From 79243c52b33f34a960cac37c5a3d8a1be8b459d2 Mon Sep 17 00:00:00 2001
From: Jeremy Barton <jbarton@microsoft.com>
Date: Mon, 25 Nov 2019 09:33:05 -0800
Subject: [PATCH 1/3] Add missing, and update existing, ECDsa API documentation

---
 xml/System.Security.Cryptography/ECDsa.xml    |  98 ++++----
 xml/System.Security.Cryptography/ECDsaCng.xml | 121 +++++++---
 .../ECDsaOpenSsl.xml                          | 228 +++++++++++++-----
 3 files changed, 307 insertions(+), 140 deletions(-)

diff --git a/xml/System.Security.Cryptography/ECDsa.xml b/xml/System.Security.Cryptography/ECDsa.xml
index bac7a70150a..cafee736dd6 100644
--- a/xml/System.Security.Cryptography/ECDsa.xml
+++ b/xml/System.Security.Cryptography/ECDsa.xml
@@ -461,8 +461,8 @@
         <Parameter Name="curve" Type="System.Security.Cryptography.ECCurve" Index="0" FrameworkAlternate="netcore-1.0;netcore-1.1;netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netstandard-1.6;netstandard-2.0;netstandard-2.1;xamarinandroid-7.1;xamarinios-10.8" />
       </Parameters>
       <Docs>
-        <param name="curve">The curve to use.</param>
-        <summary>When overridden in a derived class, generates a new public/private key pair for the specified curve.</summary>
+        <param name="curve">The curve to use to generate the key.</param>
+        <summary>When overridden in a derived class, generates a new ephemeral public/private key pair for the specified curve, replacing the current key.</summary>
         <remarks>To be added.</remarks>
         <exception cref="T:System.NotSupportedException">A derived class must override this method.</exception>
       </Docs>
@@ -1158,7 +1158,7 @@ The algorithm-specific key import failed.
       <Docs>
         <param name="hash">The hash value of the data that is being signed.</param>
         <summary>Generates a digital signature for the specified hash value.</summary>
-        <returns>A digital signature that consists of the given hash value encrypted with the private key.</returns>
+        <returns>A digital signature for the specified hash value.</returns>
         <remarks>To be added.</remarks>
         <exception cref="T:System.ArgumentNullException">The <paramref name="hash" /> parameter is <see langword="null" />.</exception>
       </Docs>
@@ -1432,13 +1432,22 @@ The algorithm-specific key import failed.
         <Parameter Name="bytesWritten" Type="System.Int32" RefType="out" Index="3" FrameworkAlternate="netcore-2.1;netcore-2.2;netcore-3.0;netstandard-2.1" />
       </Parameters>
       <Docs>
-        <param name="data">To be added.</param>
-        <param name="destination">To be added.</param>
-        <param name="hashAlgorithm">To be added.</param>
-        <param name="bytesWritten">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
-        <remarks>To be added.</remarks>
+        <param name="data">The data to be hashed.</param>
+        <param name="destination">The buffer to receive the hash value.</param>
+        <param name="hashAlgorithm">The algorithm to use to hash the data.</param>
+        <param name="bytesWritten">When this method returns, the total number of bytes written into <paramref name="destination"/>. This parameter is treated as uninitialized.</param>
+        <summary>Attempts to compute the hash value of the specified read-only span of bytes into the provided destination by using the specified hashing algorithm.</summary>
+        <returns><see langword="false"/> if <paramref name="destination"/> is not long enough to receive the hash value.</returns>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+
+The default implementation of this method is to call <xref:System.Security.Cryptography.ECDsa.HashData(System.Byte[], System.Int32, System.Int32, System.Security.Cryptography.HashAlgorithmName)> and copy the result to `destination`.
+Derived types should override this method to avoid the intermediate array creation.
+  
+ ]]></format>
+        </remarks>
       </Docs>
     </Member>
     <Member MemberName="TrySignData">
@@ -1470,12 +1479,12 @@ The algorithm-specific key import failed.
         <Parameter Name="bytesWritten" Type="System.Int32" RefType="out" Index="3" FrameworkAlternate="netcore-2.1;netcore-2.2;netcore-3.0;netstandard-2.1" />
       </Parameters>
       <Docs>
-        <param name="data">To be added.</param>
-        <param name="destination">To be added.</param>
-        <param name="hashAlgorithm">To be added.</param>
-        <param name="bytesWritten">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="data">The data to be signed.</param>
+        <param name="destination">The buffer to receive the signature.</param>
+        <param name="hashAlgorithm">The algorithm to use to hash the data for signing.</param>
+        <param name="bytesWritten">When this method returns, the total number of bytes written into <paramref name="destination"/>. This parameter is treated as uninitialized.</param>
+        <summary>Attempts to compute the ECDSA digital signature for the specified read-only span of bytes into the provided destination by using the specified hashing algorithm and the current key.</summary>
+        <returns><see langword="false"/> if <paramref name="destination"/> is not long enough to receive the signature.</returns>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -1507,11 +1516,11 @@ The algorithm-specific key import failed.
         <Parameter Name="bytesWritten" Type="System.Int32" RefType="out" Index="2" FrameworkAlternate="netcore-2.1;netcore-2.2;netcore-3.0;netstandard-2.1" />
       </Parameters>
       <Docs>
-        <param name="hash">To be added.</param>
-        <param name="destination">To be added.</param>
-        <param name="bytesWritten">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="hash">The hash value of the data that is being signed.</param>
+        <param name="destination">The buffer to receive the signature.</param>
+        <param name="bytesWritten">When this method returns, the total number of bytes written into <paramref name="destination"/>. This parameter is treated as uninitialized.</param>
+        <summary>Attempts to compute the ECDSA digital signature for the specified read-only span of bytes representing a data hash into the provided destination by using the current key.</summary>
+        <returns><see langword="false"/> if <paramref name="destination"/> is not long enough to receive the signature.</returns>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -1523,7 +1532,7 @@ The algorithm-specific key import failed.
         <AssemblyVersion>4.3.0.0</AssemblyVersion>
       </AssemblyInfo>
       <Docs>
-        <summary>Verifies that a digital signature is valid.</summary>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided data with a specified hash algorithm.</summary>
