Improve or remove code examples for TripleDES, DES, and RC2.

[vcsjones]

We have a number of examples for using these symmetric ciphers that I think either need to be significantly improved, or removed.

1. They demonstrate incorrect use of CryptoStream. Ex:

   dotnet-api-docs/snippets/csharp/System.Security.Cryptography/DES/Create/memoryexample.cs

   Line 99 in 13d97c7

   csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);

2. They are incomplete examples. They, for example, do not demonstrate proper nonce management, they do not demonstrate proper authentication (authentication in cryptographic terms). It would be rather hard to demonstrate how to do these things properly in short examples, and nor do I think it's something that should be in API documentation.

The CryptoStream issue doesn't apply to Aes because we don't have that example for Aes, but we do have them for the other symmetric ciphers.

If we want to keep the examples, then they need to be re-written to 1. be correct 2. use modern APIs and 3. be heavily caveated that they are incomplete examples and do not demonstrate safe examples of using symmetric encryption.

/cc @bartonjs @GrabYourPitchforks

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

Tagging subscribers to this area: @dotnet/area-system-security, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

---

We have a number of examples for using these symmetric ciphers that I think either need to be significantly improved, or removed.

1. They demonstrate incorrect use of CryptoStream. Ex:

   dotnet-api-docs/snippets/csharp/System.Security.Cryptography/DES/Create/memoryexample.cs

   Line 99 in 13d97c7

   csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);

2. They are incomplete examples. They, for example, do not demonstrate proper nonce management, they do not demonstrate proper authentication (authentication in cryptographic terms). It would be rather hard to demonstrate how to do these things properly in short examples, and nor do I think it's something that should be in API documentation.

The CryptoStream issue doesn't apply to Aes because we don't have that example for Aes, but we do have them for the other symmetric ciphers.

If we want to keep the examples, then they need to be re-written to 1. be correct 2. use modern APIs and 3. be heavily caveated that they are incomplete examples and do not demonstrate safe examples of using symmetric encryption.

/cc @bartonjs @GrabYourPitchforks

Author:	vcsjones
Assignees:	-
Labels:	area-System.Security, untriaged, Pri3
Milestone:	-

[bartonjs]

Reopening because there are still some on derived types, e.g. https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.tripledescryptoserviceprovider?view=net-7.0