diff --git a/src/libraries/Common/tests/System/Net/Configuration.Certificates.Dynamic.cs b/src/libraries/Common/tests/System/Net/Configuration.Certificates.Dynamic.cs
index d89f914191f0ee..829bcfbe42f402 100644
--- a/src/libraries/Common/tests/System/Net/Configuration.Certificates.Dynamic.cs
+++ b/src/libraries/Common/tests/System/Net/Configuration.Certificates.Dynamic.cs
@@ -163,7 +163,7 @@ public static (X509Certificate2 certificate, X509Certificate2Collection) Generat
if (!ephemeralKey && PlatformDetection.IsWindows)
{
X509Certificate2 ephemeral = endEntity;
- endEntity = new X509Certificate2(endEntity.Export(X509ContentType.Pfx), (string?)null, X509KeyStorageFlags.Exportable);
+ endEntity = X509CertificateLoader.LoadPkcs12(endEntity.Export(X509ContentType.Pfx), (string?)null, X509KeyStorageFlags.Exportable);
ephemeral.Dispose();
}
diff --git a/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs b/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs
index 34599f1644bf1f..614df10ddf8ec6 100644
--- a/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs
+++ b/src/libraries/Common/tests/System/Net/Configuration.Certificates.cs
@@ -47,11 +47,11 @@ static Certificates()
Assert.True(mutex?.WaitOne(MutexTimeoutMs) ?? true, "Could not acquire the global certificate mutex.");
try
{
- s_serverCertificate = new X509Certificate2(serverCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
- s_clientCertificate = new X509Certificate2(clientCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
- s_noEKUCertificate = new X509Certificate2(noEKUCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
- s_selfSignedServerCertificate = new X509Certificate2(selfSignedServerCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
- s_selfSignedClientCertificate = new X509Certificate2(selfSignedClientCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
+ s_serverCertificate = X509CertificateLoader.LoadPkcs12(serverCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
+ s_clientCertificate = X509CertificateLoader.LoadPkcs12(clientCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
+ s_noEKUCertificate = X509CertificateLoader.LoadPkcs12(noEKUCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
+ s_selfSignedServerCertificate = X509CertificateLoader.LoadPkcs12(selfSignedServerCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
+ s_selfSignedClientCertificate = X509CertificateLoader.LoadPkcs12(selfSignedClientCertificateBytes, CertificatePassword, X509KeyStorageFlags.Exportable);
}
finally { mutex?.ReleaseMutex(); }
}
@@ -91,7 +91,7 @@ public static X509Certificate2 GetSelfSigned13ServerCertificate()
{
using (innerCert)
{
- cert = new X509Certificate2(innerCert.Export(X509ContentType.Pfx));
+ cert = X509CertificateLoader.LoadPkcs12(innerCert.Export(X509ContentType.Pfx), (string?)null);
}
}
else
diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ClientCertificates.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ClientCertificates.cs
index e5bd399a977ba0..5a75e5d20e9e05 100644
--- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ClientCertificates.cs
+++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.ClientCertificates.cs
@@ -115,7 +115,7 @@ await TestHelper.WhenAllCompletedOrAnyFailed(
{
_output.WriteLine(
"Client cert: {0}",
- new X509Certificate2(sslStream.RemoteCertificate.Export(X509ContentType.Cert)).GetNameInfo(X509NameType.SimpleName, false));
+ X509CertificateLoader.LoadCertificate(sslStream.RemoteCertificate.Export(X509ContentType.Cert)).GetNameInfo(X509NameType.SimpleName, false));
Assert.Equal(cert, sslStream.RemoteCertificate);
}
else
@@ -233,7 +233,7 @@ await TestHelper.WhenAllCompletedOrAnyFailed(
_output.WriteLine(
"Client cert: {0}",
- new X509Certificate2(sslStream.RemoteCertificate.Export(X509ContentType.Cert)).GetNameInfo(X509NameType.SimpleName, false));
+ X509CertificateLoader.LoadCertificate(sslStream.RemoteCertificate.Export(X509ContentType.Cert)).GetNameInfo(X509NameType.SimpleName, false));
Assert.Equal(clientCertificate.GetCertHashString(), sslStream.RemoteCertificate.GetCertHashString());
