Merge pull request #46673 from dotnet/main

Merge main into live

Author: gewarren

docs/ai/tutorials/tutorial-ai-vector-search.md

@@ -74,7 +74,7 @@ When you run the app for the first time, it connects to Azure Cosmos DB and repo
                 var jsonString= System.IO.File.ReadAllText(f);
                 Recipe recipe = JsonConvert.DeserializeObject<Recipe>(jsonString);
                 recipe.id = recipe.name.ToLower().Replace(" ", "");
-                ret.Add(recipe);
+                recipes.Add(recipe);
             }
         );
 

docs/core/whats-new/dotnet-10/libraries.md

@@ -2,20 +2,21 @@
 title: What's new in .NET libraries for .NET 10
 description: Learn about the updates to the .NET libraries for .NET 10.
 titleSuffix: ""
-ms.date: 05/15/2025
+ms.date: 06/09/2025
 ms.topic: whats-new
 ai-usage: ai-assisted
 ---
 
 # What's new in .NET libraries for .NET 10
 
-This article describes new features in the .NET libraries for .NET 10. It's updated for Preview 4.
+This article describes new features in the .NET libraries for .NET 10. It's updated for Preview 5.
 
 ## Cryptography
 
 - [Find certificates by thumbprints other than SHA-1](#find-certificates-by-thumbprints-other-than-sha-1)
 - [Find PEM-encoded data in ASCII/UTF-8](#find-pem-encoded-data-in-asciiutf-8)
 - [Encryption algorithm for PKCS#12/PFX export](#encryption-algorithm-for-pkcs12pfx-export)
+- [Post-quantum cryptography (PQC)](#post-quantum-cryptography-pqc)
 
 ### Find certificates by thumbprints other than SHA-1
 
@@ -56,11 +57,50 @@ The new <xref:System.Security.Cryptography.X509Certificates.X509Certificate.Expo
 
 If you want even more control, you can use [the overload](xref:System.Security.Cryptography.X509Certificates.X509Certificate.ExportPkcs12(System.Security.Cryptography.PbeParameters,System.String)) that accepts a <xref:System.Security.Cryptography.PbeParameters>.
 
+### Post-quantum cryptography (PQC)
+
+.NET 10 includes support for three new asymmetric algorithms: ML-KEM (FIPS 202), ML-DSA (FIPS 203), and SLH-DSA (FIPS 204). The new types are:
+
+- `System.Security.Cryptography.MLKem` <!--xref:System.Security.Cryptography.MLKem-->
+- `System.Security.Cryptography.MLDsa` <!--xref:System.Security.Cryptography.MLDsa-->
+- `System.Security.Cryptography.SlhDsa` <!--xref:System.Security.Cryptography.SlhDsa-->
+
+Because it adds little benefit, these new types don't derive from <xref:System.Security.Cryptography.AsymmetricAlgorithm>. Rather than the `AsymmetricAlgorithm` approach of creating an object and then importing a key into it, or generating a fresh key, the new types all use static methods to generate or import a key:
+
+```csharp
+using System;
+using System.IO;
+using System.Security.Cryptography;
+
+private static bool ValidateMLDsaSignature(ReadOnlySpan<byte> data, ReadOnlySpan<byte> signature, string publicKeyPath)
+{
+    string publicKeyPem = File.ReadAllText(publicKeyPath);
+
+    using (MLDsa key = MLDsa.ImportFromPem(publicKeyPem))
+    {
+        return key.VerifyData(data, signature);
+    }
+}
+```
+
+And rather than setting object properties and having a key materialize, key generation on these new types takes in all of the options it needs.
+
+```csharp
+using (MLKem key = MLKem.GenerateKey(MLKemAlgorithm.MLKem768))
+{
+    string publicKeyPem = key.ExportSubjectPublicKeyInfoPem();
+    ...
+}
+```
+
+These algorithms all continue with the pattern of having a static `IsSupported` property to indicate if the algorithm is supported on the current system.
+
+Currently, the PQC algorithms are only available on systems where the system cryptographic libraries are OpenSSL 3.5 (or newer). Windows CNG support will be added soon. Also, the new classes are all marked as [`[Experimental]`](../../../fundamentals/syslib-diagnostics/experimental-overview.md) under diagnostic `SYSLIB5006` until development is complete.
+
 ## Globalization and date/time
 
 - [New method overloads in ISOWeek for DateOnly type](#new-method-overloads-in-isoweek-for-dateonly-type)
 - [Numeric ordering for string comparison](#numeric-ordering-for-string-comparison)
-
 - [New `TimeSpan.FromMilliseconds` overload with single parameter](#new-timespanfrommilliseconds-overload-with-single-parameter)
 
 ### New method overloads in ISOWeek for DateOnly type

docs/core/whats-new/dotnet-10/overview.md

@@ -2,14 +2,14 @@
 title: What's new in .NET 10
 description: Learn about the new features introduced in .NET 10 for the runtime, libraries, and SDK. Also find links to what's new in other areas, such as ASP.NET Core.
 titleSuffix: ""
-ms.date: 05/15/2025
+ms.date: 06/09/2025
 ms.topic: whats-new
 ai-usage: ai-assisted
 ---
 
 # What's new in .NET 10
 
-Learn about the new features in .NET 10 and find links to further documentation. This page is updated for Preview 4.
+Learn about the new features in .NET 10 and find links to further documentation. This page is updated for Preview 5.
 
 .NET 10, the successor to [.NET 9](../dotnet-9/overview.md), is [supported for three years](https://dotnet.microsoft.com/platform/support/policy/dotnet-core) as a long-term support (LTS) release. You can [download .NET 10 here](https://get.dot.net/10).