Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
954 lines (834 sloc) 62.7 KB
<Type Name="SecureString" FullName="System.Security.SecureString">
<TypeSignature Language="C#" Value="public sealed class SecureString : IDisposable" />
<TypeSignature Language="ILAsm" Value=".class public auto ansi sealed SecureString extends System.Object implements class System.IDisposable" />
<TypeSignature Language="DocId" Value="T:System.Security.SecureString" />
<TypeSignature Language="VB.NET" Value="Public NotInheritable Class SecureString&#xA;Implements IDisposable" />
<TypeSignature Language="C++ CLI" Value="public ref class SecureString sealed : IDisposable" />
<TypeSignature Language="F#" Value="type SecureString = class&#xA; interface IDisposable" />
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Base>
<BaseTypeName>System.Object</BaseTypeName>
</Base>
<Interfaces>
<Interface>
<InterfaceName>System.IDisposable</InterfaceName>
</Interface>
</Interfaces>
<Docs>
<summary>Represents text that should be kept confidential, such as by deleting it from computer memory when no longer needed. This class cannot be inherited.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
> [!IMPORTANT]
> We don't recommend that you use the `SecureString` class for new development. For more information, see [SecureString shouldn't be used](https://github.com/dotnet/platform-compat/blob/master/docs/DE0001.md) on GitHub.
<xref:System.Security.SecureString> is a string type that provides a measure of security. It tries to avoid storing potentially sensitive strings in process memory as plain text. (For limitations, however, see the [How secure is SecureString?](#HowSecure) section.) The value of an instance of <xref:System.Security.SecureString> is automatically protected using a mechanism supported by the underlying platform when the instance is initialized or when the value is modified. Your application can render the instance immutable and prevent further modification by invoking the <xref:System.Security.SecureString.MakeReadOnly%2A> method.
The maximum length of a <xref:System.Security.SecureString> instance is 65,536 characters.
> [!IMPORTANT]
> This type implements the <xref:System.IDisposable> interface. When you have finished using an instance of the type, you should dispose of it either directly or indirectly. To dispose of the type directly, call its <xref:System.IDisposable.Dispose%2A> method in a `try`/`catch` block. To dispose of it indirectly, use a language construct such as `using` (in C#) or `Using` (in Visual Basic). For more information, see the "Using an Object that Implements IDisposable" section in the <xref:System.IDisposable> interface topic.
The <xref:System.Security.SecureString> class and its members are not visible to COM. For more information, see <xref:System.Runtime.InteropServices.ComVisibleAttribute>.
In this section:
[String vs. SecureString](#vsString)
[SecureString operations](#Ops)
[SecureString and interop](#interop)
[How secure is SecureString?](#HowSecure)
<a name="vsString"></a>
## String versus SecureString
An instance of the <xref:System.String?displayProperty=nameWithType> class is both immutable and, when no longer needed, cannot be programmatically scheduled for garbage collection; that is, the instance is read-only after it is created, and it is not possible to predict when the instance will be deleted from computer memory. Because <xref:System.String?displayProperty=nameWithType> instances are immutable, operations that appear to modify an existing instance actually create a copy of it to manipulate. Consequently, if a <xref:System.String> object contains sensitive information such as a password, credit card number, or personal data, there is a risk the information could be revealed after it is used because your application cannot delete the data from computer memory.
A <xref:System.Security.SecureString> object is similar to a <xref:System.String> object in that it has a text value. However, the value of a <xref:System.Security.SecureString> object is pinned in memory, may use a protection mechanism, such as encryption, provided by the underlying operating system, can be modified until your application marks it as read-only, and can be deleted from computer memory either by your application calling the <xref:System.Security.SecureString.Dispose%2A> method or by the .NET Framework garbage collector.
For a discussion of the limitations of the <xref:System.Security.SecureString> class, see the [How secure is SecureString?](#HowSecure) section.
