AspNetCore.Docs/docs/security/data-protection/consumer-apis/overview.rst

51 lines
3.9 KiB
ReStructuredText

Consumer APIs Overview
======================
The IDataProtectionProvider and IDataProtector interfaces are the basic interfaces through which consumers use the data protection system. They are located in the Microsoft.AspNet.DataProtection.Interfaces package.
IDataProtectionProvider
-----------------------
The provider interface represents the root of the data protection system. It cannot directly be used to protect or unprotect data. Instead, the consumer must get a reference to an IDataProtector by calling IDataProtectionProvider.CreateProtector(purpose), where purpose is a string that describes the intended consumer use case. See :doc:`purpose-strings` for much more information on the intent of this parameter and how to choose an appropriate value.
IDataProtector
--------------
The protector interface is returned by a call to CreateProtector, and it is this interface which consumers can use to perform protect and unprotect operations.
To protect a piece of data, pass the data to the Protect method. The basic interface defines a method which converts byte[] -> byte[], but there is also an overload (provided as an extension method) which converts string -> string. The security offered by the two methods is identical; the developer should choose whichever overload is most convenient for his use case. Irrespective of the overload chosen, the value returned by the Protect method is now protected (enciphered and tamper-proofed), and the application can send it to an untrusted client.
To unprotect a previously-protected piece of data, pass the protected data to the Unprotect method. (There are byte[]-based and string-based overloads for developer convenience.) If the protected payload was generated by an earlier call to Protect on this same IDataProtector, the Unprotect method will return the original unprotected payload. If the protected payload has been tampered with or was produced by a different IDataProtector, the Unprotect method will throw CryptographicException.
The concept of same vs. different IDataProtector ties back to the concept of purpose. If two IDataProtector instances were generated from the same root IDataProtectionProvider but via different purpose strings in the call to IDataProtectionProvider.CreateProtector, then they are considered :doc:`different protectors <purpose-strings>`, and one will not be able to unprotect payloads generated by the other.
Consuming these interfaces
--------------------------
For a DI-aware component, the intended usage is that the component take an IDataProtectionProvider parameter in its constructor and that the DI system automatically provides this service when the component is instantiated.
.. note::
Some applications (such as console applications or ASP.NET 4.x applications) might not be DI-aware so cannot use the mechanism described here. For these scenarios consult the :doc:`../configuration/non-di-scenarios` document for more information on getting an instance of an IDataProtection provider without going through DI.
The following sample demonstrates three concepts:
#. :doc:`Adding the data protection system <../configuration/overview>` to the service container,
#. Using DI to receive an instance of an IDataProtectionProvider, and
#. Creating an IDataProtector from an IDataProtectionProvider and using it to protect and unprotect data.
.. literalinclude:: ../using-data-protection/samples/protectunprotect.cs
:language: c#
:emphasize-lines: 26,34-40
:linenos:
The package Microsoft.AspNet.DataProtection.Interfaces contains an extension method IServiceProvider.GetDataProtector as a developer convenience. It encapsulates as a single operation both retrieving an IDataProtectionProvider from the service provider and calling IDataProtectionProvider.CreateProtector. The following sample demonstrates its usage.
.. literalinclude:: overview/samples/getdataprotector.cs
:language: c#
:emphasize-lines: 15
:linenos:
.. include:: ../thread-safety-included.txt