Use of obsolete cryptography-related APIs can create security vulnerabilities such as algorithm with known weaknesses.
1public void ObsoleteCryptographyNoncompliant()
2{
3 X509Certificate2 certificate = new X509Certificate2();
4 // Noncompliant: `X509Certificate2.PrivateKey` is obsolete.
5 var privatekey = certificate.PrivateKey;
6}
1public void ObsoleteCryptographyCompliant()
2{
3 X509Certificate2 certificate = new X509Certificate2();
4 // Compliant: `X509Certificate2.GetRSAPrivateKey()` is safe.
5 var privatekey = certificate.GetRSAPrivateKey();
6}