dotnet · eerhardt · Aug 19, 2022 · Aug 17, 2022 · Aug 18, 2022 · Aug 18, 2022
diff --git a/eng/liveBuilds.targets b/eng/liveBuilds.targets
@@ -179,7 +179,6 @@
       <LibrariesRuntimeFiles Condition="'$(TargetOS)' == 'Browser'"
                              Include="
         $(LibrariesNativeArtifactsPath)dotnet.js;
-        $(LibrariesNativeArtifactsPath)src\dotnet-crypto-worker.js;
         $(LibrariesNativeArtifactsPath)dotnet.d.ts;
         $(LibrariesNativeArtifactsPath)dotnet-legacy.d.ts;
         $(LibrariesNativeArtifactsPath)package.json;

diff --git a/src/installer/pkg/sfx/Microsoft.NETCore.App/Directory.Build.props b/src/installer/pkg/sfx/Microsoft.NETCore.App/Directory.Build.props
@@ -95,7 +95,6 @@
     <PlatformManifestFileEntry Include="libSystem.Security.Cryptography.Native.Apple.dylib" IsNative="true" />
     <PlatformManifestFileEntry Include="libSystem.Security.Cryptography.Native.Android.a" IsNative="true" />
     <PlatformManifestFileEntry Include="libSystem.Security.Cryptography.Native.Android.so" IsNative="true" />
-    <PlatformManifestFileEntry Include="libSystem.Security.Cryptography.Native.Browser.a" IsNative="true" />
     <PlatformManifestFileEntry Include="libSystem.Security.Cryptography.Native.OpenSsl.a" IsNative="true" />
     <PlatformManifestFileEntry Include="libSystem.Security.Cryptography.Native.OpenSsl.dylib" IsNative="true" />
     <PlatformManifestFileEntry Include="libSystem.Security.Cryptography.Native.OpenSsl.so" IsNative="true" />
@@ -220,7 +219,6 @@
     <PlatformManifestFileEntry Include="libmono-profiler-aot.a" IsNative="true" />
     <PlatformManifestFileEntry Include="libmono-wasm-eh-js.a" IsNative="true" />
     <PlatformManifestFileEntry Include="libmono-wasm-eh-wasm.a" IsNative="true" />
-    <PlatformManifestFileEntry Include="dotnet-crypto-worker.js" IsNative="true" />
     <PlatformManifestFileEntry Include="dotnet.js" IsNative="true" />
     <PlatformManifestFileEntry Include="dotnet.worker.js" IsNative="true" />
     <PlatformManifestFileEntry Include="dotnet.js.symbols" IsNative="true" />

diff --git a/src/libraries/Common/src/Interop/Browser/Interop.Libraries.cs b/src/libraries/Common/src/Interop/Browser/Interop.Libraries.cs
@@ -7,6 +7,5 @@ internal static partial class Libraries
     {
         // Shims
         internal const string SystemNative = "libSystem.Native";
-        internal const string CryptoNative = "libSystem.Security.Cryptography.Native.Browser";
     }
 }
diff --git a/...n/src/Interop/Browser/System.Security.Cryptography.Native.Browser/Interop.SubtleCrypto.cs b/...n/src/Interop/Browser/System.Security.Cryptography.Native.Browser/Interop.SubtleCrypto.cs
diff --git a/src/libraries/Common/src/System/Security/Cryptography/Helpers.cs b/src/libraries/Common/src/System/Security/Cryptography/Helpers.cs
@@ -11,7 +11,7 @@ namespace Internal.Cryptography
     internal static partial class Helpers
     {
         [UnsupportedOSPlatformGuard("browser")]
-        internal static bool HasNonAesSymmetricEncryption =>
+        internal static bool HasSymmetricEncryption { get; } =
 #if NETCOREAPP
             !OperatingSystem.IsBrowser();
 #else

diff --git a/src/libraries/Common/src/System/Security/Cryptography/PasswordBasedEncryption.cs b/src/libraries/Common/src/System/Security/Cryptography/PasswordBasedEncryption.cs
@@ -74,29 +74,19 @@ internal static unsafe int Decrypt(
         {
             Debug.Assert(destination.Length >= encryptedData.Length);
 
