Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In .NET 10, the behavior of X509Certificate and PublicKey has changed. When these objects contain a key without algorithm parameters, they now return null instead of an empty array.
Version introduced
.NET 10 Preview 3
Previous behavior
X509Certificate or PublicKey objects that contained a key without algorithm parameters would return an empty array when accessing the key algorithm parameters.
byte[] parameters = certificate.GetKeyAlgorithmParameters();
// parameters would be an empty array if no algorithm parameters were present
New behavior
X509Certificate or PublicKey objects that contain a key without algorithm parameters will return null when accessing the key algorithm parameters.
byte[] parameters = certificate.GetKeyAlgorithmParameters();
// parameters will be null if no algorithm parameters are present
Type of breaking change
This is both a behavioral and source compatibility change.
Reason for change
The X509Certificate, X509Certificate2, and PublicKey classes expose information about the Subject Public Key Info. One of the properties of the Subject Public Key Info is the parameters for the algorithm. A Subject Public Key Info is not required to contain algorithm parameters. Previously, this was represented as an empty byte array, which is not valid ASN.1. Attempting to encode or decode it would result in an exception. To more clearly represent absent key parameters, null is now returned, and the members that return algorithm parameters have been annotated to return nullable values.
Recommended action
When accessing a member that returns information about a subject public key info's algorithm parameters, expect the member to possibly return null and handle the null value accordingly.
byte[] parameters = certificate.GetKeyAlgorithmParameters();
if (parameters == null)
{
// Handle the absence of algorithm parameters
}
Affected APIs
- System.Security.Cryptography.X509Certificates.X509Certificate.GetKeyAlgorithmParameters()
- System.Security.Cryptography.X509Certificates.X509Certificate.GetKeyAlgorithmParametersString()
- System.Security.Cryptography.X509Certificates.PublicKey.PublicKey(Oid, AsnEncodedData, AsnEncodedData)
- System.Security.Cryptography.X509Certificates.PublicKey.EncodedParameters
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
