From e0cf7d9ae74ec21504abf8911380b0c290bfc809 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Fri, 18 Jul 2025 14:01:52 -0400 Subject: [PATCH 1/2] Remove experimental from ML-KEM where applicable --- .../src/System/Security/Cryptography/MLKem.cs | 30 ++++++++++++++++- .../Security/Cryptography/MLKemAlgorithm.cs | 1 - .../System/Security/Cryptography/MLKemCng.cs | 1 - .../ref/System.Security.Cryptography.cs | 33 ++++++++++++++++--- .../Security/Cryptography/MLKemOpenSsl.cs | 1 - 5 files changed, 58 insertions(+), 8 deletions(-) diff --git a/src/libraries/Common/src/System/Security/Cryptography/MLKem.cs b/src/libraries/Common/src/System/Security/Cryptography/MLKem.cs index 6230f02f81241b..0bcf585e0ec0c6 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/MLKem.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/MLKem.cs @@ -24,7 +24,6 @@ namespace System.Security.Cryptography /// cryptographic libraries. /// /// - [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public abstract partial class MLKem : IDisposable { private static readonly string[] s_knownOids = [Oids.MlKem512, Oids.MlKem768, Oids.MlKem1024]; @@ -633,6 +632,7 @@ public byte[] ExportEncapsulationKey() /// /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public bool TryExportSubjectPublicKeyInfo(Span destination, out int bytesWritten) { ThrowIfDisposed(); @@ -651,6 +651,7 @@ public bool TryExportSubjectPublicKeyInfo(Span destination, out int bytesW /// /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public byte[] ExportSubjectPublicKeyInfo() { ThrowIfDisposed(); @@ -671,6 +672,7 @@ public byte[] ExportSubjectPublicKeyInfo() /// /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public string ExportSubjectPublicKeyInfoPem() { ThrowIfDisposed(); @@ -700,6 +702,7 @@ public string ExportSubjectPublicKeyInfoPem() /// /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public bool TryExportPkcs8PrivateKey(Span destination, out int bytesWritten) { ThrowIfDisposed(); @@ -729,6 +732,7 @@ public bool TryExportPkcs8PrivateKey(Span destination, out int bytesWritte /// /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public byte[] ExportPkcs8PrivateKey() { ThrowIfDisposed(); @@ -747,6 +751,7 @@ public byte[] ExportPkcs8PrivateKey() /// /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public string ExportPkcs8PrivateKeyPem() { ThrowIfDisposed(); @@ -773,6 +778,7 @@ public string ExportPkcs8PrivateKeyPem() /// /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] protected abstract bool TryExportPkcs8PrivateKeyCore(Span destination, out int bytesWritten); /// @@ -811,6 +817,7 @@ public string ExportPkcs8PrivateKeyPem() /// -or- /// does not represent a valid password-based encryption algorithm. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public bool TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan password, PbeParameters pbeParameters, @@ -864,6 +871,7 @@ public bool TryExportEncryptedPkcs8PrivateKey( /// -or- /// does not represent a valid password-based encryption algorithm. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public bool TryExportEncryptedPkcs8PrivateKey( string password, PbeParameters pbeParameters, @@ -910,6 +918,7 @@ public bool TryExportEncryptedPkcs8PrivateKey( /// -or- /// does not represent a valid password-based encryption algorithm. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public bool TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan passwordBytes, PbeParameters pbeParameters, @@ -954,6 +963,7 @@ public bool TryExportEncryptedPkcs8PrivateKey( /// -or- /// does not represent a valid password-based encryption algorithm. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public byte[] ExportEncryptedPkcs8PrivateKey(ReadOnlySpan passwordBytes, PbeParameters pbeParameters) { ArgumentNullException.ThrowIfNull(pbeParameters); @@ -994,6 +1004,7 @@ public byte[] ExportEncryptedPkcs8PrivateKey(ReadOnlySpan passwordBytes, P /// -or- /// does not represent a valid password-based encryption algorithm. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public byte[] ExportEncryptedPkcs8PrivateKey(ReadOnlySpan password, PbeParameters pbeParameters) { ArgumentNullException.ThrowIfNull(pbeParameters); @@ -1034,6 +1045,7 @@ public byte[] ExportEncryptedPkcs8PrivateKey(ReadOnlySpan password, PbePar /// -or- /// does not represent a valid password-based encryption algorithm. