|
| 1 | +--- |
| 2 | +title: "Breaking change - CoseSigner.Key may now be null" |
| 3 | +description: "Learn about the breaking change in .NET 10 where CoseSigner.Key may now be null when backed by Post-Quantum Cryptography algorithms." |
| 4 | +ms.date: 01/25/2025 |
| 5 | +ai-usage: ai-assisted |
| 6 | +ms.custom: https://github.com/dotnet/docs/issues/46999 |
| 7 | +--- |
| 8 | + |
| 9 | +# CoseSigner.Key may now be null |
| 10 | + |
| 11 | +In .NET 10, the <xref:System.Security.Cryptography.Cose.CoseSigner.Key?displayProperty=fullName> property may now return `null`. If `CoseSigner` is backed by an RSA or ECDSA key, then `CoseSigner.Key` continues to return the key and it's non-null. However, when `CoseSigner` is backed by a key that doesn't derive from `AsymmetricAlgorithm`, like `MLDsa` (a new Post-Quantum Cryptography (PQC) signing algorithm), `CoseSigner.Key` returns `null`. |
| 12 | + |
| 13 | +## Version introduced |
| 14 | + |
| 15 | +.NET 10 Preview 7 |
| 16 | + |
| 17 | +## Previous behavior |
| 18 | + |
| 19 | +`CoseSigner.Key` couldn't be `null`. It had type `AsymmetricAlgorithm`. |
| 20 | + |
| 21 | +```csharp |
| 22 | +using RSA rsaKey = RSA.Create(); |
| 23 | +CoseSigner signer = new CoseSigner(rsaKey, RSASignaturePadding.Pss, HashAlgorithmName.SHA512); |
| 24 | +AsymmetricAlgorithm key = signer.Key; // key was never null |
| 25 | +``` |
| 26 | + |
| 27 | +## New behavior |
| 28 | + |
| 29 | +`CoseSigner.Key` can be `null`. It now has type `AsymmetricAlgorithm?`. |
| 30 | + |
| 31 | +```csharp |
| 32 | +using RSA rsaKey = RSA.Create(); |
| 33 | + |
| 34 | +CoseSigner signer = new CoseSigner(rsaKey, RSASignaturePadding.Pss, HashAlgorithmName.SHA512); |
| 35 | +// signer.Key is rsaKey here |
| 36 | +
|
| 37 | +// CoseKey is a new abstraction for all keys used in COSE |
| 38 | +CoseKey coseKey = new CoseKey(rsaKey, RSASignaturePadding.Pss, HashAlgorithmName.SHA512); |
| 39 | +signer = new CoseSigner(coseKey); |
| 40 | +// signer.Key is rsaKey here |
| 41 | +
|
| 42 | +using MLDsa mldsa = MLDsa.GenerateKey(MLDsaAlgorithm.MLDsa44); |
| 43 | + |
| 44 | +coseKey = new CoseKey(mldsa); |
| 45 | +signer = new CoseSigner(coseKey); |
| 46 | +// signer.Key is null here |
| 47 | +``` |
| 48 | + |
| 49 | +## Type of breaking change |
| 50 | + |
| 51 | +This is both a [behavioral change](../../categories.md#behavioral-change) and [source compatibility](../../categories.md#source-compatibility) change. |
| 52 | + |
| 53 | +## Reason for change |
| 54 | + |
| 55 | +With the introduction of new signing algorithms such as ML-DSA, .NET has moved away from using `AsymmetricAlgorithm` as the universal base class for all asymmetric algorithms. Likewise, `CoseSigner` can now be constructed with a key that doesn't derive from `AsymmetricAlgorithm`. In this case `CoseSigner.Key` can't return an `AsymmetricAlgorithm` representing the underlying key and thus returns `null` instead. |
| 56 | + |
| 57 | +This change was introduced in <https://github.com/dotnet/runtime/pull/115158>. |
| 58 | + |
| 59 | +## Recommended action |
| 60 | + |
| 61 | +`CoseSigner.Key` can still be used, but callers should handle `null` values. |
| 62 | + |
| 63 | +```csharp |
| 64 | +AsymmetricAlgorithm? key = signer.Key; |
| 65 | +if (key != null) |
| 66 | +{ |
| 67 | + // Use the key for operations that require AsymmetricAlgorithm |
| 68 | +} |
| 69 | +else |
| 70 | +{ |
| 71 | + // Handle the case where the signer is backed by a non-AsymmetricAlgorithm key |
| 72 | +} |
| 73 | +``` |
| 74 | + |
| 75 | +## Affected APIs |
| 76 | + |
| 77 | +- <xref:System.Security.Cryptography.Cose.CoseSigner.Key?displayProperty=fullName> |
0 commit comments