       </Docs>
     </MemberGroup>
     <Member MemberName="VerifyData">
@@ -1563,7 +1572,7 @@ The algorithm-specific key import failed.
         <param name="data">The signed data.</param>
         <param name="signature">The signature data to be verified.</param>
         <param name="hashAlgorithm">The hash algorithm used to create the hash value of the data.</param>
-        <summary>Verifies that a digital signature is valid by calculating the hash value of the specified data using the specified hash algorithm and comparing it to the provided signature.</summary>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided data with a specified hash algorithm.</summary>
         <returns>
           <see langword="true" /> if the signature is valid; otherwise, <see langword="false" />.</returns>
         <remarks>To be added.</remarks>
@@ -1614,7 +1623,7 @@ The algorithm-specific key import failed.
         <param name="data">The signed data.</param>
         <param name="signature">The signature data to be verified.</param>
         <param name="hashAlgorithm">The hash algorithm used to create the hash value of the data.</param>
-        <summary>Verifies that a digital signature is valid by calculating the hash value of the specified stream using the specified hash algorithm and comparing it to the provided signature.</summary>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided data with a specified hash algorithm.</summary>
         <returns>
           <see langword="true" /> if the signature is valid; otherwise, <see langword="false" />.</returns>
         <remarks>To be added.</remarks>
@@ -1656,12 +1665,14 @@ The algorithm-specific key import failed.
         <Parameter Name="hashAlgorithm" Type="System.Security.Cryptography.HashAlgorithmName" Index="2" FrameworkAlternate="netcore-2.1;netcore-2.2;netcore-3.0;netstandard-2.1" />
       </Parameters>
       <Docs>
-        <param name="data">To be added.</param>
-        <param name="signature">To be added.</param>
-        <param name="hashAlgorithm">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="data">The signed data.</param>
+        <param name="signature">The signature to be verified.</param>
+        <param name="hashAlgorithm">The hash algorithm used to create the hash value of the data.</param>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided data with a specified hash algorithm.</summary>
+        <returns><see langword="true"/> if the signature is valid; otherwise, <see langword="false"/>.</returns>
         <remarks>To be added.</remarks>
+        <exception cref="T:System.ArgumentException">
+          <paramref name="hashAlgorithm" />.<see cref="P:System.Security.Cryptography.HashAlgorithmName.Name" /> is <see langword="null" /> or <see cref="F:System.String.Empty" />.</exception>
       </Docs>
     </Member>
     <Member MemberName="VerifyData">
@@ -1705,7 +1716,7 @@ The algorithm-specific key import failed.
         <param name="count">The number of bytes to hash.</param>
         <param name="signature">The signature data to be verified.</param>
         <param name="hashAlgorithm">The hash algorithm used to create the hash value of the data.</param>
-        <summary>Verifies that a digital signature is valid by calculating the hash value of the data in a portion of a byte array using the specified hash algorithm and comparing it to the provided signature.</summary>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided portion of data with a specified hash algorithm.</summary>
         <returns>
           <see langword="true" /> if the signature is valid; otherwise, <see langword="false" />.</returns>
         <remarks>To be added.</remarks>
@@ -1763,19 +1774,13 @@ The algorithm-specific key import failed.
         <Parameter Name="signature" Type="System.Byte[]" />
       </Parameters>
       <Docs>
-        <param name="hash">The hash value of a block of data.</param>
-        <param name="signature">The digital signature to be verified.</param>
-        <summary>Verifies a digital signature against the specified hash value.</summary>
+        <param name="hash">The hash value of the data to be verified.</param>
+        <param name="signature">The digital signature of the data to be verified against the hash value.</param>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided data hash.</summary>
         <returns>
-          <see langword="true" /> if the hash value equals the decrypted signature; otherwise, <see langword="false" />.</returns>
-        <remarks>
-          <format type="text/markdown"><![CDATA[  
-  
-## Remarks  
- The signature is first decrypted by using the public key, and then compared to the hash value for verification.  
-  
- ]]></format>
-        </remarks>
+          <see langword="true" /> if the signature is valid; otherwise, <see langword="false" />.</returns>
+        <remarks>To be added.</remarks>
+        <exception cref="T:System.ArgumentNullException"><paramref name="hash"/> or <paramref name="signature"/> is <see langword="null"/>.</exception>
       </Docs>
     </Member>
     <Member MemberName="VerifyHash">
@@ -1805,10 +1810,11 @@ The algorithm-specific key import failed.
         <Parameter Name="signature" Type="System.ReadOnlySpan&lt;System.Byte&gt;" Index="1" FrameworkAlternate="netcore-2.1;netcore-2.2;netcore-3.0;netstandard-2.1" />
       </Parameters>
       <Docs>
-        <param name="hash">To be added.</param>
-        <param name="signature">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="hash">The hash value of the data to be verified.</param>
+        <param name="signature">The digital signature of the data to be verified against the hash value.</param>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided data hash.</summary>
+        <returns>
+          <see langword="true" /> if the signature is valid; otherwise, <see langword="false" />.</returns>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
diff --git a/xml/System.Security.Cryptography/ECDsaCng.xml b/xml/System.Security.Cryptography/ECDsaCng.xml
index ed699c5afc6..d65bd7b1f55 100644
--- a/xml/System.Security.Cryptography/ECDsaCng.xml
+++ b/xml/System.Security.Cryptography/ECDsaCng.xml
@@ -32,7 +32,8 @@
       <format type="text/markdown"><![CDATA[  
   
 ## Remarks  
- This class derives from the <xref:System.Security.Cryptography.ECDsa> abstract base class.  
+This class should only be used directly when doing platform interop with the Windows CNG library.
+When platform interop is not needed, you should use the <xref:System.Security.Cryptography.ECDsa.Create%2A?displayProperty=nameWithType> factory methods instead of a specific derived implementation.
   