diff --git a/src/libraries/Common/tests/System/Net/Http/TestHelper.cs b/src/libraries/Common/tests/System/Net/Http/TestHelper.cs
index 455f9581df335f..8ff0e437526bac 100644
--- a/src/libraries/Common/tests/System/Net/Http/TestHelper.cs
+++ b/src/libraries/Common/tests/System/Net/Http/TestHelper.cs
@@ -142,7 +142,7 @@ public static X509Certificate2 CreateServerSelfSignedCertificate(string name = "
X509Certificate2 cert = req.CreateSelfSigned(start, end);
if (PlatformDetection.IsWindows)
{
- cert = new X509Certificate2(cert.Export(X509ContentType.Pfx), (string?)null);
+ cert = X509CertificateLoader.LoadPkcs12(cert.Export(X509ContentType.Pfx), (string?)null);
}
return cert;
diff --git a/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateAuthority.cs b/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateAuthority.cs
index beb32116171200..38b9ff44c09230 100644
--- a/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateAuthority.cs
+++ b/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateAuthority.cs
@@ -126,7 +126,7 @@ public void Dispose()
internal X509Certificate2 CloneIssuerCert()
{
- return new X509Certificate2(_cert.RawData);
+ return X509CertificateLoader.LoadCertificate(_cert.RawData);
}
internal void Revoke(X509Certificate2 certificate, DateTimeOffset revocationTime)
diff --git a/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/RevocationResponder.cs b/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/RevocationResponder.cs
index 7e8c6f8a231d28..969314b4a81fcb 100644
--- a/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/RevocationResponder.cs
+++ b/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/RevocationResponder.cs
@@ -340,7 +340,7 @@ private static byte[] GetCertDataForAiaResponseKind(AiaResponseKind kind, Certif
}
else if (kind == AiaResponseKind.Pkcs12)
{
- using X509Certificate2 cert = new X509Certificate2(authority.GetCertData());
+ using X509Certificate2 cert = X509CertificateLoader.LoadCertificate(authority.GetCertData());
return cert.Export(X509ContentType.Pkcs12);
}
else
diff --git a/src/libraries/System.Net.Http.Json/tests/FunctionalTests/System.Net.Http.Json.Functional.Tests.csproj b/src/libraries/System.Net.Http.Json/tests/FunctionalTests/System.Net.Http.Json.Functional.Tests.csproj
index 000966669991ae..63cf0a7b97f8c0 100644
--- a/src/libraries/System.Net.Http.Json/tests/FunctionalTests/System.Net.Http.Json.Functional.Tests.csproj
+++ b/src/libraries/System.Net.Http.Json/tests/FunctionalTests/System.Net.Http.Json.Functional.Tests.csproj
@@ -3,7 +3,6 @@
$(NetCoreAppCurrent);$(NetFrameworkCurrent)
true
- $(NoWarn);SYSLIB0057
@@ -33,6 +32,7 @@
+
diff --git a/src/libraries/System.Net.Http.WinHttpHandler/tests/FunctionalTests/System.Net.Http.WinHttpHandler.Functional.Tests.csproj b/src/libraries/System.Net.Http.WinHttpHandler/tests/FunctionalTests/System.Net.Http.WinHttpHandler.Functional.Tests.csproj
index 7640a70f87b4a6..f25614ada92b3f 100644
--- a/src/libraries/System.Net.Http.WinHttpHandler/tests/FunctionalTests/System.Net.Http.WinHttpHandler.Functional.Tests.csproj
+++ b/src/libraries/System.Net.Http.WinHttpHandler/tests/FunctionalTests/System.Net.Http.WinHttpHandler.Functional.Tests.csproj
@@ -4,7 +4,6 @@
true
$(DefineConstants);WINHTTPHANDLER_TEST
true
- $(NoWarn);SYSLIB0057
+
diff --git a/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/ClientCertificateHelper.cs b/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/ClientCertificateHelper.cs
index d59febe8bca931..542b8fd1bb7a76 100644
--- a/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/ClientCertificateHelper.cs
+++ b/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/ClientCertificateHelper.cs
@@ -11,7 +11,7 @@ namespace System.Net.Http.WinHttpHandlerUnitTests
public class ClientCertificateHelper
{
private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_EKUIncludesClientAuth_PrivateKey =
- new X509Certificate2(
+ X509CertificateLoader.LoadPkcs12(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test dummy certificate.")]
