[Breaking change]: AsnEncodedData.RawData's setter is obsolete

[vcsjones]

Description

Starting in .NET 11 Preview 6, the System.Security.Cryptography.AsnEncodedData's RawData property has had it's set marked obsolete and should no longer be used.

Version

.NET 11 Preview 6

Previous behavior

AsnEncodedData.RawData's set could be used without a compilation warning.

New behavior

AsnEncodedData.RawData's set is now marked as obsolete. Using this property setter now generates a compiler warning, SYSLIB0065.

Type of breaking change

• Binary incompatible: Existing binaries might encounter a breaking change in behavior, such as failure to load or execute, and if so, require recompilation.
• Source incompatible: When recompiled using the new SDK or component or to target the new runtime, existing source code might require source changes to compile successfully.
• Behavioral change: Existing binaries might behave differently at run time.

Reason for change

AsnEncodedData is a type that represents an ASN.1 encoded object and contains the underlying ASN.1 representation of the encoded object. Many derived types exist from this type, such as X509BasicConstraintsExtension. These types accept the ASN.1 encoding as constructor arguments and decode it so that the derived type can provide information about the encoded data. These types will cache the decoded representation of that ASN.1 so that accessing properties does not repeatedly decode the ASN.1.

However, because RawData has a set, this can cause a discrepancy between the decoded representation and the data it contains. Consider this example:

using System;
using System.Security.Cryptography.X509Certificates;

X509BasicConstraintsExtension extension = new(
    certificateAuthority: true,
    hasPathLengthConstraint: true,
    pathLengthConstraint: 3,
    critical: true);


X509BasicConstraintsExtension decoded = new();
decoded.RawData = extension.RawData;
Console.WriteLine(decoded.CertificateAuthority);
Console.WriteLine(decoded.HasPathLengthConstraint);
Console.WriteLine(decoded.PathLengthConstraint);

This will unexpectedly print

False
False
0

This happens because RawData is not virtual, so the derived type cannot properly react to the underlying RawData changing.

In most circumstances, any type that is derived from AsnEncodedData will not be able to correctly invalidate its decoded state when the property is set.

Recommended action

Using the constructor of AsnEncodedData, or its derived types, to decode data is the best way to ensure coherency between the decoded state and the data it represents. Instances should best be treated as read only - instead of reusing instances, construct a new instance of the type.

If mutable behavior is required, use AsnEncodedData.CopyFrom. CopyFrom is virtual, so derived types can invalidate their decoded state in the presence of decoded data.

Feature area

Core .NET libraries

Affected APIs

• P:System.Security.Cryptography.AsnEncodedData.RawData set only