    
   
@@ -92,11 +93,15 @@
           <format type="text/markdown"><![CDATA[  
   
 ## Remarks  
- The random key pair has a public key length of 521 bits.  
+
+This constructor does not generate a new public/private keypair immediately.
+This constructor sets the <xref:System.Security.Cryptography.ECDsaCng.KeySize> property to 521 and when a key is needed the saved size is used to identify the target curve.
+If a key is loaded via the <xref:System.Security.Cryptography.ECDsaCng.ImportParameters%2A> method, or other key import method, the key size from this constructor has no meaning.
   
  ]]></format>
         </remarks>
         <exception cref="T:System.PlatformNotSupportedException">Cryptography Next Generation (CNG) classes are not supported on this system.</exception>
+        <altmember cref="M:System.Security.Cryptography.ECDsa.Create"/>
       </Docs>
     </Member>
     <Member MemberName=".ctor">
@@ -134,18 +139,23 @@
       </Parameters>
       <Docs>
         <param name="keySize">The size of the key. Valid key sizes are 256, 384, and 521 bits.</param>
-        <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.ECDsaCng" /> class with a random key pair, using the specified key size.</summary>
+        <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.ECDsaCng" /> class with a specified target key size.</summary>
         <remarks>
           <format type="text/markdown"><![CDATA[  
   
 ## Remarks  
- The random key pair will have the public key length defined by the `keySize` parameter.  
+
+This constructor does not generate a new public/private keypair immediately.
+This constructor sets the <xref:System.Security.Cryptography.ECDsaCng.KeySize> property to the provided value and when a key is needed the saved size is used to identify the target curve.
+If a key is loaded via the <xref:System.Security.Cryptography.ECDsaCng.ImportParameters%2A> method, or other key import method, the key size from this constructor has no meaning.
+ 
   
