Refactor and update test projects, remove obsolete tests, and upgrade dependencies

- Deleted obsolete test files for SchedulerAuditService and SchedulerMongoSessionFactory. - Removed unused TestDataFactory class. - Updated project files for Mongo.Tests to remove references to deleted files. - Upgraded BouncyCastle.Cryptography package to version 2.6.2 across multiple projects. - Replaced Microsoft.Extensions.Http.Polly with Microsoft.Extensions.Http.Resilience in Zastava.Webhook project. - Updated NetEscapades.Configuration.Yaml package to version 3.1.0 in Configuration library. - Upgraded Pkcs11Interop package to version 5.1.2 in Cryptography libraries. - Refactored Argon2idPasswordHasher to use BouncyCastle for hashing instead of Konscious. - Updated JsonSchema.Net package to version 7.3.2 in Microservice project. - Updated global.json to use .NET SDK version 10.0.101.
2025-12-10 19:13:29 +02:00
parent a3c7fe5e88
commit b7059d523e
369 changed files with 11125 additions and 14245 deletions
--- a/src/__Libraries/StellaOps.Cryptography/Argon2idPasswordHasher.BouncyCastle.cs
+++ b/src/__Libraries/StellaOps.Cryptography/Argon2idPasswordHasher.BouncyCastle.cs
@@ -0,0 +1,34 @@
+#if !STELLAOPS_CRYPTO_SODIUM
+using System;
+using System.Text;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace StellaOps.Cryptography;
+
+/// <summary>
+/// Managed Argon2id implementation powered by BouncyCastle.Cryptography.
+/// </summary>
+public sealed partial class Argon2idPasswordHasher
+{
+    private static partial byte[] DeriveHashCore(string password, ReadOnlySpan<byte> salt, PasswordHashOptions options)
+    {
+        var passwordBytes = Encoding.UTF8.GetBytes(password);
+
+        var parameters = new Argon2Parameters.Builder(Argon2Parameters.Argon2id)
+            .WithSalt(salt.ToArray())
+            .WithParallelism(options.Parallelism)
+            .WithIterations(options.Iterations)
+            .WithMemoryAsKB(options.MemorySizeInKib)
+            .Build();
+
+        var generator = new Argon2BytesGenerator();
+        generator.Init(parameters);
+
+        var result = new byte[HashLengthBytes];
+        generator.GenerateBytes(passwordBytes, result);
+
+        return result;
+    }
+}
+#endif
--- a/src/__Libraries/StellaOps.Cryptography/Argon2idPasswordHasher.Konscious.cs
+++ b/src/__Libraries/StellaOps.Cryptography/Argon2idPasswordHasher.Konscious.cs
@@ -1,28 +0,0 @@
-#if !STELLAOPS_CRYPTO_SODIUM
-using System;
-using System.Text;
-using Konscious.Security.Cryptography;
-
-namespace StellaOps.Cryptography;
-
-/// <summary>
-/// Managed Argon2id implementation powered by Konscious.Security.Cryptography.
-/// </summary>
-public sealed partial class Argon2idPasswordHasher
-{
-    private static partial byte[] DeriveHashCore(string password, ReadOnlySpan<byte> salt, PasswordHashOptions options)
-    {
-        var passwordBytes = Encoding.UTF8.GetBytes(password);
-
-        using var argon2 = new Argon2id(passwordBytes)
-        {
-            Salt = salt.ToArray(),
-            DegreeOfParallelism = options.Parallelism,
-            Iterations = options.Iterations,
-            MemorySize = options.MemorySizeInKib
-        };
-
-        return argon2.GetBytes(HashLengthBytes);
-    }
-}
-#endif
--- a/src/__Libraries/StellaOps.Cryptography/Argon2idPasswordHasher.Sodium.cs
+++ b/src/__Libraries/StellaOps.Cryptography/Argon2idPasswordHasher.Sodium.cs
@@ -1,13 +1,14 @@
 #if STELLAOPS_CRYPTO_SODIUM
 using System;
 using System.Text;
-using Konscious.Security.Cryptography;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;

 namespace StellaOps.Cryptography;

 /// <summary>
 /// Placeholder for libsodium-backed Argon2id implementation.
-/// Falls back to the managed Konscious variant until native bindings land.
+/// Falls back to the managed BouncyCastle variant until native bindings land.
 /// </summary>
 public sealed partial class Argon2idPasswordHasher
 {
@@ -16,15 +17,20 @@ public sealed partial class Argon2idPasswordHasher
        // TODO(SEC1.B follow-up): replace with libsodium/core bindings and managed pinning logic.
        var passwordBytes = Encoding.UTF8.GetBytes(password);

-        using var argon2 = new Argon2id(passwordBytes)
-        {
-            Salt = salt.ToArray(),
-            DegreeOfParallelism = options.Parallelism,
-            Iterations = options.Iterations,
-            MemorySize = options.MemorySizeInKib
-        };
+        var parameters = new Argon2Parameters.Builder(Argon2Parameters.Argon2id)
+            .WithSalt(salt.ToArray())
+            .WithParallelism(options.Parallelism)
+            .WithIterations(options.Iterations)
+            .WithMemoryAsKB(options.MemorySizeInKib)
+            .Build();

-        return argon2.GetBytes(HashLengthBytes);
+        var generator = new Argon2BytesGenerator();
+        generator.Init(parameters);
+
+        var result = new byte[HashLengthBytes];
+        generator.GenerateBytes(passwordBytes, result);
+
+        return result;
    }
 }
 #endif
--- a/src/__Libraries/StellaOps.Cryptography/StellaOps.Cryptography.csproj
+++ b/src/__Libraries/StellaOps.Cryptography/StellaOps.Cryptography.csproj
@@ -11,9 +11,8 @@
  </PropertyGroup>
  <ItemGroup>
    <PackageReference Include="Blake3" Version="1.1.0" />
-    <PackageReference Include="Konscious.Security.Cryptography.Argon2" Version="1.3.1" />
    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.15.0" />
-    <PackageReference Include="BouncyCastle.Cryptography" Version="2.5.1" />
+    <PackageReference Include="BouncyCastle.Cryptography" Version="2.6.2" />
    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="10.0.0" />
    <PackageReference Include="Microsoft.Extensions.Options" Version="10.0.0" />
  </ItemGroup>