SymmetricAlgorithm.Clear SymmetricAlgorithm.Clear SymmetricAlgorithm.Clear SymmetricAlgorithm.Clear Method


释放 SymmetricAlgorithm 类使用的所有资源。Releases all resources used by the SymmetricAlgorithm class.

 void Clear();
public void Clear ();
member this.Clear : unit -> unit
Public Sub Clear ()


请注意,使用派生类时,从安全角度来看,这并不是足够的,只是在使用完对象后强制进行垃圾回收。Note that when using derived classes, it is not enough, from a security perspective, to simply force a garbage collection after you have finished using the object. 你必须在对象上Clear显式调用方法,以使对象中的所有敏感数据在释放之前都为零。You must explicitly call the Clear method on the object to zero out any sensitive data within the object before it is released. 请注意,垃圾回收不会使收集对象的内容超出零,只需将内存标记为可用于重新分配。Note that garbage collection does not zero out the contents of collected objects but simply marks the memory as available for reallocation. 因此,垃圾回收对象中包含的数据可能仍存在于未分配的内存中的内存堆中。Thus the data contained within a garbage collected object may still be present in the memory heap in unallocated memory. 对于加密对象,这些数据可能包含敏感信息,例如密钥数据或纯文本块。In the case of cryptographic objects, this data could contain sensitive information such as key data or a block of plain text.

包含敏感数据的 .NET Framework 中的所有加密类都实现Clear了一个方法。All cryptographic classes in the .NET Framework that hold sensitive data implement a Clear method. 调用此方法时Clear ,该方法将用零覆盖对象内的所有敏感数据,然后释放该对象,以便可以安全地收集该对象。When called, the Clear method overwrites all sensitive data within the object with zeros and then releases the object so that it can be safely garbage collected. 如果对象已归零并释放,则应该调用Dispose方法, disposing并将参数设置为True ,以释放与该对象关联的所有托管资源和非托管资源。When the object has been zeroed and released, you should then call the Dispose method with the disposing parameter set to True to dispose of all managed and unmanaged resources associated with the object.