  ]]></format>
         </remarks>
         <exception cref="T:System.PlatformNotSupportedException">Cryptography Next Generation (CNG) classes are not supported on this system.</exception>
         <exception cref="T:System.Security.Cryptography.CryptographicException">
           <paramref name="keySize" /> specifies an invalid length.</exception>
+        <altmember cref="M:System.Security.Cryptography.ECDsa.Create(System.Int32)"/>
       </Docs>
     </Member>
     <Member MemberName=".ctor">
@@ -271,8 +281,9 @@
         <Parameter Name="disposing" Type="System.Boolean" Index="0" FrameworkAlternate="dotnet-plat-ext-2.1;dotnet-plat-ext-2.2;dotnet-plat-ext-3.0;netcore-1.0;netcore-1.1;netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8" />
       </Parameters>
       <Docs>
-        <param name="disposing">To be added.</param>
-        <summary>To be added.</summary>
+        <param name="disposing">
+          <see langword="true"/> to release managed and unmanaged resources; <see langword="false"/> to release only unmanaged resources.</param>
+        <summary>Releases the resources used by the current instance of the <see cref="T:System.Security.Cryptography.ECDsaCng"/> class.</summary>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -467,7 +478,7 @@
       </Parameters>
       <Docs>
         <param name="curve">The curve to use to generate the key.</param>
-        <summary>Generates a key to use for the ECDsaCng algorithm.</summary>
+        <summary>Generates a new ephemeral public/private key pair for the specified curve, replacing the current key.</summary>
         <remarks>To be added.</remarks>
         <exception cref="T:System.Security.Cryptography.CryptographicException">
           <paramref name="curve" /> does not validate.</exception>
@@ -551,10 +562,10 @@
         <Parameter Name="hashAlgorithm" Type="System.Security.Cryptography.HashAlgorithmName" Index="1" FrameworkAlternate="dotnet-plat-ext-2.1;dotnet-plat-ext-2.2;dotnet-plat-ext-3.0;netcore-1.0;netcore-1.1;netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8" />
       </Parameters>
       <Docs>
-        <param name="data">To be added.</param>
-        <param name="hashAlgorithm">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="data">The binary stream to hash.</param>
+        <param name="hashAlgorithm">The algorithm to use to hash the data.</param>
+        <summary>Computes the hash value of the specified binary stream by using the specified hashing algorithm.</summary>
+        <returns>The hashed data.</returns>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -591,12 +602,12 @@
         <Parameter Name="hashAlgorithm" Type="System.Security.Cryptography.HashAlgorithmName" Index="3" FrameworkAlternate="dotnet-plat-ext-2.1;dotnet-plat-ext-2.2;dotnet-plat-ext-3.0;netcore-1.0;netcore-1.1;netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8" />
       </Parameters>
       <Docs>
-        <param name="data">To be added.</param>
-        <param name="offset">To be added.</param>
-        <param name="count">To be added.</param>
-        <param name="hashAlgorithm">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="data">The data to be hashed.</param>
+        <param name="offset">The index of the first byte in <paramref name="data" /> to be hashed.</param>
+        <param name="count">The number of bytes to hash.</param>
+        <param name="hashAlgorithm">The algorithm to use to hash the data.</param>
+        <summary>Computes the hash value of the specified portion of a byte array by using the specified hashing algorithm.</summary>
+        <returns>The hashed data.</returns>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -708,9 +719,23 @@
         <ReturnType>System.Int32</ReturnType>
       </ReturnValue>
       <Docs>
-        <summary>To be added.</summary>
-        <value>To be added.</value>
-        <remarks>To be added.</remarks>
+        <summary>Gets or sets the size, in bits, of the key modulus used by the asymmetric algorithm.</summary>
+        <value>The size, in bits, of the key modulus used by the asymmetric algorithm.</value>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+
+Setting this property to its current value has no visible effect.
+Setting this property to a new legal value discards the current key, but defers creation of a new key until one is needed.
+
+Because key sizes do not uniquely identify elliptic curves, the use of the property setter is discouraged. To generate a new key on a specific curve, use the <xref:System.Security.Cryptography.ECDsaCng.GenerateKey%2A> method.
+
+]]></format>
+        </remarks> 
+        <exception cref="T:System.Security.Cryptography.CryptographicException">
+          <paramref name="value" /> is not permitted by <see cref="P:System.Security.Cryptography.ECDsaCng.LegalKeySizes" />.</exception>
+        <altmember cref="M:System.Security.Cryptography.ECDsaCng.GenerateKey(System.Security.Cryptography.ECCurve)" />
       </Docs>
     </Member>
     <Member MemberName="LegalKeySizes">
@@ -739,9 +764,25 @@
         <ReturnType>System.Security.Cryptography.KeySizes[]</ReturnType>
       </ReturnValue>
       <Docs>
-        <summary>To be added.</summary>
-        <value>To be added.</value>
-        <remarks>To be added.</remarks>
+        <summary>Gets the key sizes, in bits, that are supported by the <see cref="P:System.Security.Cryptography.ECDsaCng.KeySize"/> property setter.</summary>
+        <value>An array that contains the key sizes supported by the <see cref="P:System.Security.Cryptography.ECDsaCng.KeySize"/> property setter.</value>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+
+In Elliptic Curve Cryptography (ECC) the key size is not the only input into the key generation process,
+it is derived from the curve parameters for a specific elliptic curve.
+This property reports only three sizes for LegalKeySizes: 256, 384, and 521 bits.
+When the key size is used alone as a basis for key generation,
+the supported sizes map to the named curves secp256r1 (aka NIST P-256), secp384r1 (aka NIST P-384), and secp521r1 (aka NIST P-521).
+
+When executed on Windows 10, this class supports many additional named curves,
+but that is not reflected in this property.
+
+ ]]></format>
+        </remarks>
+        <altmember cref="M:System.Security.Cryptography.ECDsaCng.GenerateKey(System.Security.Cryptography.ECCurve)" />
       </Docs>
     </Member>
     <MemberGroup MemberName="SignData">
@@ -1078,13 +1119,12 @@
         <Parameter Name="bytesWritten" Type="System.Int32" RefType="out" Index="3" FrameworkAlternate="netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0" />
       </Parameters>
       <Docs>
-        <param name="source">To be added.</param>
-        <param name="destination">To be added.</param>
-        <param name="hashAlgorithm">To be added.</param>
-        <param name="bytesWritten">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
-        <remarks>To be added.</remarks>
+        <param name="source">The data to be hashed.</param>
