Use .NET 9

.editorconfig

@@ -90,6 +90,7 @@ end_of_line = crlf
 dotnet_style_prefer_simplified_boolean_expressions = true:suggestion
 dotnet_style_prefer_compound_assignment = true:suggestion
 dotnet_style_prefer_simplified_interpolation = true:suggestion
+dotnet_style_prefer_collection_expression = when_types_loosely_match:suggestion
 ###############################
 # C# Coding Conventions       #
 ###############################
@@ -151,9 +152,13 @@ csharp_preserve_single_line_statements = true
 csharp_preserve_single_line_blocks = true
 csharp_using_directive_placement = outside_namespace:silent
 csharp_prefer_simple_using_statement = true:suggestion
-csharp_style_namespace_declarations = block_scoped:silent
+csharp_style_namespace_declarations = file_scoped:silent
 csharp_style_expression_bodied_lambdas = true:silent
 csharp_style_expression_bodied_local_functions = false:silent
+csharp_style_prefer_method_group_conversion = true:silent
+csharp_style_prefer_top_level_statements = true:silent
+csharp_style_prefer_primary_constructors = true:suggestion
+csharp_prefer_system_threading_lock = true:suggestion
 ###############################
 # VB Coding Conventions       #
 ###############################

.mega-linter.yml

@@ -13,9 +13,10 @@ DISABLE:
   - COPYPASTE # Comment to enable checks of excessive copy-pastes
   - SPELL # Comment to enable checks of spelling mistakes
 DISABLE_LINTERS:
-  - CSHARP_DOTNET_FORMAT # Not compatible with .NET 8 (yet)
-  - CSHARP_CSHARPIER # Not compatible with .NET 8 (yet)
-  - CSHARP_ROSLYNATOR # Not compatible with .NET 8 (yet)
+  - CSHARP_DOTNET_FORMAT # Not compatible with .NET 9 (yet)
+  - CSHARP_CSHARPIER # Not compatible with .NET 9 (yet)
+  - CSHARP_ROSLYNATOR # Not compatible with .NET 9 (yet)
+  - REPOSITORY_TRIVY # Unstable, leading to a lot of build failures
 SHOW_ELAPSED_TIME: true
 FILEIO_REPORTER: false
 # DISABLE_ERRORS: true # Uncomment if you want MegaLinter to detect errors but not block CI to pass

Directory.Build.props

@@ -12,10 +12,10 @@ SPDX-License-Identifier: MIT
     <Platforms>AnyCPU</Platforms>
 
     <!-- Use the latest .NET SDK -->
-    <TargetFrameworks>net8.0</TargetFrameworks>
+    <TargetFrameworks>net9.0</TargetFrameworks>
 
     <!-- Use the latest C# language standard -->
-    <LangVersion>12.0</LangVersion>
+    <LangVersion>13.0</LangVersion>
     <ImplicitUsings>enable</ImplicitUsings>
 
     <!-- Be very strict -->
@@ -32,6 +32,10 @@ SPDX-License-Identifier: MIT
     <SelfContained>false</SelfContained>
     <IsPackable>false</IsPackable>
     <IsPublishable>false</IsPublishable>
+    <!--
+    See https://github.com/dotnet/roslyn/issues/41640
+    -->
+    <GenerateDocumentationFile>true</GenerateDocumentationFile>
 
     <!-- Assembly metadata -->
     <Product>dotnet-xmss</Product>

UnitTests/SHAKE_Tests.cs

@@ -10,7 +10,7 @@ sealed class SHAKE_Tests
     [TestMethod]
     public void Constructor_InvalidBitSizeThrows()
     {
-        Assert.ThrowsException<ArgumentException>(() => new SHAKE(42, 128));
+        _ = Assert.ThrowsException<ArgumentException>(() => new SHAKE(42, 128));
     }
 
     [TestMethod]

Xmss/CryptographicOperations.cs

@@ -8,7 +8,7 @@
 namespace Dorssel.Security.Cryptography;
 
 /// <summary>
-/// This is a backport of .NET 6.0. Since this library is for .NET Standard 2.0 it uses <see cref="byte"/>[] instead of Span.
+/// This is a backport of .NET 9.0. Since this library is for .NET Standard 2.0 it uses <see cref="byte"/>[] instead of Span.
 /// <para/>
 /// See:
 /// <see href="https://github.com/dotnet/runtime/blob/main/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CryptographicOperations.cs"/>

Xmss/IsExternalInit.cs

@@ -4,7 +4,9 @@
 
 using System.ComponentModel;
 
+#pragma warning disable IDE0130 // Namespace does not match folder structure
 namespace System.Runtime.CompilerServices;
+#pragma warning restore IDE0130 // Namespace does not match folder structure
 
 /// <summary>
 /// Fix for using C# 9 feature in netstandard2.0.

