From 99856c77e410bd324cfa6560a1f60eb6d248e40e Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Mon, 2 Oct 2023 09:52:15 +0200
Subject: [PATCH 01/12] Bump dependencies to patch vulnerability in
 System.ServiceModel.Http

---
 ...tyStream.HttpMessageSigning.ServiceModel.csproj | 14 ++++++++++++--
 .../IdentityStream.HttpMessageSigning.csproj       | 12 +++++++++---
 .../IdentityStream.HttpMessageSigning.Tests.csproj | 14 +++++++-------
 .../ModuleInitializer.cs                           |  3 ++-
 4 files changed, 30 insertions(+), 13 deletions(-)

diff --git a/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj b/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj
index 1b5614a..48395db 100644
--- a/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj
+++ b/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj
@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <TargetFrameworks>netstandard2.0;net5.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.0;net6.0</TargetFrameworks>
     <PackageTags>$(PackageTags);wcf;servicemodel</PackageTags>
     <Description>A .NET implementation of "Signing HTTP Messages" (Cavage, draft 12) for System.ServiceModel (WCF).</Description>
   </PropertyGroup>
@@ -9,7 +9,17 @@
     <ProjectReference Include="..\IdentityStream.HttpMessageSigning\IdentityStream.HttpMessageSigning.csproj" />
   </ItemGroup>
 
+  <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
+    <PackageReference Include="System.ServiceModel.Http" Version="4.10.2" />
+  </ItemGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'">
+    <PackageReference Include="System.ServiceModel.Http" Version="6.0.0" />
+  </ItemGroup>
+
   <ItemGroup>
-    <PackageReference Include="System.ServiceModel.Http" Version="4.8.1" />
+    <PackageReference Update="Microsoft.SourceLink.GitHub" Version="1.1.1" />
+    <PackageReference Update="MinVer" Version="4.3.0" />
+    <PackageReference Update="Nullable" Version="1.3.1" />
   </ItemGroup>
 </Project>
diff --git a/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj b/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj
index 28c13c8..c8a0ef3 100644
--- a/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj
+++ b/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj
@@ -1,11 +1,17 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <TargetFrameworks>netstandard2.0;net5.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.0;net6.0</TargetFrameworks>
     <PackageTags>$(PackageTags);httpclient</PackageTags>
     <Description>A .NET implementation of "Signing HTTP Messages" (Cavage, draft 12) for HttpClient.</Description>
   </PropertyGroup>
-  
+
   <ItemGroup>
-    <PackageReference Include="System.Collections.Immutable" Version="5.0.0" />
+    <PackageReference Include="System.Collections.Immutable" Version="7.0.0" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Update="Microsoft.SourceLink.GitHub" Version="1.1.1" />
+    <PackageReference Update="MinVer" Version="4.3.0" />
+    <PackageReference Update="Nullable" Version="1.3.1" />
   </ItemGroup>
 </Project>
diff --git a/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj b/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj
index 07ada95..7ffa324 100644
--- a/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj
+++ b/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj
@@ -1,16 +1,16 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <TargetFramework>net5.0</TargetFramework>
+    <TargetFramework>net6.0</TargetFramework>
     <IsPackable>false</IsPackable>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="MarkdownSnippets.MsBuild" Version="23.1.4" PrivateAssets="all" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.10.0" />
-    <PackageReference Include="Verify.Xunit" Version="11.18.2" />
-    <PackageReference Include="xunit" Version="2.4.1" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="2.4.3" PrivateAssets="all" />
-    <PackageReference Include="coverlet.collector" Version="3.0.3" PrivateAssets="all" />
+    <PackageReference Include="MarkdownSnippets.MsBuild" Version="25.1.0" PrivateAssets="all" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.7.2" />
+    <PackageReference Include="Verify.Xunit" Version="21.3.0" />
+    <PackageReference Include="xunit" Version="2.5.1" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.5.1" PrivateAssets="all" />
+    <PackageReference Include="coverlet.collector" Version="6.0.0" PrivateAssets="all" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/test/IdentityStream.HttpMessageSigning.Tests/ModuleInitializer.cs b/test/IdentityStream.HttpMessageSigning.Tests/ModuleInitializer.cs
index 8ad8c1b..f504d7c 100644
--- a/test/IdentityStream.HttpMessageSigning.Tests/ModuleInitializer.cs
+++ b/test/IdentityStream.HttpMessageSigning.Tests/ModuleInitializer.cs
@@ -1,6 +1,7 @@
 using System.IO;
 using System.Runtime.CompilerServices;
 using VerifyTests;
+using VerifyXunit;
 
 namespace IdentityStream.HttpMessageSigning.Tests
 {
@@ -8,7 +9,7 @@ public static class ModuleInitializer {
         [ModuleInitializer]
         public static void Initialize() {
             var directory = Path.Combine(AttributeReader.GetProjectDirectory(), "Snapshots");
-            VerifierSettings.DerivePathInfo((_, _, type, method) => new(directory, type.Name, method.Name));
+            Verifier.DerivePathInfo((_, _, type, method) => new(directory, type.Name, method.Name));
         }
     }
 }
\ No newline at end of file