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public byte[] ExportEncryptedPkcs8PrivateKey(string password, PbeParameters pbeParameters) { ArgumentNullException.ThrowIfNull(password); @@ -1068,6 +1080,7 @@ public byte[] ExportEncryptedPkcs8PrivateKey(string password, PbeParameters pbeP /// -or- /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public string ExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan passwordBytes, PbeParameters pbeParameters) { ArgumentNullException.ThrowIfNull(pbeParameters); @@ -1109,6 +1122,7 @@ public string ExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan passwordBytes /// -or- /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public string ExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan password, PbeParameters pbeParameters) { ArgumentNullException.ThrowIfNull(pbeParameters); @@ -1150,6 +1164,7 @@ public string ExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan password, Pbe /// -or- /// An error occurred while exporting the key. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public string ExportEncryptedPkcs8PrivateKeyPem(string password, PbeParameters pbeParameters) { ArgumentNullException.ThrowIfNull(password); @@ -1182,6 +1197,7 @@ public string ExportEncryptedPkcs8PrivateKeyPem(string password, PbeParameters p /// The platform does not support ML-KEM. Callers can use the property /// to determine if the platform supports ML-KEM. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportSubjectPublicKeyInfo(ReadOnlySpan source) { Helpers.ThrowIfAsnInvalidLength(source); @@ -1208,6 +1224,7 @@ static void SubjectPublicKeyReader(ReadOnlyMemory key, in AlgorithmIdentif /// /// is /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportSubjectPublicKeyInfo(byte[] source) { ArgumentNullException.ThrowIfNull(source); @@ -1244,6 +1261,7 @@ public static MLKem ImportSubjectPublicKeyInfo(byte[] source) /// The platform does not support ML-KEM. Callers can use the property /// to determine if the platform supports ML-KEM. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportPkcs8PrivateKey(ReadOnlySpan source) { Helpers.ThrowIfAsnInvalidLength(source); @@ -1258,6 +1276,7 @@ public static MLKem ImportPkcs8PrivateKey(ReadOnlySpan source) /// /// is /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportPkcs8PrivateKey(byte[] source) { ArgumentNullException.ThrowIfNull(source); @@ -1302,6 +1321,7 @@ public static MLKem ImportPkcs8PrivateKey(byte[] source) /// The platform does not support ML-KEM. Callers can use the property /// to determine if the platform supports ML-KEM. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportEncryptedPkcs8PrivateKey(ReadOnlySpan passwordBytes, ReadOnlySpan source) { Helpers.ThrowIfAsnInvalidLength(source); @@ -1347,6 +1367,7 @@ public static MLKem ImportEncryptedPkcs8PrivateKey(ReadOnlySpan passwordBy /// The platform does not support ML-KEM. Callers can use the property /// to determine if the platform supports ML-KEM. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportEncryptedPkcs8PrivateKey(ReadOnlySpan password, ReadOnlySpan source) { Helpers.ThrowIfAsnInvalidLength(source); @@ -1395,6 +1416,7 @@ public static MLKem ImportEncryptedPkcs8PrivateKey(ReadOnlySpan password, /// The platform does not support ML-KEM. Callers can use the property /// to determine if the platform supports ML-KEM. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportEncryptedPkcs8PrivateKey(string password, byte[] source) { ArgumentNullException.ThrowIfNull(password); @@ -1441,6 +1463,7 @@ public static MLKem ImportEncryptedPkcs8PrivateKey(string password, byte[] sourc /// /// /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportFromPem(ReadOnlySpan source) { ThrowIfNotSupported(); @@ -1458,6 +1481,7 @@ public static MLKem ImportFromPem(ReadOnlySpan source) /// /// is /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportFromPem(string source) { ArgumentNullException.ThrowIfNull(source); @@ -1519,6 +1543,7 @@ public static MLKem ImportFromPem(string source) /// /// This method supports the ENCRYPTED PRIVATE KEY PEM label. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportFromEncryptedPem(ReadOnlySpan source, ReadOnlySpan password) { return PemKeyHelpers.ImportEncryptedFactoryPem( @@ -1577,6 +1602,7 @@ public static MLKem ImportFromEncryptedPem(ReadOnlySpan source, ReadOnlySp /// /// This method supports the ENCRYPTED PRIVATE KEY PEM label. /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportFromEncryptedPem(ReadOnlySpan source, ReadOnlySpan passwordBytes) { return PemKeyHelpers.ImportEncryptedFactoryPem( @@ -1589,6 +1615,7 @@ public static MLKem ImportFromEncryptedPem(ReadOnlySpan source, ReadOnlySp /// /// or is /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportFromEncryptedPem(string source, string password) { ArgumentNullException.ThrowIfNull(source); @@ -1601,6 +1628,7 @@ public static MLKem ImportFromEncryptedPem(string source, string password) /// /// or is /// + [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static MLKem ImportFromEncryptedPem(string source, byte[] passwordBytes) { ArgumentNullException.ThrowIfNull(source); diff --git a/src/libraries/Common/src/System/Security/Cryptography/MLKemAlgorithm.cs b/src/libraries/Common/src/System/Security/Cryptography/MLKemAlgorithm.cs index 03114c63378e44..e3bf5c0aa08c42 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/MLKemAlgorithm.