+        <param name="destination">The buffer to receive the hash value.</param>
+        <param name="hashAlgorithm">The algorithm to use to hash the data.</param>
+        <param name="bytesWritten">When this method returns, the total number of bytes written into <paramref name="destination"/>. This parameter is treated as uninitialized.</param>
+        <summary>Attempts to compute the hash value of the specified read-only span of bytes into the provided destination by using the specified hashing algorithm.</summary>
+        <returns><see langword="false"/> if <paramref name="destination"/> is not long enough to receive the hash value.</returns>
       </Docs>
     </Member>
     <Member MemberName="TrySignHash">
@@ -1112,11 +1152,11 @@
         <Parameter Name="bytesWritten" Type="System.Int32" RefType="out" Index="2" FrameworkAlternate="netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0" />
       </Parameters>
       <Docs>
-        <param name="source">To be added.</param>
-        <param name="destination">To be added.</param>
-        <param name="bytesWritten">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="source">The hash value of the data that is being signed.</param>
+        <param name="destination">The buffer to receive the signature.</param>
+        <param name="bytesWritten">When this method returns, the total number of bytes written into <paramref name="destination"/>. This parameter is treated as uninitialized.</param>
+        <summary>Attempts to compute the ECDSA digital signature for the specified read-only span of bytes representing a data hash into the provided destination by using the current key.</summary>
+        <returns><see langword="false"/> if <paramref name="destination"/> is not long enough to receive the signature.</returns>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -1333,7 +1373,7 @@
       <Docs>
         <param name="hash">The hash value of the data to be verified.</param>
         <param name="signature">The digital signature of the data to be verified against the hash value.</param>
-        <summary>Verifies the specified digital signature against a specified hash value.</summary>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided data hash.</summary>
         <returns>
           <see langword="true" /> if the signature is valid; otherwise, <see langword="false" />.</returns>
         <remarks>To be added.</remarks>
@@ -1364,10 +1404,11 @@
         <Parameter Name="signature" Type="System.ReadOnlySpan&lt;System.Byte&gt;" Index="1" FrameworkAlternate="netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0" />
       </Parameters>
       <Docs>
-        <param name="hash">To be added.</param>
-        <param name="signature">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="hash">The hash value of the data to be verified.</param>
+        <param name="signature">The digital signature of the data to be verified against the hash value.</param>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided data hash.</summary>
+        <returns>
+          <see langword="true" /> if the signature is valid; otherwise, <see langword="false" />.</returns>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
diff --git a/xml/System.Security.Cryptography/ECDsaOpenSsl.xml b/xml/System.Security.Cryptography/ECDsaOpenSsl.xml
index 74ea92639b5..68c0b79bc7d 100644
--- a/xml/System.Security.Cryptography/ECDsaOpenSsl.xml
+++ b/xml/System.Security.Cryptography/ECDsaOpenSsl.xml
@@ -17,8 +17,16 @@
   </Base>
   <Interfaces />
   <Docs>
-    <summary>To be added.</summary>
-    <remarks>To be added.</remarks>
+    <summary>Provides an implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) backed by OpenSSL.</summary>
+    <remarks>
+      <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+This class should only be used directly when doing platform interop with the system OpenSSL library.
+When platform interop is not needed, you should use the <xref:System.Security.Cryptography.ECDsa.Create%2A?displayProperty=nameWithType> factory methods instead of a specific derived implementation.
+  
+ ]]></format>
+    </remarks>
   </Docs>
   <Members>
     <Member MemberName=".ctor">
@@ -37,8 +45,20 @@
       </AssemblyInfo>
       <Parameters />
       <Docs>
-        <summary>To be added.</summary>
-        <remarks>To be added.</remarks>
+        <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.ECDsaOpenSsl" /> class.</summary>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+
+This constructor does not generate a new public/private keypair immediately.
+This constructor sets the <xref:System.Security.Cryptography.ECDsaOpenSsl.KeySize> property to 521 and when a key is needed the saved size is used to identify the target curve.
+If a key is loaded via the <xref:System.Security.Cryptography.ECDsaOpenSsl.ImportParameters%2A> method, or other key import method, the key size from this constructor has no meaning.
+ 
+  
+ ]]></format>
+        </remarks>
+        <altmember cref="M:System.Security.Cryptography.ECDsa.Create"/>
       </Docs>
     </Member>
     <Member MemberName=".ctor">
@@ -60,9 +80,23 @@
         <Parameter Name="keySize" Type="System.Int32" />
       </Parameters>
       <Docs>
-        <param name="keySize">To be added.</param>
-        <summary>To be added.</summary>
-        <remarks>To be added.</remarks>
+        <param name="keySize">The size of the key. Valid key sizes are 256, 384, and 521 bits.</param>
+        <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.ECDsaOpenSsl" /> class with a specified target key size.</summary>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+
+This constructor does not generate a new public/private keypair immediately.
+This constructor sets the <xref:System.Security.Cryptography.ECDsaOpenSsl.KeySize> property to the provided value and when a key is needed the saved size is used to identify the target curve.
+If a key is loaded via the <xref:System.Security.Cryptography.ECDsaOpenSsl.ImportParameters%2A> method, or other key import method, the key size from this constructor has no meaning.
+ 
+  
+ ]]></format>
+        </remarks>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">
+          <paramref name="keySize" /> specifies an invalid length.</exception>
+        <altmember cref="M:System.Security.Cryptography.ECDsa.Create(System.Int32)"/>
       </Docs>
     </Member>
     <Member MemberName=".ctor">
@@ -84,9 +118,23 @@
         <Parameter Name="handle" Type="System.IntPtr" />
       </Parameters>
       <Docs>
-        <param name="handle">To be added.</param>
-        <summary>To be added.</summary>
-        <remarks>To be added.</remarks>
+        <param name="handle">The OpenSSL <c>EC_KEY*</c> value to use as the key.</param>
+        <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.ECDsaOpenSsl" /> class from an existing OpenSSL key represented as an <c>EC_KEY*</c>.</summary>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+> [!IMPORTANT]