From 0852576ba3af03ad0372c4e096f45c392c28eb64 Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Mon, 2 Oct 2023 09:52:25 +0200
Subject: [PATCH 02/12] Use latest LangVersion

---
 Directory.Build.props | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Directory.Build.props b/Directory.Build.props
index e6afa7c..a68d765 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -2,7 +2,7 @@
   <PropertyGroup>
     <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
     <Authors>IdentityStream AS</Authors>
-    <LangVersion>9.0</LangVersion>
+    <LangVersion>11</LangVersion>
     <Nullable>Enable</Nullable>
   </PropertyGroup>
 </Project>
\ No newline at end of file

From f0f479ef6a6c94c3cda7ba608d7372f63a25cd16 Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Mon, 2 Oct 2023 09:52:40 +0200
Subject: [PATCH 03/12] MinVerDefaultPreReleasePhase is now deprecated

---
 src/Directory.Build.props | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Directory.Build.props b/src/Directory.Build.props
index e233787..5eb2566 100644
--- a/src/Directory.Build.props
+++ b/src/Directory.Build.props
@@ -14,7 +14,7 @@
     <IncludeSymbols>true</IncludeSymbols>
     <RepositoryType>git</RepositoryType>
 
-    <MinVerDefaultPreReleasePhase>beta</MinVerDefaultPreReleasePhase>
+    <MinVerDefaultPreReleaseIdentifiers>beta.0</MinVerDefaultPreReleaseIdentifiers>
     <MinVerTagPrefix>v</MinVerTagPrefix>
 
     <PackageTags>http;message;signing;signature</PackageTags>

From 62b40ed97b7d881b52b32c02090233e8e129540c Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Mon, 2 Oct 2023 09:59:31 +0200
Subject: [PATCH 04/12] Fix style suggestions

---
 README.md                                                 | 4 ++--
 .../Extensions/HttpContentExtensions.cs                   | 6 ++----
 .../SignatureAlgorithms/ECDsaSignatureAlgorithm.cs        | 6 ++----
 .../SignatureAlgorithms/HMACSignatureAlgorithm.cs         | 8 +++-----
 .../SignatureAlgorithms/RSASignatureAlgorithm.cs          | 6 ++----
 .../HttpMessageSignerTests.cs                             | 4 ++--
 test/IdentityStream.HttpMessageSigning.Tests/Snippets.cs  | 7 ++++---
 7 files changed, 17 insertions(+), 24 deletions(-)

diff --git a/README.md b/README.md
index 6e0ce2a..471e61e 100644
--- a/README.md
+++ b/README.md
@@ -36,7 +36,7 @@ client.UseHttpMessageSigning(config);
 
 // Make calls using client :)
 ```
-<sup><a href='/test/IdentityStream.HttpMessageSigning.Tests/Snippets.cs#L15-L25' title='Snippet source file'>snippet source</a> | <a href='#snippet-wcf_endpoint_usehttpmessagesigning' title='Start of snippet'>anchor</a></sup>
+<sup><a href='/test/IdentityStream.HttpMessageSigning.Tests/Snippets.cs#L16-L26' title='Snippet source file'>snippet source</a> | <a href='#snippet-wcf_endpoint_usehttpmessagesigning' title='Start of snippet'>anchor</a></sup>
 <!-- endSnippet -->
 
 ### HttpClient
@@ -56,5 +56,5 @@ using var client = new HttpClient(handler);
 
 // Make requests using client :)
 ```
-<sup><a href='/test/IdentityStream.HttpMessageSigning.Tests/Snippets.cs#L29-L39' title='Snippet source file'>snippet source</a> | <a href='#snippet-httpclient_signinghttpmessagehandler' title='Start of snippet'>anchor</a></sup>
+<sup><a href='/test/IdentityStream.HttpMessageSigning.Tests/Snippets.cs#L30-L40' title='Snippet source file'>snippet source</a> | <a href='#snippet-httpclient_signinghttpmessagehandler' title='Start of snippet'>anchor</a></sup>
 <!-- endSnippet -->
diff --git a/src/IdentityStream.HttpMessageSigning/Extensions/HttpContentExtensions.cs b/src/IdentityStream.HttpMessageSigning/Extensions/HttpContentExtensions.cs
index 0dbf352..46eec2c 100644
--- a/src/IdentityStream.HttpMessageSigning/Extensions/HttpContentExtensions.cs
+++ b/src/IdentityStream.HttpMessageSigning/Extensions/HttpContentExtensions.cs
@@ -12,10 +12,8 @@ public static async Task<string> GetDigestHeaderValues(this HttpContent content,
 
