Miscellaneous ASP.NET Core Data Protection APIs
Types that implement any of the following interfaces should be thread-safe for multiple callers.
ISecret interface represents a secret value, such as cryptographic key material. It contains the following API surface:
WriteSecretIntoBuffer method populates the supplied buffer with the raw secret value. The reason this API takes the buffer as a parameter rather than returning a
byte directly is that this gives the caller the opportunity to pin the buffer object, limiting secret exposure to the managed garbage collector.
Secret type is a concrete implementation of
ISecret where the secret value is stored in in-process memory. On Windows platforms, the secret value is encrypted via CryptProtectMemory.