AspNetCore.Docs/aspnetcore/security/data-protection/extensibility/misc-apis.md

29 lines
1.3 KiB
Markdown
Raw Normal View History

2016-10-29 01:35:15 +08:00
---
title: Miscellaneous ASP.NET Core Data Protection APIs
2016-10-29 01:35:15 +08:00
author: rick-anderson
description: Learn about the ASP.NET Core Data Protection ISecret interface.
2018-01-29 23:21:31 +08:00
ms.author: riande
2016-10-29 01:35:15 +08:00
ms.date: 10/14/2016
uid: security/data-protection/extensibility/misc-apis
---
# Miscellaneous ASP.NET Core Data Protection APIs
2016-10-29 01:35:15 +08:00
2017-10-14 04:50:30 +08:00
<a name="data-protection-extensibility-mics-apis"></a>
2016-10-29 01:35:15 +08:00
>[!WARNING]
> Types that implement any of the following interfaces should be thread-safe for multiple callers.
## ISecret
The `ISecret` interface represents a secret value, such as cryptographic key material. It contains the following API surface:
2016-10-29 01:35:15 +08:00
* `Length`: `int`
2016-10-29 01:35:15 +08:00
* `Dispose()`: `void`
2016-10-29 01:35:15 +08:00
* `WriteSecretIntoBuffer(ArraySegment<byte> buffer)`: `void`
2016-10-29 01:35:15 +08:00
The `WriteSecretIntoBuffer` method populates the supplied buffer with the raw secret value. The reason this API takes the buffer as a parameter rather than returning a `byte[]` directly is that this gives the caller the opportunity to pin the buffer object, limiting secret exposure to the managed garbage collector.
2016-10-29 01:35:15 +08:00
The `Secret` type is a concrete implementation of `ISecret` where the secret value is stored in in-process memory. On Windows platforms, the secret value is encrypted via [CryptProtectMemory](https://msdn.microsoft.com/library/windows/desktop/aa380262(v=vs.85).aspx).