             var bytes = await content.ReadAsByteArrayAsync().ConfigureAwait(false);
 
-            using var hashAlgorithm = HashAlgorithm.Create(digestAlgorithm.Name!);
-            if (hashAlgorithm is null) {
-                throw new InvalidOperationException($"Invalid digest algorithm: {digestAlgorithm.Name}");
-            }
+            using var hashAlgorithm = HashAlgorithm.Create(digestAlgorithm.Name!)
+                ?? throw new InvalidOperationException($"Invalid digest algorithm: {digestAlgorithm.Name}");
 
             var digestBytes = hashAlgorithm.ComputeHash(bytes);
             var digest = Convert.ToBase64String(digestBytes);
diff --git a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/ECDsaSignatureAlgorithm.cs b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/ECDsaSignatureAlgorithm.cs
index 22f0015..4b022e0 100644
--- a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/ECDsaSignatureAlgorithm.cs
+++ b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/ECDsaSignatureAlgorithm.cs
@@ -17,10 +17,8 @@ public ECDsaSignatureAlgorithm(ECDsa ecdsa, HashAlgorithmName hashAlgorithm) {
         public string Name => "ECDsa";
 
         public byte[] ComputeHash(byte[] bytes) {
-            using var hasher = Hasher.Create(HashAlgorithm.Name!);
-            if (hasher is null) {
-                throw new InvalidOperationException($"Invalid hash algorithm: {HashAlgorithm.Name}");
-            }
+            using var hasher = Hasher.Create(HashAlgorithm.Name!)
+                ?? throw new InvalidOperationException($"Invalid hash algorithm: {HashAlgorithm.Name}");
             var hashedBytes = hasher.ComputeHash(bytes);
             return Ecdsa.SignHash(hashedBytes);
         }
diff --git a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/HMACSignatureAlgorithm.cs b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/HMACSignatureAlgorithm.cs
index 3f25b48..e449181 100644
--- a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/HMACSignatureAlgorithm.cs
+++ b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/HMACSignatureAlgorithm.cs
@@ -16,11 +16,9 @@ public HMACSignatureAlgorithm(byte[] key, HashAlgorithmName hashAlgorithm) {
 		public string Name => "HMAC";
 
 		public byte[] ComputeHash(byte[] bytes) {
-			using var hmac = HMAC.Create(Name + HashAlgorithm.ToString());
-			if (hmac is null) {
-				throw new InvalidOperationException($"Invalid hash algorithm: {HashAlgorithm.Name}");
-			}
-			hmac.Key = Key;
+			using var hmac = HMAC.Create(Name + HashAlgorithm.ToString())
+				?? throw new InvalidOperationException($"Invalid hash algorithm: {HashAlgorithm.Name}");
+            hmac.Key = Key;
 			return hmac.ComputeHash(bytes);
 		}
 	}
diff --git a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/RSASignatureAlgorithm.cs b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/RSASignatureAlgorithm.cs
index 63e36ca..6458a93 100644
--- a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/RSASignatureAlgorithm.cs
+++ b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/RSASignatureAlgorithm.cs
@@ -17,10 +17,8 @@ public RSASignatureAlgorithm(RSA rsa, HashAlgorithmName hashAlgorithm) {
         public string Name => "RSA";
 