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/MLKemAlgorithm.cs @@ -11,7 +11,6 @@ namespace System.Security.Cryptography /// /// [DebuggerDisplay("{Name,nq}")] - [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public sealed class MLKemAlgorithm : IEquatable { private MLKemAlgorithm( diff --git a/src/libraries/Common/src/System/Security/Cryptography/MLKemCng.cs b/src/libraries/Common/src/System/Security/Cryptography/MLKemCng.cs index 0af40a873709da..c7f8f8d64fabdb 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/MLKemCng.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/MLKemCng.cs @@ -22,7 +22,6 @@ namespace System.Security.Cryptography /// cryptographic libraries. /// /// - [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public sealed partial class MLKemCng : MLKem { private CngKey _key; diff --git a/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs b/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs index 67d78236248a83..ec407abf738b13 100644 --- a/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs +++ b/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs @@ -2034,7 +2034,6 @@ protected override void SignPreHashCore(System.ReadOnlySpan hash, System.R protected override bool VerifyDataCore(System.ReadOnlySpan data, System.ReadOnlySpan context, System.ReadOnlySpan signature) { throw null; } protected override bool VerifyPreHashCore(System.ReadOnlySpan hash, System.ReadOnlySpan context, string hashAlgorithmOid, System.ReadOnlySpan signature) { throw null; } } - [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public abstract partial class MLKem : System.IDisposable { protected MLKem(System.Security.Cryptography.MLKemAlgorithm algorithm) { } @@ -2054,47 +2053,75 @@ public void ExportDecapsulationKey(System.Span destination) { } public byte[] ExportEncapsulationKey() { throw null; } public void ExportEncapsulationKey(System.Span destination) { } protected abstract void ExportEncapsulationKeyCore(System.Span destination); + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public byte[] ExportEncryptedPkcs8PrivateKey(System.ReadOnlySpan passwordBytes, System.Security.Cryptography.PbeParameters pbeParameters) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public byte[] ExportEncryptedPkcs8PrivateKey(System.ReadOnlySpan password, System.Security.Cryptography.PbeParameters pbeParameters) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public byte[] ExportEncryptedPkcs8PrivateKey(string password, System.Security.Cryptography.PbeParameters pbeParameters) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public string ExportEncryptedPkcs8PrivateKeyPem(System.ReadOnlySpan passwordBytes, System.Security.Cryptography.PbeParameters pbeParameters) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public string ExportEncryptedPkcs8PrivateKeyPem(System.ReadOnlySpan password, System.Security.Cryptography.PbeParameters pbeParameters) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public string ExportEncryptedPkcs8PrivateKeyPem(string password, System.Security.Cryptography.PbeParameters pbeParameters) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public byte[] ExportPkcs8PrivateKey() { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public string ExportPkcs8PrivateKeyPem() { throw null; } public byte[] ExportPrivateSeed() { throw null; } public void ExportPrivateSeed(System.Span destination) { } protected abstract void ExportPrivateSeedCore(System.Span destination); + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public byte[] ExportSubjectPublicKeyInfo() { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public string ExportSubjectPublicKeyInfoPem() { throw null; } public static System.Security.Cryptography.MLKem GenerateKey(System.Security.Cryptography.MLKemAlgorithm algorithm) { throw null; } public static System.Security.Cryptography.MLKem ImportDecapsulationKey(System.Security.Cryptography.MLKemAlgorithm algorithm, byte[] source) { throw null; } public static System.Security.Cryptography.MLKem ImportDecapsulationKey(System.Security.Cryptography.MLKemAlgorithm algorithm, System.ReadOnlySpan source) { throw null; } public static System.Security.Cryptography.MLKem ImportEncapsulationKey(System.Security.Cryptography.MLKemAlgorithm algorithm, byte[] source) { throw null; } public static System.Security.Cryptography.MLKem ImportEncapsulationKey(System.Security.Cryptography.MLKemAlgorithm algorithm, System.ReadOnlySpan source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportEncryptedPkcs8PrivateKey(System.ReadOnlySpan passwordBytes, System.ReadOnlySpan source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportEncryptedPkcs8PrivateKey(System.ReadOnlySpan password, System.ReadOnlySpan