diff options
9 files changed, 19 insertions, 6 deletions
diff --git a/docs/project/list-of-diagnostics.md b/docs/project/list-of-diagnostics.md index fc946ddb03b..9497fc7b692 100644 --- a/docs/project/list-of-diagnostics.md +++ b/docs/project/list-of-diagnostics.md @@ -81,6 +81,8 @@ The PR that reveals the implementation of the `<IncludeInternalObsoleteAttribute | __`SYSLIB0024`__ | Creating and unloading AppDomains is not supported and throws an exception. | | __`SYSLIB0025`__ | SuppressIldasmAttribute has no effect in .NET 6.0+. | | __`SYSLIB0026`__ | X509Certificate and X509Certificate2 are immutable. Use the appropriate constructor to create a new certificate. | +| __`SYSLIB0027`__ | PublicKey.Key is obsolete. Use the appropriate method to get the public key, such as GetRSAPublicKey. | +| __`SYSLIB0028`__ | X509Certificate2.PrivateKey is obsolete. Use the appropriate method to get the private key, such as GetRSAPrivateKey, or use the CopyWithPrivateKey method to create a new instance with a private key. | ## Analyzer Warnings diff --git a/src/libraries/Common/src/System/Obsoletions.cs b/src/libraries/Common/src/System/Obsoletions.cs index 32ec8ebb6ed..71223c53000 100644 --- a/src/libraries/Common/src/System/Obsoletions.cs +++ b/src/libraries/Common/src/System/Obsoletions.cs @@ -89,5 +89,11 @@ namespace System internal const string X509CertificateImmutableMessage = "X509Certificate and X509Certificate2 are immutable. Use the appropriate constructor to create a new certificate."; internal const string X509CertificateImmutableDiagId = "SYSLIB0026"; + + internal const string PublicKeyPropertyMessage = "PublicKey.Key is obsolete. Use the appropriate method to get the public key, such as GetRSAPublicKey."; + internal const string PublicKeyPropertyDiagId = "SYSLIB0027"; + + internal const string X509CertificatePrivateKeyMessage = "X509Certificate2.PrivateKey is obsolete. Use the appropriate method to get the private key, such as GetRSAPrivateKey, or use the CopyWithPrivateKey method to create a new instance with a private key."; + internal const string X509CertificatePrivateKeyDiagId = "SYSLIB0028"; } } diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/TestHelper.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/TestHelper.cs index 998e93813ec..36fdcab59ca 100644 --- a/src/libraries/System.Net.Security/tests/FunctionalTests/TestHelper.cs +++ b/src/libraries/System.Net.Security/tests/FunctionalTests/TestHelper.cs @@ -168,7 +168,7 @@ namespace System.Net.Security.Tests intermedPub3.Dispose(); CertificateAuthority intermediateAuthority3 = new CertificateAuthority(intermedCert3, null, null, null); - RSA eeKey = (RSA)endEntity.PrivateKey; + RSA eeKey = endEntity.GetRSAPrivateKey(); endEntity = intermediateAuthority3.CreateEndEntity( $"CN=\"A SSL Test\", O=\"testName\"", eeKey, diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs b/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs index 384a5eabad5..7b979c2a26b 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/EnvelopedCms/DecryptTests.cs @@ -841,7 +841,7 @@ namespace System.Security.Cryptography.Pkcs.EnvelopedCmsTests.Tests using (X509Certificate2 pubCert = certLoader.GetCertificate()) { RecipientInfo recipient = ecms.RecipientInfos.Cast<RecipientInfo>().Where((r) => r.RecipientIdentifier.MatchesCertificate(cert)).Single(); - ecms.Decrypt(recipient, cert.PrivateKey); + ecms.Decrypt(recipient, cert.GetRSAPrivateKey()); } } else diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/ref/System.Security.Cryptography.X509Certificates.cs b/src/libraries/System.Security.Cryptography.X509Certificates/ref/System.Security.Cryptography.X509Certificates.cs index e3ade1a368c..6adbdfb1160 100644 --- a/src/libraries/System.Security.Cryptography.X509Certificates/ref/System.Security.Cryptography.X509Certificates.cs +++ b/src/libraries/System.Security.Cryptography.X509Certificates/ref/System.Security.Cryptography.X509Certificates.cs @@ -64,6 +64,7 @@ namespace System.Security.Cryptography.X509Certificates public PublicKey(System.Security.Cryptography.Oid oid, System.Security.Cryptography.AsnEncodedData parameters, System.Security.Cryptography.AsnEncodedData keyValue) { } public System.Security.Cryptography.AsnEncodedData EncodedKeyValue { get { throw null; } } public System.Security.Cryptography.AsnEncodedData EncodedParameters { get { throw null; } } + [System.ObsoleteAttribute("PublicKey.Key is obsolete. Use the appropriate method to get the public key, such as GetRSAPublicKey.", DiagnosticId = "SYSLIB0027", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")] public System.Security.Cryptography.AsymmetricAlgorithm Key { get { throw null; } } public System.Security.Cryptography.Oid Oid { get { throw null; } } public static System.Security.Cryptography.X509Certificates.PublicKey CreateFromSubjectPublicKeyInfo(System.ReadOnlySpan<byte> source, out int bytesRead) { throw null; } @@ -253,6 +254,7 @@ namespace