From 5c694ced12b02cfe04a9bc1940b230fdb274fe3d Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 17 Apr 2026 21:26:18 +0000
Subject: [PATCH 1/3] Initial plan
From 026561c33a37885929cce4279a2a228249c47f99 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 17 Apr 2026 21:51:19 +0000
Subject: [PATCH 2/3] Throw CryptographicException instead of
NullReferenceException when URI is missing in ExtractIdFromLocalUri
Agent-Logs-Url: https://github.com/dotnet/runtime/sessions/b257b674-5bad-4736-8f43-34bef56534e6
Co-authored-by: vcsjones <361677+vcsjones@users.noreply.github.com>
---
.../System/Security/Cryptography/Xml/Utils.cs | 5 ++++-
.../tests/EncryptedXmlTests.cs | 18 ++++++++++++++++++
2 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/src/libraries/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/Utils.cs b/src/libraries/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/Utils.cs
index da9365a47836e4..9cae83b813411e 100644
--- a/src/libraries/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/Utils.cs
+++ b/src/libraries/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/Utils.cs
@@ -329,7 +329,10 @@ internal static string GetIdFromLocalUri(string uri, out bool discardComments)
internal static string ExtractIdFromLocalUri(string? uri)
{
- string idref = uri!.Substring(1);
+ if (string.IsNullOrEmpty(uri))
+ throw new CryptographicException(SR.Cryptography_Xml_UriRequired);
+
+ string idref = uri.Substring(1);
// Deal with XPointer of type #xpointer(id("ID")). Other XPointer support isn't handled here and is anyway optional
if (idref.StartsWith("xpointer(id(", StringComparison.Ordinal))
diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTests.cs b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTests.cs
index 72d8ea732b7bd9..9f02d04e8b2775 100644
--- a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTests.cs
+++ b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTests.cs
@@ -1410,6 +1410,24 @@ public static void EncryptedKey_LoadXml_WithAllElements()
Assert.Equal(1, encKey.ReferenceList.Count);
}
+ [Fact]
+ public static void DecryptDocument_RetrievalMethodWithoutUri_ThrowsCryptographicException()
+ {
+ const string xml =
+ "" +
+ "" +
+ "" +
+ "" +
+ "" +
+ "AA==" +
+ "" +
+ "";
+
+ var doc = new XmlDocument { XmlResolver = null };
+ doc.LoadXml(xml);
+ Assert.Throws(() => new EncryptedXml(doc).DecryptDocument());
+ }
+
#if NET
[Fact]
public static void EncryptedXml_RecursiveKey_Default()
From f5c65bfa30d46f4a6ddeead6293dfe87bee90e95 Mon Sep 17 00:00:00 2001
From: Kevin Jones
Date: Mon, 20 Apr 2026 16:42:40 -0400
Subject: [PATCH 3/3] Skip test on .NET Framework
---
.../System.Security.Cryptography.Xml/tests/EncryptedXmlTests.cs | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTests.cs b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTests.cs
index 9f02d04e8b2775..f9b3d021c44bdc 100644
--- a/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTests.cs
+++ b/src/libraries/System.Security.Cryptography.Xml/tests/EncryptedXmlTests.cs
@@ -1411,6 +1411,7 @@ public static void EncryptedKey_LoadXml_WithAllElements()
}
[Fact]
+ [SkipOnTargetFramework(TargetFrameworkMonikers.NetFramework, "Throws NullReferenceException on .NET Framework")]
public static void DecryptDocument_RetrievalMethodWithoutUri_ThrowsCryptographicException()
{
const string xml =