@"MIIKTgIBAzCCCgoGCSqGSIb3DQEHAaCCCfsEggn3MIIJ8zCCBgwGCSqGSIb3DQEHAaCCBf0EggX5
@@ -64,7 +64,7 @@ public class ClientCertificateHelper
"password");
private readonly X509Certificate2 _cert_KeyUsageMissingDigitalSignature_EKUIncludesClientAuth_PrivateKey =
- new X509Certificate2(
+ X509CertificateLoader.LoadPkcs12(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Unit test dummy certificate.")]
@"MIIKTgIBAzCCCgoGCSqGSIb3DQEHAaCCCfsEggn3MIIJ8zCCBgwGCSqGSIb3DQEHAaCCBf0EggX5
@@ -117,7 +117,7 @@ public class ClientCertificateHelper
"password");
private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_EKUMissingClientAuth_PrivateKey =
- new X509Certificate2(
+ X509CertificateLoader.LoadPkcs12(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Dummy certificate for testing.")]
@"MIIKRgIBAzCCCgIGCSqGSIb3DQEHAaCCCfMEggnvMIIJ6zCCBgQGCSqGSIb3DQEHAaCCBfUEggXx
@@ -170,7 +170,7 @@ public class ClientCertificateHelper
"password");
private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_NoEKU_PrivateKey =
- new X509Certificate2(
+ X509CertificateLoader.LoadPkcs12(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Dummy certificate for testing.")]
@"MIIKPgIBAzCCCfoGCSqGSIb3DQEHAaCCCesEggnnMIIJ4zCCBgwGCSqGSIb3DQEHAaCCBf0EggX5
@@ -223,7 +223,7 @@ public class ClientCertificateHelper
"password");
private readonly X509Certificate2 _cert_KeyUsageIncludesDigitalSignature_EKUIncludesClientAuth_NoPrivateKey =
- new X509Certificate2(
+ X509CertificateLoader.LoadCertificate(
Convert.FromBase64String(
// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Suppression approved. Dummy certificate for testing.")]
@"MIIDFjCCAf6gAwIBAgIQTm8+EF94L4FJ0nBFl5LICzANBgkqhkiG9w0BAQsFADAb
diff --git a/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/System.Net.Http.WinHttpHandler.Unit.Tests.csproj b/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/System.Net.Http.WinHttpHandler.Unit.Tests.csproj
index f8b72896871da4..988c1cc1014224 100644
--- a/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/System.Net.Http.WinHttpHandler.Unit.Tests.csproj
+++ b/src/libraries/System.Net.Http.WinHttpHandler/tests/UnitTests/System.Net.Http.WinHttpHandler.Unit.Tests.csproj
@@ -1,6 +1,6 @@
- $(NoWarn);0436;SYSLIB0057
+ $(NoWarn);0436
true
../../src/Resources/Strings.resx
$(NetCoreAppCurrent)-windows
diff --git a/src/libraries/System.Net.Http/tests/FunctionalTests/System.Net.Http.Functional.Tests.csproj b/src/libraries/System.Net.Http/tests/FunctionalTests/System.Net.Http.Functional.Tests.csproj
index 28dd6768061a0c..eb8e53ac574cea 100644
--- a/src/libraries/System.Net.Http/tests/FunctionalTests/System.Net.Http.Functional.Tests.csproj
+++ b/src/libraries/System.Net.Http/tests/FunctionalTests/System.Net.Http.Functional.Tests.csproj
@@ -9,7 +9,6 @@
$(NetCoreAppCurrent)-windows;$(NetCoreAppCurrent)-linux;$(NetCoreAppCurrent)-android;$(NetCoreAppCurrent)-browser;$(NetCoreAppCurrent)-wasi;$(NetCoreAppCurrent)-osx
true
true
- $(NoWarn);SYSLIB0057
