Remove disallow returning rsa for CA5385.

src/Microsoft.NetCore.Analyzers/Core/Security/UseRSAWithSufficientKeySize.cs

@@ -106,27 +106,6 @@ public override void Initialize(AnalysisContext context)
                     }
                 }, OperationKind.ObjectCreation);
 
-                compilationStartAnalysisContext.RegisterOperationAction(operationAnalysisContext =>
-                {
-                    var returnOperation = (IReturnOperation)operationAnalysisContext.Operation;
-                    var typeSymbol = returnOperation.ReturnedValue?.Type;
-
-                    if (typeSymbol == null)
-                    {
-                        return;
-                    }
-
-                    var baseTypesAndThis = typeSymbol.GetBaseTypesAndThis();
-
-                    if (rsaTypeSymbol != null && baseTypesAndThis.Contains(rsaTypeSymbol))
-                    {
-                        operationAnalysisContext.ReportDiagnostic(
-                            returnOperation.CreateDiagnostic(
-                                Rule,
-                                typeSymbol.Name));
-                    }
-                }, OperationKind.Return);
-
                 compilationStartAnalysisContext.RegisterOperationAction(operationAnalysisContext =>
                 {
                     var invocationOperation = (IInvocationOperation)operationAnalysisContext.Operation;

src/Microsoft.NetCore.Analyzers/UnitTests/Security/UseRSAWithSufficientKeySizeTests.cs

@@ -9,23 +9,24 @@ namespace Microsoft.NetCore.Analyzers.Security.UnitTests
     public class UseRSAWithSufficientKeySizeTests : DiagnosticAnalyzerTestBase
     {
         [Fact]
-        public void TestCreateObjectOfRSADerivedClassWithInt32ParameterDiagnostic()
+        public void Issue2697()
         {
             VerifyCSharp(@"
 using System.Security.Cryptography;
 
 class TestClass
 {
-    public void TestMethod()
+    public RSACryptoServiceProvider TestMethod(string xml)
     {
-        var rsaCng = new RSACng(1024);
+        var rsa = new RSACryptoServiceProvider();
+        rsa.FromXmlString(xml);
+        return rsa;
     }
-}",
-            GetCSharpResultAt(8, 22, UseRSAWithSufficientKeySize.Rule, "RSACng"));
+}");
         }
 
         [Fact]
-        public void TestConstantDiagnostic()
+        public void TestCreateObjectOfRSADerivedClassWithInt32ParameterDiagnostic()
         {
             VerifyCSharp(@"
 using System.Security.Cryptography;
@@ -34,27 +35,27 @@ class TestClass
 {
     public void TestMethod()
     {
-        const int keySize = 1024;
-        var rsaCng = new RSACng(keySize);
+        var rsaCng = new RSACng(1024);
     }
 }",
-            GetCSharpResultAt(9, 22, UseRSAWithSufficientKeySize.Rule, "RSACng"));
+            GetCSharpResultAt(8, 22, UseRSAWithSufficientKeySize.Rule, "RSACng"));
         }
 
         [Fact]
-        public void TestReturnObjectOfRSADerivedClassDiagnostic()
+        public void TestConstantDiagnostic()
         {
             VerifyCSharp(@"
 using System.Security.Cryptography;
 
 class TestClass
 {
-    public RSA TestMethod(RSA rsa)
+    public void TestMethod()
     {
-        return rsa;
+        const int keySize = 1024;
+        var rsaCng = new RSACng(keySize);
     }
 }",
-            GetCSharpResultAt(8, 9, UseRSAWithSufficientKeySize.Rule, "RSA"));
+            GetCSharpResultAt(9, 22, UseRSAWithSufficientKeySize.Rule, "RSACng"));
         }
 
         [Fact]
@@ -285,6 +286,21 @@ public void TestMethod()
             GetCSharpResultAt(9, 28, UseRSAWithSufficientKeySize.Rule, "system.security.cryptography.asymmetricalgorithm"));
         }
 
+        [Fact]
+        public void TestReturnObjectOfRSADerivedClassNoDiagnostic()
+        {
+            VerifyCSharp(@"
+using System.Security.Cryptography;
+
+class TestClass
+{
+    public RSA TestMethod(RSA rsa)
+    {
+        return rsa;
+    }
+}");
+        }
+
         [Fact]
         public void TestCreateObjectOfRSADerivedClassWithInt32ParameterNoDiagnostic()
         {