Add .NET Fx -> Core breaking change for ComputeSignature (#17037)

gewarren · web-flow · commit fc7590142e52 · 2020-02-11T13:02:45.000-08:00
* fixes #17003 * review on staging * add index link
diff --git a/docs/core/compatibility/cryptography.md b/docs/core/compatibility/cryptography.md
@@ -1,16 +1,19 @@
 ---
 title: Cryptography breaking changes
-description: Lists the breaking cryptography-related changes in .NET Core.
-ms.date: "09/20/2019"
+description: Lists cryptography-related breaking changes in .NET Core.
+ms.date: 02/10/2020
 ---
 # Cryptography breaking changes
 
 The following breaking changes are documented on this page:
 
-- [EnvelopedCms defaults to AES-256 encryption](#envelopedcms-defaults-to-aes-256-encryption)
-- [Minimum size for RSAOpenSsl key generation has increased](#minimum-size-for-rsaopenssl-key-generation-has-increased)
-- [.NET Core 3.0 prefers OpenSSL 1.1.x to OpenSSL 1.0.x](#net-core-30-prefers-openssl-11x-to-openssl-10x)
-- [Better argument validation in the Pkcs8PrivateKeyInfo constructor](#better-argument-validation-in-the-pkcs8privatekeyinfo-constructor)
+| Breaking change | Version introduced |
+| - | :-: |
+| [EnvelopedCms defaults to AES-256 encryption](#envelopedcms-defaults-to-aes-256-encryption) | 3.0 |
+| [Minimum size for RSAOpenSsl key generation has increased](#minimum-size-for-rsaopenssl-key-generation-has-increased) | 3.0 |
+| [.NET Core 3.0 prefers OpenSSL 1.1.x to OpenSSL 1.0.x](#net-core-30-prefers-openssl-11x-to-openssl-10x) | 3.0 |
+| [Better argument validation in the Pkcs8PrivateKeyInfo constructor](#better-argument-validation-in-the-pkcs8privatekeyinfo-constructor) | 3.0 |
+| [Boolean parameter of SignedCms.ComputeSignature is respected](#boolean-parameter-of-signedcmscomputesignature-is-respected) | 2.1 |
 
 ## .NET Core 3.0
 
@@ -26,8 +29,12 @@ The following breaking changes are documented on this page:
 
 ***
 
-## .NET Core 3.0 Preview 9
-
 [!INCLUDE[Better argument validation in the Pkcs8PrivateKeyInfo constructor](~/includes/core-changes/cryptography/3.0/better-argument-validation-in-pkcs8privatekeyinfo-ctor.md)]
 
 ***
+
+## .NET Core 2.1
+
+[!INCLUDE [Boolean parameter of SignedCms.ComputeSignature is respected](~/includes/core-changes/cryptography/2.1/compute-signature-silent-parameter.md)]
+
+***
diff --git a/docs/core/compatibility/fx-core.md b/docs/core/compatibility/fx-core.md
@@ -21,6 +21,16 @@ If you're migrating an app from .NET Framework to .NET Core, the breaking change
 
 ***
 
+## Cryptography
+
+- [Boolean parameter of SignedCms.ComputeSignature is respected](#boolean-parameter-of-signedcmscomputesignature-is-respected)
+
+### .NET Core 2.1
+
+[!INCLUDE [Boolean parameter of SignedCms.ComputeSignature is respected](~/includes/core-changes/cryptography/2.1/compute-signature-silent-parameter.md)]
+
+***
+
 ## Windows Forms
 
 Windows Forms support was added to .NET Core in version 3.0. If you're migrating a Windows Forms app from .NET Framework to .NET Core, the breaking changes listed here may affect your app.
diff --git a/includes/core-changes/cryptography/2.1/compute-signature-silent-parameter.md b/includes/core-changes/cryptography/2.1/compute-signature-silent-parameter.md
@@ -0,0 +1,33 @@
+### Boolean parameter of SignedCms.ComputeSignature is respected
+
+In .NET Core, the Boolean `silent` parameter of the <xref:System.Security.Cryptography.Pkcs.SignedCms.ComputeSignature(System.Security.Cryptography.Pkcs.CmsSigner,System.Boolean)?displayProperty=nameWithType> method is respected. A PIN prompt is not shown if this parameter is set to `true`.
+
+#### Change description
+
+In .NET Framework, the `silent` parameter of the <xref:System.Security.Cryptography.Pkcs.SignedCms.ComputeSignature(System.Security.Cryptography.Pkcs.CmsSigner,System.Boolean)?displayProperty=nameWithType> method is ignored, and a PIN prompt is always shown if required by the provider. In .NET Core, the `silent` parameter is respected, and if set to `true`, a PIN prompt is never shown, even if it's required by the provider.
+
+Support for CMS/PKCS #7 messages was introduced into .NET Core in version 2.1.
+
+#### Version introduced
+
+2.1
+
+#### Recommended action
+
+To ensure a PIN prompt appears if required, desktop applications should call <xref:System.Security.Cryptography.Pkcs.SignedCms.ComputeSignature(System.Security.Cryptography.Pkcs.CmsSigner,System.Boolean)?displayProperty=nameWithType> and set the Boolean parameter to `false`. The resulting behavior is the same as on .NET Framework regardless of whether the silent context is disabled there.
+
+### Category
+
+Cryptography
+
+### Affected APIs
+
+- <xref:System.Security.Cryptography.Pkcs.SignedCms.ComputeSignature(System.Security.Cryptography.Pkcs.CmsSigner,System.Boolean)?displayProperty=nameWithType>
+
+<!--
+
+### Affected APIs
+
+- `M:System.Security.Cryptography.Pkcs.SignedCms.ComputeSignature(System.Security.Cryptography.Pkcs.CmsSigner,System.Boolean)`
+
+-->
diff --git a/includes/core-changes/cryptography/3.0/better-argument-validation-in-pkcs8privatekeyinfo-ctor.md b/includes/core-changes/cryptography/3.0/better-argument-validation-in-pkcs8privatekeyinfo-ctor.md
@@ -45,6 +45,6 @@ Cryptography
 
 ### Affected APIs
 
-- `M:System.Security.Cryptography.Pkcs.Pkcs8PrivateKeyInfo.#ctor(System.Security.Cryptography.Oid,System.Nullable{System.ReadOnlyMemory{System.Byte}},System.ReadOnlyMemory{System.Byte},System.Boolean))
+- `M:System.Security.Cryptography.Pkcs.Pkcs8PrivateKeyInfo.#ctor(System.Security.Cryptography.Oid,System.Nullable{System.ReadOnlyMemory{System.Byte}},System.ReadOnlyMemory{System.Byte},System.Boolean)`
 
 -->