diff --git a/src/libraries/System.Net.NetworkInformation/tests/FunctionalTests/System.Net.NetworkInformation.Functional.Tests.csproj b/src/libraries/System.Net.NetworkInformation/tests/FunctionalTests/System.Net.NetworkInformation.Functional.Tests.csproj
index a9608bd8793d38..afefb7a4fdeb67 100644
--- a/src/libraries/System.Net.NetworkInformation/tests/FunctionalTests/System.Net.NetworkInformation.Functional.Tests.csproj
+++ b/src/libraries/System.Net.NetworkInformation/tests/FunctionalTests/System.Net.NetworkInformation.Functional.Tests.csproj
@@ -6,7 +6,6 @@
true
$(DefineConstants);NETWORKINFORMATION_TEST
true
- $(NoWarn);SYSLIB0057
diff --git a/src/libraries/System.Net.Quic/tests/FunctionalTests/System.Net.Quic.Functional.Tests.csproj b/src/libraries/System.Net.Quic/tests/FunctionalTests/System.Net.Quic.Functional.Tests.csproj
index e4b36b9dab61a7..3ac6d417fa09d5 100644
--- a/src/libraries/System.Net.Quic/tests/FunctionalTests/System.Net.Quic.Functional.Tests.csproj
+++ b/src/libraries/System.Net.Quic/tests/FunctionalTests/System.Net.Quic.Functional.Tests.csproj
@@ -5,7 +5,6 @@
$(NetCoreAppCurrent)-windows;$(NetCoreAppCurrent)-linux;$(NetCoreAppCurrent)-osx
true
../../src/Resources/Strings.resx
- $(NoWarn);SYSLIB0057
diff --git a/src/libraries/System.Net.Requests/tests/System.Net.Requests.Tests.csproj b/src/libraries/System.Net.Requests/tests/System.Net.Requests.Tests.csproj
index a1574b47b66267..fa0e6863cd8b95 100644
--- a/src/libraries/System.Net.Requests/tests/System.Net.Requests.Tests.csproj
+++ b/src/libraries/System.Net.Requests/tests/System.Net.Requests.Tests.csproj
@@ -6,7 +6,7 @@
$(DefineConstants);NETSTANDARD
true
- $(NoWarn);SYSLIB0014;SYSLIB0057
+ $(NoWarn);SYSLIB0014
true
true
diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationRemoteServer.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationRemoteServer.cs
index 5a036a73b58693..589ae369c449e0 100644
--- a/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationRemoteServer.cs
+++ b/src/libraries/System.Net.Security/tests/FunctionalTests/CertificateValidationRemoteServer.cs
@@ -242,7 +242,7 @@ private async Task ConnectWithRevocation_WithCallback_Core(
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
- X509Certificate2 temp = new X509Certificate2(serverCert.Export(X509ContentType.Pkcs12));
+ X509Certificate2 temp = X509CertificateLoader.LoadPkcs12(serverCert.Export(X509ContentType.Pkcs12), (string?)null);
serverCert.Dispose();
serverCert = temp;
}
diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamStreamToStreamTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamStreamToStreamTest.cs
index b6b14b9256cfa4..4ff9eb1835ef63 100644
--- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamStreamToStreamTest.cs
+++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamStreamToStreamTest.cs
@@ -65,7 +65,9 @@ public static IEnumerable SslStream_StreamToStream_Authentication_Succ
using (X509Certificate2 clientCert = Configuration.Certificates.GetClientCertificate())
{
yield return new object[] { new X509Certificate2(serverCert), new X509Certificate2(clientCert) };
+#pragma warning disable SYSLIB0057 // Test case is explicitly testing X509Certificate instances.