         public byte[] ComputeHash(byte[] bytes) {
-            using var hasher = Hasher.Create(HashAlgorithm.Name!);
-            if (hasher is null) {
-                throw new InvalidOperationException($"Invalid hash algorithm: {HashAlgorithm.Name}");
-            }
+            using var hasher = Hasher.Create(HashAlgorithm.Name!)
+                ?? throw new InvalidOperationException($"Invalid hash algorithm: {HashAlgorithm.Name}");
             var hashedBytes = hasher.ComputeHash(bytes);
             return Rsa.SignHash(hashedBytes, HashAlgorithm, RSASignaturePadding.Pkcs1);
         }
diff --git a/test/IdentityStream.HttpMessageSigning.Tests/HttpMessageSignerTests.cs b/test/IdentityStream.HttpMessageSigning.Tests/HttpMessageSignerTests.cs
index 24262dd..e7251ba 100644
--- a/test/IdentityStream.HttpMessageSigning.Tests/HttpMessageSignerTests.cs
+++ b/test/IdentityStream.HttpMessageSigning.Tests/HttpMessageSignerTests.cs
@@ -140,14 +140,14 @@ await Assert.ThrowsAsync<InvalidOperationException>(() => SignAsync(message, con
             }));
         }
 
-        private Task VerifySignatureHeader(IHttpMessage message) {
+        private static Task VerifySignatureHeader(IHttpMessage message) {
             if (message.TryGetHeaderValues(HeaderNames.Signature, out var values)) {
                 return Verify(values.Single());
             }
             throw new InvalidOperationException("Could not find Signature header on request.");
         }
 
-        private SettingsTask Verify(string value) => Verifier.Verify(value);
+        private static SettingsTask Verify(string value) => Verifier.Verify(value);
 
         private static Task SignAsync(IHttpMessage message, Action<HttpMessageSigningConfiguration>? configure = null, ISignatureAlgorithm? signingAlgorithm = null) {
             var signatureAlgorithm = signingAlgorithm ?? new TestSignatureAlgorithm(HashAlgorithmName.SHA512);
diff --git a/test/IdentityStream.HttpMessageSigning.Tests/Snippets.cs b/test/IdentityStream.HttpMessageSigning.Tests/Snippets.cs
index fb8254c..91b6fab 100644
--- a/test/IdentityStream.HttpMessageSigning.Tests/Snippets.cs
+++ b/test/IdentityStream.HttpMessageSigning.Tests/Snippets.cs
@@ -1,17 +1,18 @@
 using System.Net.Http;
 using System.Security.Cryptography;
 using System.ServiceModel;
-using IdentityStream.HttpMessageSigning.ServiceModel;
 
 namespace IdentityStream.HttpMessageSigning.Tests {
     public class Snippets {
         // Fake endpoint for snippet purposes
         public class TheEndpointClient : ClientBase<string> {
+#pragma warning disable IDE0060 // Remove unused parameter
             public TheEndpointClient(BasicHttpsBinding binding, EndpointAddress remoteAddress) {
             }
+#pragma warning restore IDE0060 // Remove unused parameter
         }
 
-        public void WCF_Client_Setup(BasicHttpsBinding binding, EndpointAddress endpointAddress, RSA rsaOrECDsaAlgorithm) {
+        public static void WCF_Client_Setup(BasicHttpsBinding binding, EndpointAddress endpointAddress, RSA rsaOrECDsaAlgorithm) {
             #region WCF_Endpoint_UseHttpMessageSigning
             var signatureAlgorithm = SignatureAlgorithm.Create(rsaOrECDsaAlgorithm);
 
@@ -25,7 +26,7 @@ public void WCF_Client_Setup(BasicHttpsBinding binding, EndpointAddress endpoint
             #endregion
         }
 
-        public void HttpClient_Setup(RSA rsaOrECDsaAlgorithm) {
+        public static void HttpClient_Setup(RSA rsaOrECDsaAlgorithm) {
             #region HttpClient_SigningHttpMessageHandler
             var signatureAlgorithm = SignatureAlgorithm.Create(rsaOrECDsaAlgorithm);
 

From 2777a6ec3d97b1314f18141fdfff8d0f0137a669 Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Mon, 2 Oct 2023 10:02:43 +0200
Subject: [PATCH 05/12] Bump .NET version in GitHub Action

---
 .github/workflows/ci.yaml | 2 +-
 Directory.Build.props     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 08469f4..06108df 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -15,7 +15,7 @@ jobs:
       - name: Setup .NET
         uses: actions/setup-dotnet@v1
         with:
-          dotnet-version: 5.0.x
+          dotnet-version: 6.0.x
 
       - name: Restore dependencies
         run: dotnet restore
diff --git a/Directory.Build.props b/Directory.Build.props
index a68d765..e1eb3d7 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -2,7 +2,7 @@
   <PropertyGroup>
     <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
     <Authors>IdentityStream AS</Authors>
-    <LangVersion>11</LangVersion>
+    <LangVersion>10</LangVersion>
     <Nullable>Enable</Nullable>
   </PropertyGroup>
 </Project>
\ No newline at end of file