source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportEncryptedPkcs8PrivateKey(string password, byte[] source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportFromEncryptedPem(System.ReadOnlySpan source, System.ReadOnlySpan passwordBytes) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportFromEncryptedPem(System.ReadOnlySpan source, System.ReadOnlySpan password) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportFromEncryptedPem(string source, byte[] passwordBytes) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportFromEncryptedPem(string source, string password) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportFromPem(System.ReadOnlySpan source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportFromPem(string source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportPkcs8PrivateKey(byte[] source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportPkcs8PrivateKey(System.ReadOnlySpan source) { throw null; } public static System.Security.Cryptography.MLKem ImportPrivateSeed(System.Security.Cryptography.MLKemAlgorithm algorithm, byte[] source) { throw null; } public static System.Security.Cryptography.MLKem ImportPrivateSeed(System.Security.Cryptography.MLKemAlgorithm algorithm, System.ReadOnlySpan source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportSubjectPublicKeyInfo(byte[] source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.MLKem ImportSubjectPublicKeyInfo(System.ReadOnlySpan source) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public bool TryExportEncryptedPkcs8PrivateKey(System.ReadOnlySpan passwordBytes, System.Security.Cryptography.PbeParameters pbeParameters, System.Span destination, out int bytesWritten) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public bool TryExportEncryptedPkcs8PrivateKey(System.ReadOnlySpan password, System.Security.Cryptography.PbeParameters pbeParameters, System.Span destination, out int bytesWritten) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public bool TryExportEncryptedPkcs8PrivateKey(string password, System.Security.Cryptography.PbeParameters pbeParameters, System.Span destination, out int bytesWritten) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public bool TryExportPkcs8PrivateKey(System.Span destination, out int bytesWritten) { throw null; } + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] protected abstract bool TryExportPkcs8PrivateKeyCore(System.Span destination, out int bytesWritten); + [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public bool TryExportSubjectPublicKeyInfo(System.Span destination, out int bytesWritten) { throw null; } } - [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public sealed partial class MLKemAlgorithm : System.IEquatable { internal MLKemAlgorithm() { } @@ -2114,7 +2141,6 @@ internal MLKemAlgorithm() { } public static bool operator !=(System.Security.Cryptography.MLKemAlgorithm? left, System.Security.Cryptography.MLKemAlgorithm? right) { throw null; } public override string ToString() { throw null; } } - [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public sealed partial class MLKemCng : System.Security.Cryptography.MLKem { [System.Runtime.Versioning.SupportedOSPlatformAttribute("windows")] @@ -2128,7 +2154,6 @@ protected override void ExportPrivateSeedCore(System.Span destination) { } public System.Security.Cryptography.CngKey GetKey() { throw null; } protected override bool TryExportPkcs8PrivateKeyCore(System.Span destination, out int bytesWritten) { throw null; } } - [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public sealed partial class MLKemOpenSsl : System.Security.Cryptography.MLKem { [System.Runtime.Versioning.UnsupportedOSPlatformAttribute("android")] diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/MLKemOpenSsl.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/MLKemOpenSsl.cs index 2cc2f37afbbb26..85829d67b4ba5b 100644 --- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/MLKemOpenSsl.cs +++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/MLKemOpenSsl.cs @@ -20,7 +20,6 @@ namespace System.Security.Cryptography /// cryptographic libraries. /// /// - [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public sealed partial class MLKemOpenSsl : MLKem { private readonly SafeEvpPKeyHandle _key; From 4ae98e79a9e94c05b3cd8b0df57184d7c0fead03 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Fri, 18 Jul 2025 14:15:15 -0400 Subject: [PATCH 2/2] Remove from CNG identifiers --- .../ref/System.Security.Cryptography.cs | 5 ----- .../src/System/Security/Cryptography/CngAlgorithm.cs | 1 - .../src/System/Security/Cryptography/CngAlgorithmGroup.cs | 1 - .../src/System/Security/Cryptography/CngKeyBlobFormat.cs | 3 --- 4 files changed, 10 deletions(-) diff --git a/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs b/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs