Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Obsolete some System.Security.Cryptography.Pkcs APIs #57301

Merged
merged 2 commits into from
Aug 12, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions docs/project/list-of-diagnostics.md
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,8 @@ The PR that reveals the implementation of the `<IncludeInternalObsoleteAttribute
| __`SYSLIB0031`__ | EncodeOID is obsolete. Use the ASN.1 functionality provided in System.Formats.Asn1. |
| __`SYSLIB0032`__ | Recovery from corrupted process state exceptions is not supported; HandleProcessCorruptedStateExceptionsAttribute is ignored. |
| __`SYSLIB0033`__ | Rfc2898DeriveBytes.CryptDeriveKey is obsolete and is not supported. Use PasswordDeriveBytes.CryptDeriveKey instead. |
| __`SYSLIB0034`__ | CmsSigner(CspParameters) is obsolete and is not supported. Use an alternative constructor instead. |
| __`SYSLIB0035`__ | ComputeCounterSignature without specifying a CmsSigner is obsolete and is not supported. Use the overload that accepts a CmsSigner. |

## Analyzer Warnings

Expand Down
6 changes: 6 additions & 0 deletions src/libraries/Common/src/System/Obsoletions.cs
Original file line number Diff line number Diff line change
Expand Up @@ -110,5 +110,11 @@ internal static class Obsoletions

internal const string Rfc2898CryptDeriveKeyMessage = "Rfc2898DeriveBytes.CryptDeriveKey is obsolete and is not supported. Use PasswordDeriveBytes.CryptDeriveKey instead.";
internal const string Rfc2898CryptDeriveKeyDiagId = "SYSLIB0033";

internal const string CmsSignerCspParamsCtorMessage = "CmsSigner(CspParameters) is obsolete and is not supported. Use an alternative constructor instead.";
internal const string CmsSignerCspParamsCtorDiagId = "SYSLIB0034";

internal const string SignerInfoCounterSigMessage = "ComputeCounterSignature without specifying a CmsSigner is obsolete and is not supported. Use the overload that accepts a CmsSigner.";
internal const string SignerInfoCounterSigDiagId = "SYSLIB0035";
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,9 @@ public void Reset() { }
public sealed partial class CmsSigner
{
public CmsSigner() { }
#if NET6_0_OR_GREATER
[System.ObsoleteAttribute("CmsSigner(CspParameters) is obsolete and is not supported. Use an alternative constructor instead.", DiagnosticId = "SYSLIB0034", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")]
#endif
[System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)]
public CmsSigner(System.Security.Cryptography.CspParameters parameters) { }
public CmsSigner(System.Security.Cryptography.Pkcs.SubjectIdentifierType signerIdentifierType) { }
Expand Down Expand Up @@ -267,6 +270,9 @@ internal SignerInfo() { }
public void CheckHash() { }
public void CheckSignature(bool verifySignatureOnly) { }
public void CheckSignature(System.Security.Cryptography.X509Certificates.X509Certificate2Collection extraStore, bool verifySignatureOnly) { }
#if NET6_0_OR_GREATER
[System.ObsoleteAttribute("ComputeCounterSignature without specifying a CmsSigner is obsolete and is not supported. Use the overload that accepts a CmsSigner.", DiagnosticId = "SYSLIB0035", UrlFormat = "https://aka.ms/dotnet-warnings/{0}")]
#endif
[System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)]
public void ComputeCounterSignature() { }
public void ComputeCounterSignature(System.Security.Cryptography.Pkcs.CmsSigner signer) { }
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -317,6 +317,8 @@ System.Security.Cryptography.Pkcs.EnvelopedCms</PackageDescription>
<Compile Include="Internal\Cryptography\Pal\AnyOS\PkcsPal.AnyOS.cs" />
</ItemGroup>
<ItemGroup Condition="'$(IsPartialFacadeAssembly)' != 'true'">
<Compile Include="$(CommonPath)System\Obsoletions.cs"
Link="Common\System\Obsoletions.cs" />
<Compile Include="$(CommonPath)System\Memory\PointerMemoryManager.cs"
Link="Common\System\Memory\PointerMemoryManager.cs" />
<Compile Include="$(CommonPath)System\Security\Cryptography\CryptoPool.cs"
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.

using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Formats.Asn1;
Expand Down Expand Up @@ -51,15 +52,9 @@ public CmsSigner(X509Certificate2? certificate)
{
}

// This can be implemented with NETCOREAPP2_0 with the cert creation API.
// * Open the parameters as RSACSP (RSA PKCS#1 signature was hard-coded in netfx)
// * Which will fail on non-Windows
// * Create a certificate with subject CN=CMS Signer Dummy Certificate
// * Need to check against .NET Framework to find out what the NotBefore/NotAfter values are
// * No extensions
//
// Since it would only work on Windows, it could also be just done as P/Invokes to
// CertCreateSelfSignedCertificate on a split Windows/netstandard implementation.
#if NET6_0_OR_GREATER
[Obsolete(Obsoletions.CmsSignerCspParamsCtorMessage, DiagnosticId = Obsoletions.CmsSignerCspParamsCtorDiagId, UrlFormat = Obsoletions.SharedUrlFormat)]
#endif
public CmsSigner(CspParameters parameters) => throw new PlatformNotSupportedException();

public CmsSigner(SubjectIdentifierType signerIdentifierType, X509Certificate2? certificate) : this(signerIdentifierType, certificate, null)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -291,6 +291,9 @@ private SignerInfoCollection GetCounterSigners(AttributeAsn[] unsignedAttrs)
return new SignerInfoCollection(signerInfos.ToArray());
}

#if NET6_0_OR_GREATER
[Obsolete(Obsoletions.SignerInfoCounterSigMessage, DiagnosticId = Obsoletions.SignerInfoCounterSigDiagId, UrlFormat = Obsoletions.SharedUrlFormat)]
#endif
public void ComputeCounterSignature()
{
throw new PlatformNotSupportedException(SR.Cryptography_Cms_NoSignerCert);
Expand Down