+> OpenSSL supports multiple library versions being loaded within the same process.
+> Before calling this constructor verify your pointer value came from the same version of OpenSSL that this class uses, see <xref:System.Security.Cryptography.SafeEvpPKeyHandle.OpenSslVersion> for more information.
+
+ ]]></format>
+        </remarks>
+        <exception cref="T:System.ArgumentException">
+          <paramref name="handle" /> is <see cref="F:System.IntPtr.Zero"/>.</exception>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">
+          <paramref name="handle"/> is not a valid <c>EC_KEY*</c>.</exception>
+        <altmember cref="P:System.Security.Cryptography.SafeEvpPKeyHandle.OpenSslVersion" />
       </Docs>
     </Member>
     <Member MemberName=".ctor">
@@ -108,9 +156,12 @@
         <Parameter Name="curve" Type="System.Security.Cryptography.ECCurve" />
       </Parameters>
       <Docs>
-        <param name="curve">To be added.</param>
-        <summary>To be added.</summary>
+        <param name="curve">The curve used to generate an ephemeral public/private key pair.</param>
+        <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.ECDsaOpenSsl" /> class and generates a new key on the specified curve.</summary>
         <remarks>To be added.</remarks>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">
+          <paramref name="curve" /> does not validate.</exception>
+        <altmember cref="M:System.Security.Cryptography.ECCurve.Validate"/>
       </Docs>
     </Member>
     <Member MemberName=".ctor">
@@ -132,9 +183,26 @@
         <Parameter Name="pkeyHandle" Type="System.Security.Cryptography.SafeEvpPKeyHandle" />
       </Parameters>
       <Docs>
-        <param name="pkeyHandle">To be added.</param>
-        <summary>To be added.</summary>
-        <remarks>To be added.</remarks>
+        <param name="pkeyHandle">The OpenSSL <c>EVP_PKEY*</c> value to use as the key, represented as a <see cref="T:System.Security.Cryptography.SafeEvpPKeyHandle" />.</param>
+        <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.ECDsaOpenSsl" /> class from an existing OpenSSL key represented as an <c>EVP_PKEY*</c>.</summary>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+> [!IMPORTANT]
+> OpenSSL supports multiple library versions being loaded within the same process.
+> Before calling this constructor, verify your pointer value came from the same version of OpenSSL that this class uses.
+> For more information, see <xref:System.Security.Cryptography.SafeEvpPKeyHandle.OpenSslVersion>.
+
+ ]]></format>
+        </remarks>
+        <exception cref="T:System.ArgumentException">
+          <paramref name="pkeyHandle" /> represents an invalid handle.</exception>
+        <exception cref="T:System.ArgumentNullException">
+          <paramref name="pkeyHandle" /> is <see langword="null"/>.</exception>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">
+          <paramref name="pkeyHandle" /> does not represent a elliptic curve (EC) key.</exception>
+        <seealso cref="P:System.Security.Cryptography.SafeEvpPKeyValue.OpenSslVersion" />
       </Docs>
     </Member>
     <Member MemberName="Dispose">
@@ -159,8 +227,9 @@
         <Parameter Name="disposing" Type="System.Boolean" />
       </Parameters>
       <Docs>
-        <param name="disposing">To be added.</param>
-        <summary>To be added.</summary>
+        <param name="disposing">
+          <see langword="true"/> to release managed and unmanaged resources; <see langword="false"/> to release only unmanaged resources.</param>
+        <summary>Releases the resources used by the current instance of the <see cref="T:System.Security.Cryptography.ECDsaOpenSsl"/> class.</summary>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -184,9 +253,17 @@
       </ReturnValue>
       <Parameters />
       <Docs>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
-        <remarks>To be added.</remarks>
+        <summary>Gets a <see cref="T:System.Security.Cryptography.SafeEvpPKeyHandle"/> representation of the cryptographic key.</summary>
+        <returns>A <see cref="T:System.Security.Cryptography.SafeEvpPKeyHandle"/> representation of the cryptographic key.</returns>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks
+Each call to this method produces a new <xref:System.Security.Cryptography.SafeEvpPKeyHandle> object with its own lifetime.
+The objects returned by this method can safely be used even after this <xref:System.Security.Cryptography.ECDsaOpenSsl> instance has been disposed.
+
+]]></format>
+        </remarks>
       </Docs>
     </Member>
     <Member MemberName="ExportExplicitParameters">
@@ -211,10 +288,12 @@
         <Parameter Name="includePrivateParameters" Type="System.Boolean" />
       </Parameters>
       <Docs>
-        <param name="includePrivateParameters">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="includePrivateParameters">
+          <see langword="true" /> to include private parameters; otherwise, <see langword="false" />.</param>
+        <summary>Exports the key and explicit curve parameters used by the Elliptic curve cryptography (ECC) object into an <see cref="T:System.Security.Cryptography.ECParameters" /> object.</summary>
+        <returns>The key and explicit curve parameters used by the ECC object.</returns>
         <remarks>To be added.</remarks>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">An error occurred while obtaining the curve values.</exception>
       </Docs>
     </Member>
     <Member MemberName="ExportParameters">
@@ -239,10 +318,12 @@
         <Parameter Name="includePrivateParameters" Type="System.Boolean" />
       </Parameters>
       <Docs>
-        <param name="includePrivateParameters">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="includePrivateParameters">
+          <see langword="true" /> to include private parameters; otherwise, <see langword="false" />.</param>
+        <summary>Exports the key used by the Elliptic curve cryptography (ECC) object into an <see cref="T:System.Security.Cryptography.ECParameters" /> object. If the key was created as a named curve, the <see cref="F:System.Security.Cryptography.ECParameters.Curve" /> field contains named curve parameters; otherwise, it contains explicit parameters.</summary>
+        <returns>The key and named curve parameters used by the ECC object.</returns>
         <remarks>To be added.</remarks>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">An error occurred while obtaining the curve values.</exception>
       </Docs>
     </Member>
     <Member MemberName="GenerateKey">
@@ -267,8 +348,8 @@
         <Parameter Name="curve" Type="System.Security.Cryptography.ECCurve" />
       </Parameters>
       <Docs>
-        <param name="curve">To be added.</param>
-        <summary>To be added.</summary>
+        <param name="curve">The curve to use to generate the key.</param>
+        <summary>Generates a new ephemeral public/private key pair for the specified curve, replacing the current key.</summary>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -295,10 +376,10 @@
