[Breaking change]: Rfc2898DeriveBytes constructors are obsolete in .NET 10

[vcsjones]

Description

Starting in .NET 10, all of the constructors on Rfc2898DeriveBytes are obsolete.

Version

.NET 10 Preview 1

Previous behavior

The Rfc2898DeriveBytes had constructors that were not obsolete, or obsolete under a different diagnostic ID.

New behavior

The Rfc2898DeriveBytes constructors are obsolete with SYSLIB0060 diagnostic ID and message

The constructors on Rfc2898DeriveBytes are obsolete. Use the static Pbkdf2 method instead.

Type of breaking change

• Binary incompatible: Existing binaries might encounter a breaking change in behavior, such as failure to load or execute, and if so, require recompilation.
• Source incompatible: When recompiled using the new SDK or component or to target the new runtime, existing source code might require source changes to compile successfully.
• Behavioral change: Existing binaries might behave differently at run time.

Reason for change

The instance-based implementation of PBKDF2, which Rfc2898DeriveBytes provides, offers a non-standard usage by "streaming" bytes back by allowing successive calls to GetBytes. This is not the intended use of PBKDF2, the algorithm should be used as a one-shot. The one-shot functionality exists as the static method Rfc2898DeriveBytes.Pbkdf2 and should be used instead of instantiating Rfc2898DeriveBytes.

Recommended action

Change instances of Rfc2898DeriveBytes and calls to GetBytes to use the Pkbdf2 one-shot static method instead.

For example, change:

using System.Security.Cryptography;

Rfc2898DeriveBytes kdf = new Rfc2898DeriveBytes(password, salt, iterations, hashAlgorithm);
byte[] derivedKey = kdf.GetBytes(64);

to

byte[] derivedKey = Rfc2898DeriveBytes.Pbkdf2(password, salt, iterations, hashAlgorithm, 64);

Feature area

Cryptography

Affected APIs

• M:System.Security.Cryptography.Rfc2898DeriveBytes.#ctor (all overloads)

---

Associated WorkItem - 367789