From 19ae60e83544dba1111bba3e4fb5f7f36891a81c Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Mon, 2 Oct 2023 10:10:49 +0200
Subject: [PATCH 06/12] Consolidate some package references

---
 Directory.Build.props                          | 18 ++++++++++++++++++
 src/Directory.Build.props                      |  6 ------
 ...ream.HttpMessageSigning.ServiceModel.csproj |  6 ------
 .../IdentityStream.HttpMessageSigning.csproj   |  6 ------
 4 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/Directory.Build.props b/Directory.Build.props
index e1eb3d7..82f5a40 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -5,4 +5,22 @@
     <LangVersion>10</LangVersion>
     <Nullable>Enable</Nullable>
   </PropertyGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
+    <PackageReference Include="Polyfill" Version="1.28.0">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
+    </PackageReference>
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.1.1">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="MinVer" Version="4.3.0">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
+    </PackageReference>
+  </ItemGroup>
 </Project>
\ No newline at end of file
diff --git a/src/Directory.Build.props b/src/Directory.Build.props
index 5eb2566..43d3628 100644
--- a/src/Directory.Build.props
+++ b/src/Directory.Build.props
@@ -24,10 +24,4 @@
   <ItemGroup>
     <None Include="../../icon.png" Pack="true" PackagePath="/" />
   </ItemGroup>
-
-  <ItemGroup>
-    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.0.0" PrivateAssets="All" />
-    <PackageReference Include="MinVer" Version="2.5.0" PrivateAssets="All" />
-    <PackageReference Include="Nullable" Version="1.3.0" PrivateAssets="All" />
-  </ItemGroup>
 </Project>
\ No newline at end of file
diff --git a/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj b/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj
index 48395db..d30e724 100644
--- a/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj
+++ b/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj
@@ -16,10 +16,4 @@
   <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'">
     <PackageReference Include="System.ServiceModel.Http" Version="6.0.0" />
   </ItemGroup>
-
-  <ItemGroup>
-    <PackageReference Update="Microsoft.SourceLink.GitHub" Version="1.1.1" />
-    <PackageReference Update="MinVer" Version="4.3.0" />
-    <PackageReference Update="Nullable" Version="1.3.1" />
-  </ItemGroup>
 </Project>
diff --git a/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj b/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj
index c8a0ef3..4593db0 100644
--- a/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj
+++ b/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj
@@ -8,10 +8,4 @@
   <ItemGroup>
     <PackageReference Include="System.Collections.Immutable" Version="7.0.0" />
   </ItemGroup>
-
-  <ItemGroup>
-    <PackageReference Update="Microsoft.SourceLink.GitHub" Version="1.1.1" />
-    <PackageReference Update="MinVer" Version="4.3.0" />
-    <PackageReference Update="Nullable" Version="1.3.1" />
-  </ItemGroup>
 </Project>

From 4dea23217e7d8e9a2665304becd934d9f6f044da Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@hellang.com>
Date: Wed, 22 Nov 2023 13:23:52 +0100
Subject: [PATCH 07/12] Bump CI to .NET 8

---
 .github/workflows/ci.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 06108df..8e09b8f 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -15,7 +15,7 @@ jobs:
       - name: Setup .NET
         uses: actions/setup-dotnet@v1
         with:
-          dotnet-version: 6.0.x
+          dotnet-version: 8.0.x
 
       - name: Restore dependencies
         run: dotnet restore

From 7446b63df30e7ef19e2b454e6058352ba50c1eb0 Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Wed, 22 Nov 2023 13:43:22 +0100
Subject: [PATCH 08/12] Bump to .NET 8

---
 .../IdentityStream.HttpMessageSigning.ServiceModel.csproj | 8 ++++----
 .../IdentityStream.HttpMessageSigning.csproj              | 4 ++--
 .../IdentityStream.HttpMessageSigning.Tests.csproj        | 2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj b/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj
index d30e724..aa084f6 100644
--- a/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj
+++ b/src/IdentityStream.HttpMessageSigning.ServiceModel/IdentityStream.HttpMessageSigning.ServiceModel.csproj
@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <TargetFrameworks>netstandard2.0;net6.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.0;net8.0</TargetFrameworks>
     <PackageTags>$(PackageTags);wcf;servicemodel</PackageTags>
     <Description>A .NET implementation of "Signing HTTP Messages" (Cavage, draft 12) for System.ServiceModel (WCF).</Description>
   </PropertyGroup>
@@ -10,10 +10,10 @@
   </ItemGroup>
 
