From c9ab06b128d43b0c7d4d0587f90e47e0792d7de4 Mon Sep 17 00:00:00 2001
From: Lee Burton <lburton@lburton.org>
Date: Wed, 4 Jan 2023 23:18:20 -0800
Subject: [PATCH] Move to AES256, .NET 4.5, and change obsoleted keypass
 functions

---
 CertKeyProviderPlugin/CertKeyProvider.cs                  | 8 ++++----
 CertKeyProviderPlugin/CertKeyProviderPlugin.csproj        | 7 +++++--
 .../CertKeyProviderResources.Designer.cs                  | 2 +-
 CertKeyProviderPlugin/CryptoTools.cs                      | 6 +++---
 4 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/CertKeyProviderPlugin/CertKeyProvider.cs b/CertKeyProviderPlugin/CertKeyProvider.cs
index 6dc8458..f7ac3e7 100644
--- a/CertKeyProviderPlugin/CertKeyProvider.cs
+++ b/CertKeyProviderPlugin/CertKeyProvider.cs
@@ -161,9 +161,9 @@ byte[] GetExistingKey(IOConnectionInfo ioc)
                 // fall back on opening a local file
                 // FUTURE ENHANCEMENT: allow user to enter a URL and name/pwd as well
 
-                OpenFileDialog ofd = UIUtil.CreateOpenFileDialog(Res.str(Res.STR_OPEN_KEY_FILE),
+                OpenFileDialog ofd = (OpenFileDialog)UIUtil.CreateOpenFileDialog(Res.str(Res.STR_OPEN_KEY_FILE),
                     UIUtil.CreateFileTypeFilter(CertProtKeyFileExtension, Res.str(Res.STR_CERT_PROT_KEY_FILE), true),
-                    1, CertProtKeyFileExtension, false /* multi-select */, true);
+                    1, CertProtKeyFileExtension, false /* multi-select */, string.Empty).FileDialog;
 
                 if (ofd.ShowDialog() != DialogResult.OK)
                 {
@@ -215,10 +215,10 @@ byte[] GetNewKey(string strPath)
             MessageBox.Show(Res.str(Res.STR_ENC_KEY_INTRO), Res.str(Res.STR_APP_TITLE), 
                 MessageBoxButtons.OK, MessageBoxIcon.Information);
 
-            SaveFileDialog sfd = UIUtil.CreateSaveFileDialog(Res.str(Res.STR_CREATE_KEY_FILE),
+            SaveFileDialog sfd = (SaveFileDialog)UIUtil.CreateSaveFileDialog(Res.str(Res.STR_CREATE_KEY_FILE),
 			    UrlUtil.StripExtension(UrlUtil.GetFileName(strPath)) + "." +
 			    CertProtKeyFileExtension, UIUtil.CreateFileTypeFilter(CertProtKeyFileExtension,
-                Res.str(Res.STR_CERT_PROT_KEY_FILE), true), 1, CertProtKeyFileExtension, true);
+                Res.str(Res.STR_CERT_PROT_KEY_FILE), true), 1, CertProtKeyFileExtension, string.Empty).FileDialog;
 
 		    if(sfd.ShowDialog() != DialogResult.OK)
 		    {
diff --git a/CertKeyProviderPlugin/CertKeyProviderPlugin.csproj b/CertKeyProviderPlugin/CertKeyProviderPlugin.csproj
index 676dab2..a5bb7e2 100644
--- a/CertKeyProviderPlugin/CertKeyProviderPlugin.csproj
+++ b/CertKeyProviderPlugin/CertKeyProviderPlugin.csproj
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>CertKeyProviderPlugin</RootNamespace>
     <AssemblyName>CertKeyProviderPlugin</AssemblyName>
-    <TargetFrameworkVersion>v3.5</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SignAssembly>true</SignAssembly>
     <AssemblyOriginatorKeyFile>CertProviderPluginKey.snk</AssemblyOriginatorKeyFile>
@@ -34,6 +34,7 @@
     <IsWebBootstrapper>false</IsWebBootstrapper>
     <UseApplicationTrust>false</UseApplicationTrust>
     <BootstrapperEnabled>true</BootstrapperEnabled>
+    <TargetFrameworkProfile />
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <DebugSymbols>true</DebugSymbols>
@@ -43,6 +44,7 @@
     <DefineConstants>DEBUG;TRACE</DefineConstants>
     <ErrorReport>prompt</ErrorReport>
     <WarningLevel>4</WarningLevel>
+    <Prefer32Bit>false</Prefer32Bit>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
     <DebugType>pdbonly</DebugType>
@@ -51,11 +53,12 @@
     <DefineConstants>TRACE</DefineConstants>
     <ErrorReport>prompt</ErrorReport>
     <WarningLevel>4</WarningLevel>
+    <Prefer32Bit>false</Prefer32Bit>
   </PropertyGroup>
   <ItemGroup>
     <Reference Include="KeePass, Version=2.0.8.24423, Culture=neutral, PublicKeyToken=7952fc8ece49a093, processorArchitecture=MSIL">
       <SpecificVersion>False</SpecificVersion>
-      <HintPath>..\..\..\..\..\KeePass-2.35\KeePass.exe</HintPath>
+      <HintPath>..\..\..\keepass\KeePass.exe</HintPath>
     </Reference>
     <Reference Include="System" />
     <Reference Include="System.Core">
diff --git a/CertKeyProviderPlugin/CertKeyProviderResources.Designer.cs b/CertKeyProviderPlugin/CertKeyProviderResources.Designer.cs
index 3b032b3..7486d1a 100644
--- a/CertKeyProviderPlugin/CertKeyProviderResources.Designer.cs
+++ b/CertKeyProviderPlugin/CertKeyProviderResources.Designer.cs
@@ -19,7 +19,7 @@ namespace CertKeyProviderPlugin {
     // class via a tool like ResGen or Visual Studio.
     // To add or remove a member, edit your .ResX file then rerun ResGen
     // with the /str option, or rebuild your VS project.
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "17.0.0.0")]
     [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
     internal class CertKeyProviderResources {
diff --git a/CertKeyProviderPlugin/CryptoTools.cs b/CertKeyProviderPlugin/CryptoTools.cs
index 684c652..4965301 100644
--- a/CertKeyProviderPlugin/CryptoTools.cs
+++ b/CertKeyProviderPlugin/CryptoTools.cs
@@ -47,9 +47,9 @@ static public byte[] EncryptMsg(
             //  Instantiate an EnvelopedCms object with the ContentInfo
             //  above.
             //  Has default SubjectIdentifierType IssuerAndSerialNumber.
-            //  Has default ContentEncryptionAlgorithm property value
-            //  RSA_DES_EDE3_CBC.
-            EnvelopedCms envelopedCms = new EnvelopedCms(contentInfo);
+            //  Force usage of AES256 instead of 3DES
+            Oid aes256 = Oid.FromFriendlyName("aes256", OidGroup.EncryptionAlgorithm);
+            EnvelopedCms envelopedCms = new EnvelopedCms(contentInfo, new AlgorithmIdentifier(aes256));
 
             //  Formulate a CmsRecipient object collection that
             //  represent information about the recipients