SymmetricAlgorithm.Clear Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Releases all resources used by the SymmetricAlgorithm class.
public:
void Clear();
public void Clear ();
member this.Clear : unit -> unit
Public Sub Clear ()
Remarks
Note that when using derived classes, it is not enough, from a security perspective, to simply force a garbage collection after you have finished using the object. You must explicitly call the Clear method on the object to zero out any sensitive data within the object before it is released. Note that garbage collection does not zero out the contents of collected objects but simply marks the memory as available for reallocation. Thus the data contained within a garbage collected object may still be present in the memory heap in unallocated memory. In the case of cryptographic objects, this data could contain sensitive information such as key data or a block of plain text.
All cryptographic classes in the .NET Framework that hold sensitive data implement a Clear
method. When called, the Clear
method overwrites all sensitive data within the object with zeros and then releases the object so that it can be safely garbage collected. When the object has been zeroed and released, you should then call the Dispose
method with the disposing
parameter set to True
to dispose of all managed and unmanaged resources associated with the object.