From b9d888b5d7ddd874a4a16f8114e64b8f7239bcec Mon Sep 17 00:00:00 2001
From: Scott Xu <scott-xu@msn.com>
Date: Sat, 22 Mar 2025 16:47:23 +0800
Subject: [PATCH] Use native AesGcm for .NET Framework from nuget

---
 Directory.Packages.props                           |  1 +
 src/Renci.SshNet/Renci.SshNet.csproj               |  6 +++++-
 .../Cryptography/Ciphers/AesGcmCipher.BclImpl.cs   |  2 +-
 .../Security/Cryptography/Ciphers/AesGcmCipher.cs  | 14 +++++++++++---
 4 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/Directory.Packages.props b/Directory.Packages.props
index a4d12ed86..b504856fd 100644
--- a/Directory.Packages.props
+++ b/Directory.Packages.props
@@ -12,6 +12,7 @@
     <PackageVersion Include="Meziantou.Analyzer" Version="2.0.201" />
     
     <!-- Should stay on LTS .NET releases. -->
+    <PackageVersion Include="Microsoft.Bcl.Cryptography" Version="10.0.0-preview.5.25277.114" />
     <PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
     <PackageVersion Include="Microsoft.Extensions.Logging.Console" Version="9.0.5" />
     <PackageVersion Include="MSTest" Version="3.9.1" />
diff --git a/src/Renci.SshNet/Renci.SshNet.csproj b/src/Renci.SshNet/Renci.SshNet.csproj
index 446865229..6ec714ac3 100644
--- a/src/Renci.SshNet/Renci.SshNet.csproj
+++ b/src/Renci.SshNet/Renci.SshNet.csproj
@@ -49,7 +49,11 @@
     </PackageReference>
   </ItemGroup>
 
-  <ItemGroup Condition=" !$([MSBuild]::IsTargetFrameworkCompatible('$(TargetFramework)', 'net8.0')) ">
+  <ItemGroup Condition=" '$(TargetFramework)' == 'net462' ">
+    <PackageReference Include="Microsoft.Bcl.Cryptography" />
+  </ItemGroup>
+
+  <ItemGroup Condition=" '$(TargetFramework)' == 'netstandard2.0' ">
     <PackageReference Include="System.Formats.Asn1" />
   </ItemGroup>
 
diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.BclImpl.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.BclImpl.cs
index de174d673..69af81e38 100644
--- a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.BclImpl.cs
+++ b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.BclImpl.cs
@@ -1,4 +1,4 @@
-#if NET
+#if !NETSTANDARD
 using System;
 using System.Security.Cryptography;
 
diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.cs
index 820416bb2..857718020 100644
--- a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.cs
+++ b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.cs
@@ -15,7 +15,7 @@ internal sealed partial class AesGcmCipher : SymmetricCipher, IDisposable
         private const int TagSizeInBytes = 16;
         private readonly byte[] _iv;
         private readonly int _aadLength;
-#if NET
+#if !NETSTANDARD
         private readonly Impl _impl;
 #else
         private readonly BouncyCastleImpl _impl;
@@ -62,10 +62,18 @@ public AesGcmCipher(byte[] key, byte[] iv, int aadLength)
             // SSH AES-GCM requires a 12-octet Initial IV
             _iv = iv.Take(12);
             _aadLength = aadLength;
-#if NET
+#if !NETSTANDARD
             if (System.Security.Cryptography.AesGcm.IsSupported)
             {
-                _impl = new BclImpl(key, _iv);
+                try
+                {
+                    _impl = new BclImpl(key, _iv);
+                }
+                catch (DllNotFoundException)
+                {
+                    // Mono doesn't have BCrypt.dll
+                    _impl = new BouncyCastleImpl(key, _iv);
+                }
             }
             else
 #endif