System.Security.Cryptography.X509Certificates public System.Security.Cryptography.X509Certificates.X500DistinguishedName IssuerName { get { throw null; } } public System.DateTime NotAfter { get { throw null; } } public System.DateTime NotBefore { get { throw null; } } + [System.ObsoleteAttribute("X509Certificate2.PrivateKey is obsolete. Use the appropriate method to get the private key, such as GetRSAPrivateKey, or use the CopyWithPrivateKey method to create a new instance with a private key.", DiagnosticId = "SYSLIB0028", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")] public System.Security.Cryptography.AsymmetricAlgorithm? PrivateKey { get { throw null; } set { } } public System.Security.Cryptography.X509Certificates.PublicKey PublicKey { get { throw null; } } public byte[] RawData { get { throw null; } } diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/PublicKey.cs b/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/PublicKey.cs index a641fe9f0c4..009242d85f8 100644 --- a/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/PublicKey.cs +++ b/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/PublicKey.cs @@ -1,6 +1,7 @@ // Licensed to the .NET Foundation under one or more agreements. // The .NET Foundation licenses this file to you under the MIT license. +using System; using System.Buffers; using System.Formats.Asn1; using System.Runtime.InteropServices; @@ -61,6 +62,7 @@ namespace System.Security.Cryptography.X509Certificates public AsnEncodedData EncodedParameters { get; private set; } + [Obsolete(Obsoletions.PublicKeyPropertyMessage, DiagnosticId = Obsoletions.PublicKeyPropertyDiagId, UrlFormat = Obsoletions.SharedUrlFormat)] public AsymmetricAlgorithm Key { get diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/X509Certificate2.cs b/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/X509Certificate2.cs index d4ef8220853..967d2915b5c 100644 --- a/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/X509Certificate2.cs +++ b/src/libraries/System.Security.Cryptography.X509Certificates/src/System/Security/Cryptography/X509Certificates/X509Certificate2.cs @@ -238,6 +238,7 @@ namespace System.Security.Cryptography.X509Certificates } } + [Obsolete(Obsoletions.X509CertificatePrivateKeyMessage, DiagnosticId = Obsoletions.X509CertificatePrivateKeyDiagId, UrlFormat = Obsoletions.SharedUrlFormat)] public AsymmetricAlgorithm? PrivateKey { get diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/tests/System.Security.Cryptography.X509Certificates.Tests.csproj b/src/libraries/System.Security.Cryptography.X509Certificates/tests/System.Security.Cryptography.X509Certificates.Tests.csproj index ee68bbc75bc..18b91ea8472 100644 --- a/src/libraries/System.Security.Cryptography.X509Certificates/tests/System.Security.Cryptography.X509Certificates.Tests.csproj +++ b/src/libraries/System.Security.Cryptography.X509Certificates/tests/System.Security.Cryptography.X509Certificates.Tests.csproj @@ -4,7 +4,7 @@ <DefineConstants>$(DefineConstants);HAVE_THUMBPRINT_OVERLOADS</DefineConstants> <DefineConstants Condition="'$(TargetsUnix)' == 'true'">$(DefineConstants);Unix</DefineConstants> <IncludeRemoteExecutor>true</IncludeRemoteExecutor> - <NoWarn>$(NoWarn);SYSLIB0026</NoWarn> + <NoWarn>$(NoWarn);SYSLIB0026;SYSLIB0027;SYSLIB0028</NoWarn> <TargetFrameworks>$(NetCoreAppCurrent)-windows;$(NetCoreAppCurrent)-Unix;$(NetCoreAppCurrent)-Android;$(NetCoreAppCurrent)-Browser;$(NetCoreAppCurrent)-OSX;$(NetCoreAppCurrent)-iOS;$(NetCoreAppCurrent)-tvOS</TargetFrameworks> </PropertyGroup> <PropertyGroup> diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs b/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs index c6ad9ba72e8..c85f82b12ec 100644 --- a/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs +++ b/src/libraries/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs @@ -665,7 +665,7 @@ namespace System.Security.Cryptography.Xml.Tests X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); SignedXml signedXml = new SignedXml(doc); - signedXml.SigningKey = cert.PrivateKey; + signedXml.SigningKey = cert.GetRSAPrivateKey(); signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url; @@ -725,7 +725,7 @@ namespace System.Security.Cryptography.Xml.Tests X509Certificate2 cert = new X509Certificate2(_pkcs12, "mono"); SignedXml signedXml = new SignedXml(doc); - signedXml.SigningKey = cert.PrivateKey; + signedXml.SigningKey = cert.GetRSAPrivateKey(); signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url; signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; @@ -970,7 +970,7 @@ namespace System.Security.Cryptography.Xml.Tests XmlDocument doc = CreateSomeXml(lineFeed); SignedXml signedXml = new SignedXml(doc); - signedXml.SigningKey = cert.PrivateKey; + signedXml.SigningKey = cert.GetRSAPrivateKey(); signedXml.SignedInfo.CanonicalizationMethod = canonicalizationMethod; signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url; |