-            // Don't check that algorithmIdentifier.Parameters is set here.
-            // Maybe some future PBES3 will have one with a default.
-
-            if (algorithmIdentifier.Algorithm == Oids.PasswordBasedEncryptionScheme2)
-            {
-                return Pbes2Decrypt(
-                    algorithmIdentifier.Parameters,
-                    password,
-                    passwordBytes,
-                    encryptedData,
-                    destination);
-            }
-
-            if (!Helpers.HasNonAesSymmetricEncryption)
+            if (!Helpers.HasSymmetricEncryption)
             {
                 throw new CryptographicException(
                     SR.Format(
                         SR.Cryptography_UnknownAlgorithmIdentifier,
                         algorithmIdentifier.Algorithm));
             }
 
+            // Don't check that algorithmIdentifier.Parameters is set here.
+            // Maybe some future PBES3 will have one with a default.
+
             HashAlgorithmName digestAlgorithmName;
-            SymmetricAlgorithm cipher;
+            SymmetricAlgorithm? cipher = null;
 
             bool pkcs12 = false;
 
@@ -141,6 +131,13 @@ internal static unsafe int Decrypt(
                     cipher.KeySize = 40;
                     pkcs12 = true;
                     break;
+                case Oids.PasswordBasedEncryptionScheme2:
+                    return Pbes2Decrypt(
+                        algorithmIdentifier.Parameters,
+                        password,
+                        passwordBytes,
+                        encryptedData,
+                        destination);
                 default:
                     throw new CryptographicException(
                         SR.Format(
@@ -149,6 +146,7 @@ internal static unsafe int Decrypt(
             }
 
             Debug.Assert(digestAlgorithmName.Name != null);
+            Debug.Assert(cipher != null);
 
             using (cipher)
             {
@@ -239,6 +237,14 @@ internal static void InitiateEncryption(
         {
             Debug.Assert(pbeParameters != null);
 
+            if (!Helpers.HasSymmetricEncryption)
+            {
+                throw new CryptographicException(
+                    SR.Format(
+                        SR.Cryptography_UnknownAlgorithmIdentifier,
+                        pbeParameters.EncryptionAlgorithm));
+            }
+
             isPkcs12 = false;
 
             switch (pbeParameters.EncryptionAlgorithm)
@@ -258,7 +264,7 @@ internal static void InitiateEncryption(
                     cipher.KeySize = 256;
                     encryptionAlgorithmOid = Oids.Aes256Cbc;
                     break;
-                case PbeEncryptionAlgorithm.TripleDes3KeyPkcs12 when Helpers.HasNonAesSymmetricEncryption:
+                case PbeEncryptionAlgorithm.TripleDes3KeyPkcs12:
                     cipher = TripleDES.Create();
                     cipher.KeySize = 192;
                     encryptionAlgorithmOid = Oids.Pkcs12PbeWithShaAnd3Key3Des;
@@ -566,6 +572,12 @@ private static SymmetricAlgorithm OpenCipher(
         {
             string? algId = encryptionScheme.Algorithm;
 
+            if (!Helpers.HasSymmetricEncryption)
+            {
+                throw new CryptographicException(
+                    SR.Format(SR.Cryptography_AlgorithmNotSupported, algId));
+            }
+
             if (algId == Oids.Aes128Cbc ||
                 algId == Oids.Aes192Cbc ||
                 algId == Oids.Aes256Cbc)
@@ -604,12 +616,6 @@ private static SymmetricAlgorithm OpenCipher(
                 return aes;
             }
 
-            if (!Helpers.HasNonAesSymmetricEncryption)
-            {
-                throw new CryptographicException(
-                    SR.Format(SR.Cryptography_AlgorithmNotSupported, algId));
-            }
-
             if (algId == Oids.TripleDesCbc)
             {
                 // https://tools.ietf.org/html/rfc8018#appendix-B.2.2