Obsolete Cryptography Critical

Use of obsolete cryptography-related APIs can create security vulnerabilities such as algorithm with known weaknesses.

Detector ID
csharp/obsolete-cryptography@v1.0
Category
Common Weakness Enumeration (CWE) external icon
Tags
-

Noncompliant example

1public void ObsoleteCryptographyNoncompliant()
2{
3    X509Certificate2 certificate = new X509Certificate2();
4    // Noncompliant: `X509Certificate2.PrivateKey` is obsolete.
5    var privatekey = certificate.PrivateKey;
6}

Compliant example

1public void ObsoleteCryptographyCompliant()
2{
3    X509Certificate2 certificate = new X509Certificate2();
4    // Compliant: `X509Certificate2.GetRSAPrivateKey()` is safe.
5    var privatekey = certificate.GetRSAPrivateKey();
6}