问题
The Windows.Security.Cryptography.CryptographicBuffer class contains static methods for converting between strings and an IBuffer-implementing object which can be used by the cryptography functions. Do these objects have special security measures internally, such as preventing paging to disk, encrypting at rest, and/or erasing when the object is freed? If not, is there an alternative?
For the alternatives, C#/.Net for Windows Universal Apps is preferred; C++/CX if necessary.
EDIT: Asking the second part of the question here: Do the IBuffer objects produced by the methods in Windows.Security.Cryptography.CryptographicBuffer have security features?
回答1:
Windows.Security.Cryptography.CryptographicBuffer is only responsible for implementing data management. For other security measures you need to implement yourself.
For example:
1) You may start a background task for encrypting at rest;
2) As about paging to disk, I don't see a way to do so. This is because Metro style apps, different from desktop apps, are usually suspended whenever they are no longer in the foreground. When they’re suspended, they aren’t touching ANY of their memory.
3) As about this function, "erasing when the object is freed", could you explain more about what kind of things you need to erasing?
来源:https://stackoverflow.com/questions/33204614/do-the-ibuffer-objects-produced-by-the-methods-in-windows-security-cryptography