Xmss/Wots.cs

@@ -99,7 +99,10 @@ public byte[] PRF(byte[] KEY, byte[] M)
     /// <param name="KEY">key</param>
     /// <param name="ADRS">address</param>
     /// <returns>HashAlgorithm(toByte(3, toByteLength) || KEY || ADRS)</returns>
-    public byte[] PRF(byte[] KEY, Address ADRS) => PRF(KEY, ADRS.ToBytes());
+    public byte[] PRF(byte[] KEY, Address ADRS)
+    {
+        return PRF(KEY, ADRS.ToBytes());
+    }
 
     /// <summary>
     /// Pseudo-Random Function
@@ -147,7 +150,7 @@ int[] base_w_with_csum(byte[] X)
         for (var i = 0; i < Parameters.n; i++)
         {
             csum -= basew[2 * i] = X[i] >> 4;
-            csum -= basew[2 * i + 1] = X[i] & 0xf;
+            csum -= basew[(2 * i) + 1] = X[i] & 0xf;
         }
 
         // Append csum (also in base w)

Xmss/WotsParameters.cs

@@ -8,7 +8,7 @@ namespace Dorssel.Security.Cryptography;
 
 sealed record WotsParameters
 {
-    private WotsParameters()
+    WotsParameters()
     {
         // All currently defined parameter use hexadecimal digits.
         w = 16;
@@ -33,15 +33,15 @@ private WotsParameters()
             OID = WotsOid.WOTSP_SHA2_256,
             n = 32,
             len = 67,
-            HashAlgorithm = () => SHA256.Create(),
+            HashAlgorithm = SHA256.Create,
             toByteLength = 32,
         },
         new()
         {
             OID = WotsOid.WOTSP_SHA2_512,
             n = 64,
             len = 131,
-            HashAlgorithm = () => SHA512.Create(),
+            HashAlgorithm = SHA512.Create,
             toByteLength = 64,
         },
         new()
@@ -65,7 +65,7 @@ private WotsParameters()
             OID = WotsOid.WOTSP_SHA2_192,
             n = 24,
             len = 51,
-            HashAlgorithm = () => SHA256.Create(),
+            HashAlgorithm = SHA256.Create,
             toByteLength = 4,
         },
         new()

Xmss/Xmss.cs

@@ -143,7 +143,7 @@ byte[] ltree(byte[][] pk, byte[] SEED, Address ADRS)
             for (var i = 0; i < lenPrime / 2; i++)
             {
                 ADRS.tree_index = i;
-                pk[i] = RAND_HASH(pk[2 * i], pk[2 * i + 1], SEED, ADRS);
+                pk[i] = RAND_HASH(pk[2 * i], pk[(2 * i) + 1], SEED, ADRS);
             }
             if (lenPrime % 2 == 1)
             {

Xmss/XmssParameters.cs

@@ -6,7 +6,7 @@ namespace Dorssel.Security.Cryptography;
 
 sealed record XmssParameters
 {
-    private XmssParameters()
+    XmssParameters()
     {
     }
 

Xmss/XmssPrivateKey.cs

@@ -29,7 +29,11 @@ public void setS_XMSS(byte[] S_XMSS)
     }
 
     byte[] _SK_PRF = null!;
-    public byte[] getSK_PRF() => (byte[])_SK_PRF.Clone();
+    public byte[] getSK_PRF()
+    {
+        return (byte[])_SK_PRF.Clone();
+    }
+
     public void setSK_PRF(byte[] SK_PRF)
     {
         Debug.Assert(SK_PRF.Length == WotsParameters.n);
@@ -38,7 +42,11 @@ public void setSK_PRF(byte[] SK_PRF)
     }
 
     byte[] _SEED = null!;
-    public byte[] getSEED() => (byte[])_SEED.Clone();
+    public byte[] getSEED()
+    {
+        return (byte[])_SEED.Clone();
+    }
+
     public void setSEED(byte[] SEED)
     {
         Debug.Assert(SEED.Length == WotsParameters.n);
@@ -61,7 +69,11 @@ public byte[][] getWOTS_SK(int i)
     }
 
     byte[] _root = null!;
-    public byte[] getRoot() => (byte[])_root.Clone();
+    public byte[] getRoot()
+    {
+        return (byte[])_root.Clone();
+    }
+
     public void setRoot(byte[] root)
     {
         _root = root;

Xmss/XmssSignature.cs

@@ -28,7 +28,6 @@ sealed class XmssSignature(int idx_sig, byte[] r, byte[][] sig_ots, byte[][] aut
 
     public byte[] ToBytes()
     {
-        return
-            [.. idx_sig.toByte(4), .. r, .. sig_ots.SelectMany(i => i), .. auth.SelectMany(i => i)];
+        return [.. idx_sig.toByte(4), .. r, .. sig_ots.SelectMany(i => i), .. auth.SelectMany(i => i)];
     }
 }

global.json

@@ -1,6 +1,6 @@
 {
   "sdk": {
-    "version": "8.0.403",
+    "version": "9.0.100",
     "allowPrerelease": false,
     "rollForward": "latestFeature"
   }