yield return new object[] { new X509Certificate(serverCert.Export(X509ContentType.Pfx), (string)null), new X509Certificate(clientCert.Export(X509ContentType.Pfx), (string)null) };
+#pragma warning restore SYSLIB0057
}
}
diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/System.Net.Security.Tests.csproj b/src/libraries/System.Net.Security/tests/FunctionalTests/System.Net.Security.Tests.csproj
index 41577cfe2496cb..09e462b3c38e65 100644
--- a/src/libraries/System.Net.Security/tests/FunctionalTests/System.Net.Security.Tests.csproj
+++ b/src/libraries/System.Net.Security/tests/FunctionalTests/System.Net.Security.Tests.csproj
@@ -6,7 +6,6 @@
true
true
true
- $(NoWarn);SYSLIB0057
diff --git a/src/libraries/System.Net.Security/tests/UnitTests/SslAuthenticationOptionsTests.cs b/src/libraries/System.Net.Security/tests/UnitTests/SslAuthenticationOptionsTests.cs
index f1ce91870d8bfc..b7e9d29d9dda98 100644
--- a/src/libraries/System.Net.Security/tests/UnitTests/SslAuthenticationOptionsTests.cs
+++ b/src/libraries/System.Net.Security/tests/UnitTests/SslAuthenticationOptionsTests.cs
@@ -109,7 +109,9 @@ public void ServerCertificate_Get_Set_Succeeds()
_serverOptions.ServerCertificate = null;
Assert.Null(_serverOptions.ServerCertificate);
+#pragma warning disable SYSLIB0057
X509Certificate cert = new X509Certificate2(stackalloc byte[0]);
+#pragma warning restore SYSLIB0057
_serverOptions.ServerCertificate = cert;
Assert.Equal(cert, _serverOptions.ServerCertificate);
diff --git a/src/libraries/System.Net.Security/tests/UnitTests/System.Net.Security.Unit.Tests.csproj b/src/libraries/System.Net.Security/tests/UnitTests/System.Net.Security.Unit.Tests.csproj
index d6a5bc1eb22d57..d35de6d843f3d6 100644
--- a/src/libraries/System.Net.Security/tests/UnitTests/System.Net.Security.Unit.Tests.csproj
+++ b/src/libraries/System.Net.Security/tests/UnitTests/System.Net.Security.Unit.Tests.csproj
@@ -9,7 +9,7 @@
-->
$(NoWarn);436
- $(NoWarn);3021;SYSLIB0057
+ $(NoWarn);3021
$(NetCoreAppCurrent)-windows;$(NetCoreAppCurrent)-unix;$(NetCoreAppCurrent)-browser;$(NetCoreAppCurrent)-osx;$(NetCoreAppCurrent)-ios;$(NetCoreAppCurrent)-android
true
diff --git a/src/libraries/System.Net.WebClient/tests/System.Net.WebClient.Tests.csproj b/src/libraries/System.Net.WebClient/tests/System.Net.WebClient.Tests.csproj
index 73cbbc5ce3135f..e4d983d6e59040 100644
--- a/src/libraries/System.Net.WebClient/tests/System.Net.WebClient.Tests.csproj
+++ b/src/libraries/System.Net.WebClient/tests/System.Net.WebClient.Tests.csproj
@@ -3,7 +3,7 @@
$(NetCoreAppCurrent)
$(DefineConstants);NETSTANDARD
- $(NoWarn);SYSLIB0014;SYSLIB0057
+ $(NoWarn);SYSLIB0014
true
diff --git a/src/libraries/System.Net.WebSockets.Client/tests/System.Net.WebSockets.Client.Tests.csproj b/src/libraries/System.Net.WebSockets.Client/tests/System.Net.WebSockets.Client.Tests.csproj
index af3355cd701c60..e2918a20b555b4 100644
--- a/src/libraries/System.Net.WebSockets.Client/tests/System.Net.WebSockets.Client.Tests.csproj
+++ b/src/libraries/System.Net.WebSockets.Client/tests/System.Net.WebSockets.Client.Tests.csproj
@@ -5,7 +5,6 @@
../src/Resources/Strings.resx
$(NetCoreAppCurrent);$(NetCoreAppCurrent)-browser
$(DefineConstants);NETSTANDARD
- $(NoWarn);SYSLIB0057
diff --git a/src/libraries/System.Net.WebSockets.Client/tests/wasm/System.Net.WebSockets.Client.Wasm.Tests.csproj b/src/libraries/System.Net.WebSockets.Client/tests/wasm/System.Net.WebSockets.Client.Wasm.Tests.csproj
index 9be8ef0fb7c9ab..cd8f38fab54b42 100644
--- a/src/libraries/System.Net.WebSockets.Client/tests/wasm/System.Net.WebSockets.Client.Wasm.Tests.csproj
+++ b/src/libraries/System.Net.WebSockets.Client/tests/wasm/System.Net.WebSockets.Client.Wasm.Tests.csproj
@@ -5,7 +5,6 @@
../../src/Resources/Strings.resx
$(NetCoreAppCurrent)-browser
$(DefineConstants);NETSTANDARD
- $(NoWarn);SYSLIB0057