         <Parameter Name="hashAlgorithm" Type="System.Security.Cryptography.HashAlgorithmName" />
       </Parameters>
       <Docs>
-        <param name="data">To be added.</param>
-        <param name="hashAlgorithm">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="data">The binary stream to hash.</param>
+        <param name="hashAlgorithm">The algorithm to use to hash the data.</param>
+        <summary>Computes the hash value of the specified binary stream by using the specified hashing algorithm.</summary>
+        <returns>The hashed data.</returns>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -327,12 +408,12 @@
         <Parameter Name="hashAlgorithm" Type="System.Security.Cryptography.HashAlgorithmName" />
       </Parameters>
       <Docs>
-        <param name="data">To be added.</param>
-        <param name="offset">To be added.</param>
-        <param name="count">To be added.</param>
-        <param name="hashAlgorithm">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="data">The data to be hashed.</param>
+        <param name="offset">The index of the first byte in <paramref name="data" /> to be hashed.</param>
+        <param name="count">The number of bytes to hash.</param>
+        <param name="hashAlgorithm">The algorithm to use to hash the data.</param>
+        <summary>Computes the hash value of the specified portion of a byte array by using the specified hashing algorithm.</summary>
+        <returns>The hashed data.</returns>
         <remarks>To be added.</remarks>
       </Docs>
     </Member>
@@ -358,9 +439,18 @@
         <Parameter Name="parameters" Type="System.Security.Cryptography.ECParameters" />
       </Parameters>
       <Docs>
-        <param name="parameters">To be added.</param>
-        <summary>To be added.</summary>
-        <remarks>To be added.</remarks>
+        <param name="parameters">The curve parameters.</param>
+        <summary>Replaces the current key for this instance with one using the specified key parameters.</summary>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+ If `parameters` contains only <xref:System.Security.Cryptography.ECParameters.Q>, only a public key is imported. If `parameters` also contains <xref:System.Security.Cryptography.ECParameters.D>, a full key pair is imported. The <xref:System.Security.Cryptography.ECParameters.Curve> field specifies the type of the curve to import.  
+  
+ ]]></format>
+        </remarks>
+        <exception cref="T:System.Security.Cryptography.CryptographicException">
+          <paramref name="parameters" /> does not contain valid values.</exception>
       </Docs>
     </Member>
     <Member MemberName="KeySize">
@@ -382,9 +472,23 @@
         <ReturnType>System.Int32</ReturnType>
       </ReturnValue>
       <Docs>
-        <summary>To be added.</summary>
-        <value>To be added.</value>
-        <remarks>To be added.</remarks>
+        <summary>Gets or sets the size, in bits, of the key modulus used by the asymmetric algorithm.</summary>
+        <value>The size, in bits, of the key modulus used by the asymmetric algorithm.</value>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+
+Setting this property to its current value has no visible effect.
+Setting this property to a new legal value discards the current key, but defers creation of a new key until one is needed.
+
+Because key sizes do not uniquely identify elliptic curves, the use of the property setter is discouraged. To generate a new key on a specific curve, use the <xref:System.Security.Cryptography.ECDsaOpenSsl.GenerateKey%2A> method.
+
+]]></format>
+        </remarks> 
+        <exception cref="T:System.Security.Cryptography.CryptographicException">
+          <paramref name="value" /> is not permitted by <see cref="P:System.Security.Cryptography.ECDsaOpenSsl.LegalKeySizes" />.</exception>
+        <altmember cref="M:System.Security.Cryptography.ECDsaOpenSsl.GenerateKey(System.Security.Cryptography.ECCurve)" />
       </Docs>
     </Member>
     <Member MemberName="LegalKeySizes">
@@ -406,9 +510,22 @@
         <ReturnType>System.Security.Cryptography.KeySizes[]</ReturnType>
       </ReturnValue>
       <Docs>
-        <summary>To be added.</summary>
-        <value>To be added.</value>
-        <remarks>To be added.</remarks>
+        <summary>Gets the key sizes, in bits, that are supported by the <see cref="P:System.Security.Cryptography.ECDsaCng.KeySize"/> property setter.</summary>
+        <value>An array that contains the key sizes supported by the <see cref="P:System.Security.Cryptography.ECDsaCng.KeySize"/> property setter.</value>
+        <remarks>
+          <format type="text/markdown"><![CDATA[  
+  
+## Remarks  
+
+In Elliptic Curve Cryptography (ECC) the key size is not the only input into the key generation process,
+it is derived from the curve parameters for a specific elliptic curve.
+This property reports only three sizes for LegalKeySizes: 256, 384, and 521 bits.
+When the key size is used alone as a basis for key generation,
+the supported sizes map to the named curves secp256r1 (aka NIST P-256), secp384r1 (aka NIST P-384), and secp521r1 (aka NIST P-521).
+
+ ]]></format>
+        </remarks>
+        <altmember cref="M:System.Security.Cryptography.ECDsaCng.GenerateKey(System.Security.Cryptography.ECCurve)" />
       </Docs>
     </Member>
     <Member MemberName="SignHash">
@@ -433,10 +550,11 @@
         <Parameter Name="hash" Type="System.Byte[]" />
       </Parameters>
       <Docs>
-        <param name="hash">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="hash">The hash value of the data that is being signed.</param>
+        <summary>Generates a digital signature for the specified hash value.</summary>
+        <returns>A digital signature for the specified hash value.</returns>
         <remarks>To be added.</remarks>
+        <exception cref="T:System.ArgumentNullException">The <paramref name="hash" /> parameter is <see langword="null" />.</exception>
       </Docs>
     </Member>
     <Member MemberName="VerifyHash">
@@ -462,11 +580,13 @@
         <Parameter Name="signature" Type="System.Byte[]" />
       </Parameters>
       <Docs>
-        <param name="hash">To be added.</param>
-        <param name="signature">To be added.</param>
-        <summary>To be added.</summary>
-        <returns>To be added.</returns>
+        <param name="hash">The hash value of the data to be verified.</param>
+        <param name="signature">The digital signature of the data to be verified against the hash value.</param>
+        <summary>Verifies that a digital signature is appropriate for the current key and provided data hash.</summary>
+        <returns>
+          <see langword="true" /> if the signature is valid; otherwise, <see langword="false" />.</returns>
         <remarks>To be added.</remarks>
+        <exception cref="T:System.ArgumentNullException"><paramref name="hash"/> or <paramref name="signature"/> is <see langword="null"/>.</exception>
       </Docs>
     </Member>
   </Members>

