SYSLIB0007: Default implementations of cryptography algorithms not supported

The cryptographic configuration system in .NET Framework doesn't allow for proper cryptographic agility and isn't present in .NET Core and .NET 5+. .NET's backward-compatibility requirements also prohibit the framework from updating certain cryptographic APIs to keep up with advances in cryptography. As a result, the following APIs are marked obsolete, starting in .NET 5. Use of these APIs generates warning SYSLIB0007 at compile time and a PlatformNotSupportedException at run time.

Workarounds

  • The recommended course of action is to replace calls to the now-obsolete APIs with calls to factory methods for specific algorithms, for example, Aes.Create(). This gives you full control over which algorithms are instantiated.

  • If you need to maintain compatibility with existing payloads generated by .NET Framework apps that use the now-obsolete APIs, use the replacements suggested in the following table. The table provides a mapping from .NET Framework default algorithms to their .NET 5+ equivalents.

    .NET Framework .NET Core / .NET 5+ compatible replacement Remarks
    AsymmetricAlgorithm.Create() RSA.Create()
    HashAlgorithm.Create() SHA1.Create() The SHA-1 algorithm is considered broken. Consider using a stronger algorithm if possible. Consult your security advisor for further guidance.
    HMAC.Create() HMACSHA1() The HMACSHA1 algorithm is discouraged for most modern applications. Consider using a stronger algorithm if possible. Consult your security advisor for further guidance.
    KeyedHashAlgorithm.Create() HMACSHA1() The HMACSHA1 algorithm is discouraged for most modern applications. Consider using a stronger algorithm if possible. Consult your security advisor for further guidance.
    SymmetricAlgorithm.Create() Aes.Create()

Suppress a warning

If you must use the obsolete APIs, you can suppress the warning in code or in your project file.

To suppress only a single violation, add preprocessor directives to your source file to disable and then re-enable the warning.

// Disable the warning.
#pragma warning disable SYSLIB0007

// Code that uses obsolete API.
// ...

// Re-enable the warning.
#pragma warning restore SYSLIB0007

To suppress all the SYSLIB0007 warnings in your project, add a <NoWarn> property to your project file.

<Project Sdk="Microsoft.NET.Sdk">
  <PropertyGroup>
   ...
   <NoWarn>$(NoWarn);SYSLIB0007</NoWarn>
  </PropertyGroup>
</Project>

For more information, see Suppress warnings.

See also