New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consider obsoleting RSA.EncryptValue
, RSA.DecryptValue
#73969
Comments
Tagging subscribers to this area: @dotnet/area-system-security, @vcsjones Issue Details
namespace System.Security.Cryptography;
public partial class RSA : AsymmetricAlgorithm
{
+ [Obsolete("RSA.EncryptValue and DecryptValue are not supported and throw NotSupportedException.")]
public virtual byte[] EncryptValue(byte[] rgb);
+ [Obsolete("RSA.EncryptValue and DecryptValue are not supported and throw NotSupportedException.")]
public virtual byte[] DecryptValue(byte[] rgb);
}
public partial class RSACryptoServiceProvider : RSA
{
+ [Obsolete("RSA.EncryptValue and DecryptValue are not supported and throw NotSupportedException.")]
public override byte[] EncryptValue(byte[] rgb);
+ [Obsolete("RSA.EncryptValue and DecryptValue are not supported and throw NotSupportedException.")]
public override byte[] DecryptValue(byte[] rgb);
}
|
Huh, I thought we had already done this. But, apparently not. |
Actually, they've never worked for built-in providers. They were abstract in .NET Framework 1.0 and RSACryptoServiceProvider threw a NotSupportedException. RSAPKCS1KeyExchangeFormatter is the only thing that hinted at what the method pair was supposed to do, namely the raw RSA public key operation and raw RSA private key operation. All we did in 4.6 was change abstract to virtual+throw so we didn't have to keep declaring override+throw for RSACng (4.6), RSAOpenSsl (.NET Core 1.0) and RSASecurityTransforms (.NET Core 2.0, non-public) |
@reflectronic can you reword the message to guide the users towards using |
namespace System.Security.Cryptography;
public partial class RSA : AsymmetricAlgorithm
{
[Obsolete("RSA.EncryptValue and DecryptValue are not supported and throw NotSupportedException. Use RSA.Encrypt and RSA.Decrypt instead.")]
[EditorBrowsable(EditorBrowsableState.Never)]
public virtual byte[] EncryptValue(byte[] rgb);
[Obsolete("RSA.EncryptValue and DecryptValue are not supported and throw NotSupportedException. Use RSA.Encrypt and RSA.Decrypt instead.")]
[EditorBrowsable(EditorBrowsableState.Never)]
public virtual byte[] DecryptValue(byte[] rgb);
}
public partial class RSACryptoServiceProvider : RSA
{
[Obsolete("RSA.EncryptValue and DecryptValue are not supported and throw NotSupportedException. Use RSA.Encrypt and RSA.Decrypt instead.")]
[EditorBrowsable(EditorBrowsableState.Never)]
public override byte[] EncryptValue(byte[] rgb);
[Obsolete("RSA.EncryptValue and DecryptValue are not supported and throw NotSupportedException. Use RSA.Encrypt and RSA.Decrypt instead.")]
[EditorBrowsable(EditorBrowsableState.Never)]
public override byte[] DecryptValue(byte[] rgb);
} |
@reflectronic were you interested in implementing this? |
@danmoseley What's your interest in taking some extra obsoletions in RC1? (The methods have thrown NotImplementedException in inbox types since they were introduced in .NET Framework 1.0, so it's as low of potential usage as we could ever really hope to expect 😄) |
If you want I can do that as well. |
RSA.EncryptValue
andRSA.DecryptValue
have been obsolete and non-working since .NET Framework 4.6 (and were removed initially from .NET Core). A comment in the .NET reference source suggests that the members should have been marked obsolete long ago, but weren't because for .NET Framework compatibility reasons. Since .NET doesn't have these issues anymore, adding these obsoletions should now be straightforward.The text was updated successfully, but these errors were encountered: