Merge pull request #10475 from dotnet/main

Merge main into live

Author: dotnet-policy-service[bot]

snippets/csharp/System.Security.Cryptography/Aes/Overview/program.cs

@@ -60,8 +60,9 @@ static byte[] EncryptStringToBytes_Aes(string plainText, byte[] Key, byte[] IV)
                             //Write all data to the stream.
                             swEncrypt.Write(plainText);
                         }
-                        encrypted = msEncrypt.ToArray();
                     }
+
+                    encrypted = msEncrypt.ToArray();
                 }
             }
 

snippets/csharp/System.Security.Cryptography/AesCryptoServiceProvider/Overview/program.cs

@@ -59,8 +59,9 @@ static byte[] EncryptStringToBytes_Aes(string plainText, byte[] Key, byte[] IV)
                             //Write all data to the stream.
                             swEncrypt.Write(plainText);
                         }
-                        encrypted = msEncrypt.ToArray();
                     }
+
+                    encrypted = msEncrypt.ToArray();
                 }
             }
 
@@ -115,4 +116,4 @@ static string DecryptStringFromBytes_Aes(byte[] cipherText, byte[] Key, byte[] I
         //</Snippet3>
     }
 }
-//</Snippet1>
+//</Snippet1>

snippets/csharp/System.Security.Cryptography/AesManaged/Overview/program.cs

@@ -59,8 +59,9 @@ static byte[] EncryptStringToBytes_Aes(string plainText, byte[] Key, byte[] IV)
                             //Write all data to the stream.
                             swEncrypt.Write(plainText);
                         }
-                        encrypted = msEncrypt.ToArray();
                     }
+
+                    encrypted = msEncrypt.ToArray();
                 }
             }
 
@@ -115,4 +116,4 @@ static string DecryptStringFromBytes_Aes(byte[] cipherText, byte[] Key, byte[] I
         //</Snippet3>
     }
 }
-//</Snippet1>
+//</Snippet1>

snippets/csharp/System.Security.Cryptography/RijndaelManaged/Overview/class1.cs

@@ -70,8 +70,9 @@ static byte[] EncryptStringToBytes(string plainText, byte[] Key, byte[] IV)
                             //Write all data to the stream.
                             swEncrypt.Write(plainText);
                         }
-                        encrypted = msEncrypt.ToArray();
                     }
+
+                    encrypted = msEncrypt.ToArray();
                 }
             }
 

xml/System.Security.Cryptography/AesCcm.xml

@@ -212,7 +212,8 @@ The <paramref name="nonce" /> parameter length is not permitted by <see cref="P:
 
 The <paramref name="tag" /> parameter length is not permitted by <see cref="P:System.Security.Cryptography.AesCcm.TagByteSizes" />.</exception>
         <exception cref="T:System.ArgumentNullException">The <paramref name="nonce" />, <paramref name="ciphertext" />, <paramref name="tag" />, or <paramref name="plaintext" /> parameter is <see langword="null" />.</exception>
-        <exception cref="T:System.Security.Cryptography.CryptographicException">The tag value could not be verified, or the decryption operation otherwise failed.</exception>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">The decryption operation failed. Prior to .NET 8, indicates the tag value could not be verified.</exception>
+        <exception cref="T:System.Security.Cryptography.AuthenticationTagMismatchException">.NET 8 and later versions: the tag value could not be verified.</exception>
       </Docs>
     </Member>
     <Member MemberName="Decrypt">
@@ -280,7 +281,8 @@ The <paramref name="nonce" /> parameter length is not permitted by <see cref="P:
 -or-
 
 The <paramref name="tag" /> parameter length is not permitted by <see cref="P:System.Security.Cryptography.AesCcm.TagByteSizes" />.</exception>
-        <exception cref="T:System.Security.Cryptography.CryptographicException">The tag value could not be verified, or the decryption operation otherwise failed.</exception>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">The decryption operation failed. Prior to .NET 8, indicates the tag value could not be verified.</exception>
+        <exception cref="T:System.Security.Cryptography.AuthenticationTagMismatchException">.NET 8 and later versions: the tag value could not be verified.</exception>
       </Docs>
     </Member>
     <Member MemberName="Dispose">

xml/System.Security.Cryptography/AesGcm.xml

@@ -305,7 +305,8 @@ The <paramref name="nonce" /> parameter length is not permitted by <see cref="P:
 
 The <paramref name="tag" /> parameter length is not permitted by <see cref="P:System.Security.Cryptography.AesGcm.TagByteSizes" />.</exception>
         <exception cref="T:System.ArgumentNullException">The <paramref name="nonce" />, <paramref name="ciphertext" />, <paramref name="tag" />, or <paramref name="plaintext" /> parameter is <see langword="null" />.</exception>
-        <exception cref="T:System.Security.Cryptography.CryptographicException">The tag value could not be verified, or the decryption operation otherwise failed.</exception>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">The decryption operation failed. Prior to .NET 8, indicates the tag value could not be verified.</exception>
+        <exception cref="T:System.Security.Cryptography.AuthenticationTagMismatchException">.NET 8 and later versions: the tag value could not be verified.</exception>
       </Docs>
     </Member>
     <Member MemberName="Decrypt">
@@ -373,7 +374,8 @@ The <paramref name="nonce" /> parameter length is not permitted by <see cref="P:
 -or-
 
 The <paramref name="tag" /> parameter length is not permitted by <see cref="P:System.Security.Cryptography.AesGcm.TagByteSizes" />.</exception>
-        <exception cref="T:System.Security.Cryptography.CryptographicException">The tag value could not be verified, or the decryption operation otherwise failed.</exception>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">The decryption operation failed. Prior to .NET 8, indicates the tag value could not be verified.</exception>
+        <exception cref="T:System.Security.Cryptography.AuthenticationTagMismatchException">.NET 8 and later versions: the tag value could not be verified.</exception>
       </Docs>
     </Member>
     <Member MemberName="Dispose">

xml/System.Security.Cryptography/ChaCha20Poly1305.xml

@@ -183,7 +183,8 @@ The <paramref name="nonce" /> parameter length is not 12 bytes (96 bits).
 
 The <paramref name="tag" /> parameter length is not 16 bytes (128 bits).</exception>
         <exception cref="T:System.ArgumentNullException">The <paramref name="nonce" />, <paramref name="ciphertext" />, <paramref name="tag" />, or <paramref name="plaintext" /> parameter is <see langword="null" />.</exception>
-        <exception cref="T:System.Security.Cryptography.CryptographicException">The tag value could not be verified, or the decryption operation otherwise failed.</exception>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">The decryption operation failed. Prior to .NET 8, indicates the tag value could not be verified.</exception>
+        <exception cref="T:System.Security.Cryptography.AuthenticationTagMismatchException">.NET 8 and later versions: the tag value could not be verified.</exception>
       </Docs>
     </Member>
     <Member MemberName="Decrypt">
@@ -238,7 +239,8 @@ The <paramref name="nonce" /> parameter length is not 12 bytes (96 bits).
 -or-
 
 The <paramref name="tag" /> parameter length is not 16 bytes (128 bits).</exception>
-        <exception cref="T:System.Security.Cryptography.CryptographicException">The tag value could not be verified, or the decryption operation otherwise failed.</exception>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">The decryption operation failed. Prior to .NET 8, indicates the tag value could not be verified.</exception>
+        <exception cref="T:System.Security.Cryptography.AuthenticationTagMismatchException">.NET 8 and later versions: the tag value could not be verified.</exception>
       </Docs>
     </Member>
     <Member MemberName="Dispose">

xml/System.Security.Cryptography/IncrementalHash.xml

@@ -449,13 +449,7 @@
       </Parameters>
       <Docs>
         <param name="hashAlgorithm">The name of the hash algorithm to perform within the HMAC.</param>
-        <param name="key">
-                The secret key for the HMAC. The key can be any length, but a key longer than the output size
-                of the hash algorithm specified by <paramref name="hashAlgorithm" /> will be hashed (using the
-                algorithm specified by <paramref name="hashAlgorithm" />) to derive a correctly-sized key. Therefore,
-                the recommended size of the secret key is the output size of the hash specified by
-                <paramref name="hashAlgorithm" />.
-            </param>
+        <param name="key">The secret key for the HMAC.</param>
         <summary>
             Create an <see cref="T:System.Security.Cryptography.IncrementalHash" /> for the Hash-based Message Authentication Code (HMAC)
             algorithm utilizing the hash algorithm specified by <paramref name="hashAlgorithm" />, and a
@@ -513,7 +507,7 @@
       </Parameters>
       <Docs>
         <param name="hashAlgorithm">The name of the hash algorithm to perform within the HMAC.</param>
-        <param name="key">The secret key for the HMAC. The key can be any length, but a key longer than the output size of the hash algorithm specified by <paramref name="hashAlgorithm" /> will be hashed (using the algorithm specified by <paramref name="hashAlgorithm" />) to derive a correctly-sized key. Therefore, the recommended size of the secret key is the output size of the hash specified by <paramref name="hashAlgorithm" />.</param>
+        <param name="key">The secret key for the HMAC.</param>
         <summary>Create an <see cref="T:System.Security.Cryptography.IncrementalHash" /> for the Hash-based Message Authentication Code (HMAC) algorithm utilizing the hash algorithm specified by <paramref name="hashAlgorithm" />, and a key specified by <paramref name="key" />.</summary>
         <returns>A hash instance to compute the hash algorithm specified by <paramref name="hashAlgorithm" />.</returns>
         <remarks>To be added.</remarks>