From f6e3ccf5c41af822e1adbbdfa4e234436fe33f60 Mon Sep 17 00:00:00 2001
From: Jeremy Barton <jbarton@microsoft.com>
Date: Tue, 26 Nov 2019 07:46:29 -0800
Subject: [PATCH 2/3] Address feedback

---
 xml/System.Security.Cryptography/ECDsa.xml        | 2 +-
 xml/System.Security.Cryptography/ECDsaCng.xml     | 4 ++--
 xml/System.Security.Cryptography/ECDsaOpenSsl.xml | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/xml/System.Security.Cryptography/ECDsa.xml b/xml/System.Security.Cryptography/ECDsa.xml
index cafee736dd6..9ca4224c25f 100644
--- a/xml/System.Security.Cryptography/ECDsa.xml
+++ b/xml/System.Security.Cryptography/ECDsa.xml
@@ -1443,7 +1443,7 @@ The algorithm-specific key import failed.
   
 ## Remarks  
 
-The default implementation of this method is to call <xref:System.Security.Cryptography.ECDsa.HashData(System.Byte[], System.Int32, System.Int32, System.Security.Cryptography.HashAlgorithmName)> and copy the result to `destination`.
+The default implementation of this method is to call <xref:System.Security.Cryptography.ECDsa.HashData(System.Byte[],System.Int32,System.Int32,System.Security.Cryptography.HashAlgorithmName)> and copy the result to `destination`.
 Derived types should override this method to avoid the intermediate array creation.
   
  ]]></format>
diff --git a/xml/System.Security.Cryptography/ECDsaCng.xml b/xml/System.Security.Cryptography/ECDsaCng.xml
index d65bd7b1f55..85ed8b79600 100644
--- a/xml/System.Security.Cryptography/ECDsaCng.xml
+++ b/xml/System.Security.Cryptography/ECDsaCng.xml
@@ -155,7 +155,7 @@ If a key is loaded via the <xref:System.Security.Cryptography.ECDsaCng.ImportPar
         <exception cref="T:System.PlatformNotSupportedException">Cryptography Next Generation (CNG) classes are not supported on this system.</exception>
         <exception cref="T:System.Security.Cryptography.CryptographicException">
           <paramref name="keySize" /> specifies an invalid length.</exception>
-        <altmember cref="M:System.Security.Cryptography.ECDsa.Create(System.Int32)"/>
+        <altmember cref="Overload:System.Security.Cryptography.ECDsa.Create"/>
       </Docs>
     </Member>
     <Member MemberName=".ctor">
@@ -773,7 +773,7 @@ Because key sizes do not uniquely identify elliptic curves, the use of the prope
 
 In Elliptic Curve Cryptography (ECC) the key size is not the only input into the key generation process,
 it is derived from the curve parameters for a specific elliptic curve.
-This property reports only three sizes for LegalKeySizes: 256, 384, and 521 bits.
+This property reports only three legal key sizes: 256, 384, and 521 bits.
 When the key size is used alone as a basis for key generation,
 the supported sizes map to the named curves secp256r1 (aka NIST P-256), secp384r1 (aka NIST P-384), and secp521r1 (aka NIST P-521).
 
diff --git a/xml/System.Security.Cryptography/ECDsaOpenSsl.xml b/xml/System.Security.Cryptography/ECDsaOpenSsl.xml
index 68c0b79bc7d..c32e4b716a8 100644
--- a/xml/System.Security.Cryptography/ECDsaOpenSsl.xml
+++ b/xml/System.Security.Cryptography/ECDsaOpenSsl.xml
@@ -58,7 +58,7 @@ If a key is loaded via the <xref:System.Security.Cryptography.ECDsaOpenSsl.Impor
   
  ]]></format>
         </remarks>
-        <altmember cref="M:System.Security.Cryptography.ECDsa.Create"/>
+        <altmember cref="M:System.Security.Cryptography.ECDsa.Create()"/>
       </Docs>
     </Member>
     <Member MemberName=".ctor">
@@ -96,7 +96,7 @@ If a key is loaded via the <xref:System.Security.Cryptography.ECDsaOpenSsl.Impor
         </remarks>
         <exception cref="T:System.Security.Cryptography.CryptographicException">
           <paramref name="keySize" /> specifies an invalid length.</exception>
-        <altmember cref="M:System.Security.Cryptography.ECDsa.Create(System.Int32)"/>
+        <altmember cref="Overload:System.Security.Cryptography.ECDsa.Create"/>
       </Docs>
     </Member>
     <Member MemberName=".ctor">
@@ -519,7 +519,7 @@ Because key sizes do not uniquely identify elliptic curves, the use of the prope
 
 In Elliptic Curve Cryptography (ECC) the key size is not the only input into the key generation process,
 it is derived from the curve parameters for a specific elliptic curve.
-This property reports only three sizes for LegalKeySizes: 256, 384, and 521 bits.
+This property reports only three legal key sizes: 256, 384, and 521 bits.
 When the key size is used alone as a basis for key generation,
 the supported sizes map to the named curves secp256r1 (aka NIST P-256), secp384r1 (aka NIST P-384), and secp521r1 (aka NIST P-521).
 

From a394c1f48cf2f7f2cff8fade38ce32ccccaf5c7d Mon Sep 17 00:00:00 2001
From: Jeremy Barton <jbarton@microsoft.com>
Date: Tue, 26 Nov 2019 08:30:20 -0800
Subject: [PATCH 3/3] Fix another warning

---
 xml/System.Security.Cryptography/ECDsaOpenSsl.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xml/System.Security.Cryptography/ECDsaOpenSsl.xml b/xml/System.Security.Cryptography/ECDsaOpenSsl.xml
index c32e4b716a8..3e5fa7401ce 100644
--- a/xml/System.Security.Cryptography/ECDsaOpenSsl.xml
+++ b/xml/System.Security.Cryptography/ECDsaOpenSsl.xml
@@ -58,7 +58,7 @@ If a key is loaded via the <xref:System.Security.Cryptography.ECDsaOpenSsl.Impor
   
  ]]></format>
         </remarks>
-        <altmember cref="M:System.Security.Cryptography.ECDsa.Create()"/>
+        <altmember cref="M:System.Security.Cryptography.ECDsa.Create"/>
       </Docs>
     </Member>
     <Member MemberName=".ctor">