index ec407abf738b13..b4a786926b7d49 100644 --- a/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs +++ b/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs @@ -335,7 +335,6 @@ public CngAlgorithm(string algorithm) { } public static System.Security.Cryptography.CngAlgorithm MD5 { get { throw null; } } [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.CngAlgorithm MLDsa { get { throw null; } } - [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.CngAlgorithm MLKem { get { throw null; } } public static System.Security.Cryptography.CngAlgorithm Rsa { get { throw null; } } public static System.Security.Cryptography.CngAlgorithm Sha1 { get { throw null; } } @@ -359,7 +358,6 @@ public CngAlgorithmGroup(string algorithmGroup) { } public static System.Security.Cryptography.CngAlgorithmGroup ECDsa { get { throw null; } } [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.CngAlgorithmGroup MLDsa { get { throw null; } } - [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.CngAlgorithmGroup MLKem { get { throw null; } } public static System.Security.Cryptography.CngAlgorithmGroup Rsa { get { throw null; } } public override bool Equals([System.Diagnostics.CodeAnalysis.NotNullWhenAttribute(true)] object? obj) { throw null; } @@ -436,11 +434,8 @@ public CngKeyBlobFormat(string format) { } public string Format { get { throw null; } } public static System.Security.Cryptography.CngKeyBlobFormat GenericPrivateBlob { get { throw null; } } public static System.Security.Cryptography.CngKeyBlobFormat GenericPublicBlob { get { throw null; } } - [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.CngKeyBlobFormat MLKemPrivateBlob { get { throw null; } } - [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.CngKeyBlobFormat MLKemPrivateSeedBlob { get { throw null; } } - [System.Diagnostics.CodeAnalysis.ExperimentalAttribute("SYSLIB5006", UrlFormat="https://aka.ms/dotnet-warnings/{0}")] public static System.Security.Cryptography.CngKeyBlobFormat MLKemPublicBlob { get { throw null; } } public static System.Security.Cryptography.CngKeyBlobFormat OpaqueTransportBlob { get { throw null; } } public static System.Security.Cryptography.CngKeyBlobFormat Pkcs8PrivateBlob { get { throw null; } } diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngAlgorithm.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngAlgorithm.cs index 2adf7190b28905..01f293852c3316 100644 --- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngAlgorithm.cs +++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngAlgorithm.cs @@ -216,7 +216,6 @@ public static CngAlgorithm Sha512 /// A new object that specifies the Module-Lattice-Based Key-Encapsulation /// Mechanism (ML-KEM). /// - [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static CngAlgorithm MLKem => field ??= new CngAlgorithm("ML-KEM"); // BCRYPT_MLKEM_ALGORITHM private static CngAlgorithm? s_ecdh; diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngAlgorithmGroup.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngAlgorithmGroup.cs index 94c41f31785cfd..b73ef73ee09089 100644 --- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngAlgorithmGroup.cs +++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngAlgorithmGroup.cs @@ -144,7 +144,6 @@ public static CngAlgorithmGroup Rsa /// /// An object that specifies the ML-KEM family of algorithms. /// - [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static CngAlgorithmGroup MLKem => field ??= new CngAlgorithmGroup("MLKEM"); // NCRYPT_MLKEM_ALGORITHM_GROUP diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngKeyBlobFormat.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngKeyBlobFormat.cs index 3274a260836067..7210031f566e0b 100644 --- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngKeyBlobFormat.cs +++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/CngKeyBlobFormat.cs @@ -190,7 +190,6 @@ public static CngKeyBlobFormat GenericPublicBlob /// /// The value identified by this blob format is "MLKEMPUBLICBLOB". /// - [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static CngKeyBlobFormat MLKemPublicBlob => field ??= new CngKeyBlobFormat("MLKEMPUBLICBLOB"); /// @@ -204,7 +203,6 @@ public static CngKeyBlobFormat GenericPublicBlob /// /// The value identified by this blob format is "MLKEMPRIVATEBLOB". /// - [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static CngKeyBlobFormat MLKemPrivateBlob => field ??= new CngKeyBlobFormat("MLKEMPRIVATEBLOB"); /// @@ -218,7 +216,6 @@ public static CngKeyBlobFormat GenericPublicBlob /// /// The value identified by this blob format is "MLKEMPRIVATESEEDBLOB". /// - [Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)] public static CngKeyBlobFormat MLKemPrivateSeedBlob => field ??= new CngKeyBlobFormat("MLKEMPRIVATESEEDBLOB"); public static CngKeyBlobFormat OpaqueTransportBlob