   <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
-    <PackageReference Include="System.ServiceModel.Http" Version="4.10.2" />
+    <PackageReference Include="System.ServiceModel.Http" Version="4.10.3" />
   </ItemGroup>
 
-  <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'">
-    <PackageReference Include="System.ServiceModel.Http" Version="6.0.0" />
+  <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+    <PackageReference Include="System.ServiceModel.Http" Version="6.2.0" />
   </ItemGroup>
 </Project>
diff --git a/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj b/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj
index 4593db0..95d9085 100644
--- a/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj
+++ b/src/IdentityStream.HttpMessageSigning/IdentityStream.HttpMessageSigning.csproj
@@ -1,11 +1,11 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <TargetFrameworks>netstandard2.0;net6.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.0;net8.0</TargetFrameworks>
     <PackageTags>$(PackageTags);httpclient</PackageTags>
     <Description>A .NET implementation of "Signing HTTP Messages" (Cavage, draft 12) for HttpClient.</Description>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="System.Collections.Immutable" Version="7.0.0" />
+    <PackageReference Include="System.Collections.Immutable" Version="8.0.0" />
   </ItemGroup>
 </Project>
diff --git a/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj b/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj
index 7ffa324..3461106 100644
--- a/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj
+++ b/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj
@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <TargetFramework>net6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
     <IsPackable>false</IsPackable>
   </PropertyGroup>
 

From 209acc7c12c450af6311fa7f2c9c482bf107f153 Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Wed, 22 Nov 2023 13:46:41 +0100
Subject: [PATCH 09/12] Remove usage of deprecated HashAlgorithm.Create method

---
 .../Extensions/HttpContentExtensions.cs       |  6 ++---
 .../ECDsaSignatureAlgorithm.cs                |  4 +---
 .../HMACSignatureAlgorithm.cs                 |  4 +---
 .../SignatureAlgorithms/Hasher.cs             | 24 +++++++++++++++++++
 .../RSASignatureAlgorithm.cs                  |  4 +---
 5 files changed, 29 insertions(+), 13 deletions(-)
 create mode 100644 src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/Hasher.cs

diff --git a/src/IdentityStream.HttpMessageSigning/Extensions/HttpContentExtensions.cs b/src/IdentityStream.HttpMessageSigning/Extensions/HttpContentExtensions.cs
index 46eec2c..3c35691 100644
--- a/src/IdentityStream.HttpMessageSigning/Extensions/HttpContentExtensions.cs
+++ b/src/IdentityStream.HttpMessageSigning/Extensions/HttpContentExtensions.cs
@@ -12,10 +12,8 @@ public static async Task<string> GetDigestHeaderValues(this HttpContent content,
 
             var bytes = await content.ReadAsByteArrayAsync().ConfigureAwait(false);
 
-            using var hashAlgorithm = HashAlgorithm.Create(digestAlgorithm.Name!)
-                ?? throw new InvalidOperationException($"Invalid digest algorithm: {digestAlgorithm.Name}");
-
-            var digestBytes = hashAlgorithm.ComputeHash(bytes);
+            using var hasher = Hasher.GetSha(digestAlgorithm);
+            var digestBytes = hasher.ComputeHash(bytes);
             var digest = Convert.ToBase64String(digestBytes);
             var algorithmName = GetDigestAlgorithmName(digestAlgorithm);
 
diff --git a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/ECDsaSignatureAlgorithm.cs b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/ECDsaSignatureAlgorithm.cs
index 4b022e0..fdfe538 100644
--- a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/ECDsaSignatureAlgorithm.cs
+++ b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/ECDsaSignatureAlgorithm.cs
@@ -1,6 +1,5 @@
 using System;
 using System.Security.Cryptography;
-using Hasher = System.Security.Cryptography.HashAlgorithm;
 
 namespace IdentityStream.HttpMessageSigning {
     // ReSharper disable once InconsistentNaming
@@ -17,8 +16,7 @@ public ECDsaSignatureAlgorithm(ECDsa ecdsa, HashAlgorithmName hashAlgorithm) {
         public string Name => "ECDsa";
 
