec still includes a target group for .NETFramework4.7; consider removing this if the project is now fully updated to .NET Framework 4.8.
<group targetFramework=".NETFramework4.7" />
Microsoft.Extensions.Configuration.Json Microsoft.Extensions.Logging.Abstractions Microsoft.Extensions.Logging.Console Microsoft.Extensions.Options.ConfigurationExtensions
DennisDyallo
force-pushed
the
dennisdyallo/net48
branch
from
6fd2bba to
aa5b16f
Compare
DennisDyallo
added
enhancement
Test Results: Windows 2 files 2 suites 10s ⏱️ Results for commit c1a04fd. ♻️ This comment has been updated with latest results. |
Test Results: Ubuntu 2 files 2 suites 16s ⏱️ Results for commit c1a04fd. ♻️ This comment has been updated with latest results. |
Test Results: MacOS 2 files 2 suites 9s ⏱️ Results for commit c1a04fd. ♻️ This comment has been updated with latest results. |
|
@DennisDyallo : Don't forget to update the 
|
|
Updating the framework also allows AesGcmPrimitivesOpenSsl class (Yubico.NET.SDK/Yubico.Core/src/Yubico/Core/Cryptography/AesGcmPrimitivesOpenSsl.cs) to be replaced with this one in order to use the native implementation in .NET. // Copyright 2025 Yubico AB
//
// Licensed under the Apache License, Version 2.0 (the "License").
// You may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
using System;
using System.Security.Cryptography;
namespace Yubico.Core.Cryptography
{
/// <summary>
/// An .NET implementation of the IAesGcmPrimitives interface, exposing
/// AES-GCM primitives to the SDK.
/// </summary>
public class AesGcmPrimitivesNet : IAesGcmPrimitives
{
private const int NonceLength = 12;
private const int AuthTagLength = 16;
/// <inheritdoc />
public void EncryptAndAuthenticate(
ReadOnlySpan<byte> keyData,
ReadOnlySpan<byte> nonce,
ReadOnlySpan<byte> plaintext,
Span<byte> ciphertext,
Span<byte> tag,
ReadOnlySpan<byte> associatedData)
{
if (nonce.Length != NonceLength || ciphertext.Length != plaintext.Length
|| tag.Length != AuthTagLength)
{
throw new ArgumentException(ExceptionMessages.InvalidAesGcmInput);
}
if (keyData.Length != 16 && keyData.Length != 24 && keyData.Length != 32)
{
throw new ArgumentException("Invalid key length.");
}
using var aesGcm = new AesGcm(keyData);
aesGcm.Encrypt(nonce, plaintext, ciphertext, tag, associatedData);
}
/// <inheritdoc />
public bool DecryptAndVerify(
ReadOnlySpan<byte> keyData,
ReadOnlySpan<byte> nonce,
ReadOnlySpan<byte> ciphertext,
ReadOnlySpan<byte> tag,
Span<byte> plaintext,
ReadOnlySpan<byte> associatedData)
{
if (nonce.Length != NonceLength || ciphertext.Length != plaintext.Length
|| tag.Length != AuthTagLength)
{
throw new ArgumentException(ExceptionMessages.InvalidAesGcmInput);
}
if (keyData.Length != 16 && keyData.Length != 24 && keyData.Length != 32)
{
throw new ArgumentException("Invalid key length.");
}
try
{
using var aesGcm = new AesGcm(keyData);
aesGcm.Decrypt(nonce, ciphertext, tag, plaintext, associatedData);
return true;
}
catch (CryptographicException)
{
return false;
}
}
}
} |
Minimum allowed line rate is |
|
Thanks @AlexandreEXFO Keen to hear your thoughts. |
|
@DennisDyallo: On our side, we use .NET Core. The goal was mainly to remove the vulnerability for this framework so I am very comfortable with the proposed change. |
|
Thank you for bringing it to our attention. Always happy to hear from our users. We have a Discussions up as well for two way communication about the direction of the SDK. Feel feel to look around at some point. It's new and doesn't have much yet though :) @AlexandreEXFO |
This pull request updates the project to target .NET Framework 4.8 instead of 4.7 and upgrades several dependencies to their latest versions. It includes changes to project files, source code, and build configurations to reflect this update.
Updating addresses performance, greater API and Netstandard 2.0 support, as well as upgrades addresses vulnerabilities (CVE-2019-0981: Denial of Service in System.Private.Uri)
These are in place upgrades that most machines should have by now.
NET 472 is included on Windows Server 2019 (WS2019 is EOL by Msft) and most users will have it installed already.
NET 48 is included in Server 2022, and is supported by and Windows Server 2008 R2 and upwards. Most users should have it already.
Based on researching the compatibility of different .NET targetFramework versions and Windows and Windows server, I recommend upgrading to net48 to enable the performance improvements, vulnerability patches and API features. This version allows us to upgrade and ensures the broadest compatibility.
Below are the changes for each of these version updates:
.NET Framework 4.7.1
Full changelog
.NET Framework 4.7.2
Full changelog
.NET Framework 4.8
BCL & CLR:
Full changelog
Framework Upgrade and Code Adjustments:
TargetFrameworksinYubico.Core.csprojandYubico.YubiKey.csprojto replacenet47withnet48. [1] [2].NET 4.8instead of.NET 4.7. [1] [2] [3]Dependency Upgrades:
Yubico.Core.csprojandYubico.YubiKey.csprojto newer versions, includingMicrosoft.Extensions.Configuration.Json,Microsoft.Extensions.Logging.Abstractions, andSystem.Formats.Cbor. [1] [2] [3]Build and Library Updates:
Libraries.Net47.cstoLibraries.Net48.csand updated corresponding implementation references to align with the new framework version..NETFramework4.8support inYubico.NativeShims.nuspec, including new build and library files fornet48. [1] [2]