         public byte[] ComputeHash(byte[] bytes) {
-            using var hasher = Hasher.Create(HashAlgorithm.Name!)
-                ?? throw new InvalidOperationException($"Invalid hash algorithm: {HashAlgorithm.Name}");
+            using var hasher = Hasher.GetSha(HashAlgorithm);
             var hashedBytes = hasher.ComputeHash(bytes);
             return Ecdsa.SignHash(hashedBytes);
         }
diff --git a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/HMACSignatureAlgorithm.cs b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/HMACSignatureAlgorithm.cs
index e449181..f0004fb 100644
--- a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/HMACSignatureAlgorithm.cs
+++ b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/HMACSignatureAlgorithm.cs
@@ -16,9 +16,7 @@ public HMACSignatureAlgorithm(byte[] key, HashAlgorithmName hashAlgorithm) {
 		public string Name => "HMAC";
 
 		public byte[] ComputeHash(byte[] bytes) {
-			using var hmac = HMAC.Create(Name + HashAlgorithm.ToString())
-				?? throw new InvalidOperationException($"Invalid hash algorithm: {HashAlgorithm.Name}");
-            hmac.Key = Key;
+			using var hmac = Hasher.GetHmac(HashAlgorithm, Key);
 			return hmac.ComputeHash(bytes);
 		}
 	}
diff --git a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/Hasher.cs b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/Hasher.cs
new file mode 100644
index 0000000..21af1ab
--- /dev/null
+++ b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/Hasher.cs
@@ -0,0 +1,24 @@
+using System;
+using System.Security.Cryptography;
+
+namespace IdentityStream.HttpMessageSigning
+{
+    internal static class Hasher
+    {
+        public static HashAlgorithm GetSha(HashAlgorithmName name) => name.Name switch
+        {
+            nameof(HashAlgorithmName.SHA256) => SHA256.Create(),
+            nameof(HashAlgorithmName.SHA384) => SHA384.Create(),
+            nameof(HashAlgorithmName.SHA512) => SHA512.Create(),
+            _ => throw new NotSupportedException($"The specified hash algorithm '{name.Name}' is not supported."),
+        };
+
+        public static HMAC GetHmac(HashAlgorithmName name, byte[] key) => name.Name switch
+        {
+            nameof(HashAlgorithmName.SHA256) => new HMACSHA256(key),
+            nameof(HashAlgorithmName.SHA384) => new HMACSHA384(key),
+            nameof(HashAlgorithmName.SHA512) => new HMACSHA512(key),
+            _ => throw new NotSupportedException($"The specified hash algorithm '{name.Name}' is not supported."),
+        };
+    }
+}
\ No newline at end of file
diff --git a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/RSASignatureAlgorithm.cs b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/RSASignatureAlgorithm.cs
index 6458a93..5050d61 100644
--- a/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/RSASignatureAlgorithm.cs
+++ b/src/IdentityStream.HttpMessageSigning/SignatureAlgorithms/RSASignatureAlgorithm.cs
@@ -1,6 +1,5 @@
 using System;
 using System.Security.Cryptography;
-using Hasher = System.Security.Cryptography.HashAlgorithm;
 
 namespace IdentityStream.HttpMessageSigning {
     // ReSharper disable once InconsistentNaming
@@ -17,8 +16,7 @@ public RSASignatureAlgorithm(RSA rsa, HashAlgorithmName hashAlgorithm) {
         public string Name => "RSA";
 
         public byte[] ComputeHash(byte[] bytes) {
-            using var hasher = Hasher.Create(HashAlgorithm.Name!)
-                ?? throw new InvalidOperationException($"Invalid hash algorithm: {HashAlgorithm.Name}");
+            using var hasher = Hasher.GetSha(HashAlgorithm);
             var hashedBytes = hasher.ComputeHash(bytes);
             return Rsa.SignHash(hashedBytes, HashAlgorithm, RSASignaturePadding.Pkcs1);
         }

From eb2d93a40e48e1d6b185b241a390f81bd790f9ed Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Wed, 22 Nov 2023 13:49:43 +0100
Subject: [PATCH 10/12] Don't use unsupported SHA version

---
 .../HttpMessageSignerTests.cs                                   | 2 +-
 ...tHeader_IsAddedToRequest_digestAlgorithm=SHA384.verified.txt | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 test/IdentityStream.HttpMessageSigning.Tests/Snapshots/HttpMessageSignerTests.DigestHeader_IsAddedToRequest_digestAlgorithm=SHA384.verified.txt

diff --git a/test/IdentityStream.HttpMessageSigning.Tests/HttpMessageSignerTests.cs b/test/IdentityStream.HttpMessageSigning.Tests/HttpMessageSignerTests.cs
index e7251ba..5929b23 100644
--- a/test/IdentityStream.HttpMessageSigning.Tests/HttpMessageSignerTests.cs
+++ b/test/IdentityStream.HttpMessageSigning.Tests/HttpMessageSignerTests.cs
@@ -91,8 +91,8 @@ await Verify(message.Headers[HeaderNames.Digest].Single())
 
         public static IEnumerable<object[]> HashAlgorithms {
             get {
-                yield return new object[] { HashAlgorithmName.SHA1 };
                 yield return new object[] { HashAlgorithmName.SHA256 };
+                yield return new object[] { HashAlgorithmName.SHA384 };
                 yield return new object[] { HashAlgorithmName.SHA512 };
             }
         }
diff --git a/test/IdentityStream.HttpMessageSigning.Tests/Snapshots/HttpMessageSignerTests.DigestHeader_IsAddedToRequest_digestAlgorithm=SHA384.verified.txt b/test/IdentityStream.HttpMessageSigning.Tests/Snapshots/HttpMessageSignerTests.DigestHeader_IsAddedToRequest_digestAlgorithm=SHA384.verified.txt
new file mode 100644
index 0000000..eecd21b
--- /dev/null
+++ b/test/IdentityStream.HttpMessageSigning.Tests/Snapshots/HttpMessageSignerTests.DigestHeader_IsAddedToRequest_digestAlgorithm=SHA384.verified.txt
@@ -0,0 +1 @@
+SHA-384=WeF0h3dEjGnea4ANejO7+5/xtGPkQ1TDVTvNucZm+pASWjx5+QOXvfX2oT3oKGhP
\ No newline at end of file

From 30e1e397e09bca0c5a467f13755ac9921326b944 Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Wed, 22 Nov 2023 13:51:39 +0100
Subject: [PATCH 11/12] Bump task versions

---
 .github/workflows/ci.yaml             | 4 ++--
 .github/workflows/on-push-do-docs.yml | 4 +++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 8e09b8f..9909e57 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -10,10 +10,10 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Setup .NET
-        uses: actions/setup-dotnet@v1
+        uses: actions/setup-dotnet@v3
         with:
           dotnet-version: 8.0.x
 
diff --git a/.github/workflows/on-push-do-docs.yml b/.github/workflows/on-push-do-docs.yml
index 3608641..89f70e7 100644
--- a/.github/workflows/on-push-do-docs.yml
+++ b/.github/workflows/on-push-do-docs.yml
@@ -5,12 +5,14 @@ jobs:
   docs:
     runs-on: windows-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
+
       - name: Run MarkdownSnippets
         run: |
           dotnet tool install --global MarkdownSnippets.Tool
           mdsnippets ${GITHUB_WORKSPACE}
         shell: bash
+
       - name: Push changes
         run: |
           git config --local user.email "action@github.com"

From 93d58c3049aecd393e5491c0175dadefc890e7a2 Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@identitystream.com>
Date: Wed, 22 Nov 2023 14:02:50 +0100
Subject: [PATCH 12/12] Final bump

---
 Directory.Build.props                                     | 4 ++--
 .../IdentityStream.HttpMessageSigning.Tests.csproj        | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/Directory.Build.props b/Directory.Build.props
index 82f5a40..9a55192 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -7,14 +7,14 @@
   </PropertyGroup>
 
   <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
-    <PackageReference Include="Polyfill" Version="1.28.0">
+    <PackageReference Include="Polyfill" Version="1.32.1">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
     </PackageReference>
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.1.1">
+    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="8.0.0">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
     </PackageReference>
diff --git a/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj b/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj
index 3461106..5898f18 100644
--- a/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj
+++ b/test/IdentityStream.HttpMessageSigning.Tests/IdentityStream.HttpMessageSigning.Tests.csproj
@@ -6,10 +6,10 @@
 
   <ItemGroup>
     <PackageReference Include="MarkdownSnippets.MsBuild" Version="25.1.0" PrivateAssets="all" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.7.2" />
-    <PackageReference Include="Verify.Xunit" Version="21.3.0" />
-    <PackageReference Include="xunit" Version="2.5.1" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="2.5.1" PrivateAssets="all" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0" />
+    <PackageReference Include="Verify.Xunit" Version="22.5.0" />
+    <PackageReference Include="xunit" Version="2.6.2" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.5.4" PrivateAssets="all" />
     <PackageReference Include="coverlet.collector" Version="6.0.0" PrivateAssets="all" />
   </ItemGroup>