[Back to top](#top)
<a name="Ops"></a>
## SecureString operations
The <xref:System.Security.SecureString> class includes members that allow you to do the following:
Instantiate a <xref:System.Security.SecureString> object
You instantiate a <xref:System.Security.SecureString> object by calling its parameterless constructor.
Add characters to a <xref:System.Security.SecureString> object
You can add a single character at a time to a <xref:System.Security.SecureString> object by calling its <xref:System.Security.SecureString.AppendChar%2A> or <xref:System.Security.SecureString.InsertAt%2A> method.
> [!IMPORTANT]
> A <xref:System.Security.SecureString> object should never be constructed from a <xref:System.String>, because the sensitive data is already subject to the memory persistence consequences of the immutable <xref:System.String> class. The best way to construct a <xref:System.Security.SecureString> object is from a character-at-a-time unmanaged source, such as the <xref:System.Console.ReadKey%2A?displayProperty=nameWithType> method.
Remove characters from a <xref:System.Security.SecureString> object
You can replace an individual character by calling the <xref:System.Security.SecureString.SetAt%2A> method, remove an individual character by calling the <xref:System.Security.SecureString.RemoveAt%2A> method, or remove all characters from the <xref:System.Security.SecureString> instance by calling the <xref:System.Security.SecureString.Clear%2A> method.
Make the <xref:System.Security.SecureString> object read-only
Once you have defined the string that the <xref:System.Security.SecureString> object represents, you call its <xref:System.Security.SecureString.MakeReadOnly%2A> method to make the string read-only.
Get information about the <xref:System.Security.SecureString> object
The <xref:System.Security.SecureString> class has only two members that provide information about the string: its <xref:System.Security.SecureString.Length%2A> property, which indicates the number of UTF16-encoded code units in the string; and the <xref:System.Security.SecureString.IsReadOnly%2A>, method, which indicates whether the instance is read-only.
Release the memory allocated to the <xref:System.Security.SecureString> instance
Because <xref:System.Security.SecureString> implements the <xref:System.IDisposable> interface, you release its memory by calling the <xref:System.Security.SecureString.Dispose%2A> method.
The <xref:System.Security.SecureString> class has no members that inspect, compare, or convert the value of a <xref:System.Security.SecureString>. The absence of such members helps protect the value of the instance from accidental or malicious exposure. Use appropriate members of the <xref:System.Runtime.InteropServices.Marshal?displayProperty=nameWithType> class, such as the <xref:System.Runtime.InteropServices.Marshal.SecureStringToBSTR%2A> method, to manipulate the value of a <xref:System.Security.SecureString> object.
The .NET Framework Class Library commonly uses <xref:System.Security.SecureString> instances in the following ways:
- To provide password information to a process by using the <xref:System.Diagnostics.ProcessStartInfo> structure or by calling an overload of the <xref:System.Diagnostics.Process.Start%2A?displayProperty=nameWithType> method that has a parameter of type <xref:System.Security.SecureString>.
- To provide network password information by calling a <xref:System.Net.NetworkCredential> class constructor that has a parameter of type <xref:System.Security.SecureString> or by using the <xref:System.Net.NetworkCredential.SecurePassword%2A?displayProperty=nameWithType> property.
- To provide password information for SQL Server Authentication by calling the <xref:System.Data.SqlClient.SqlCredential.%23ctor%2A?displayProperty=nameWithType> constructor or retrieving the value of the <xref:System.Data.SqlClient.SqlCredential.Password%2A?displayProperty=nameWithType> property.
- To pass a string to unmanaged code. For more information, see the [SecureString and interop](#interop) section.
[Back to top](#top)
<a name="interop"></a>
## SecureString and interop
Because the operating system does not directly support <xref:System.Security.SecureString>, you must convert the value of the <xref:System.Security.SecureString> object to the required string type before passing the string to a native method. The <xref:System.Runtime.InteropServices.Marshal> class has five methods that do this:
- <xref:System.Runtime.InteropServices.Marshal.SecureStringToBSTR%2A?displayProperty=nameWithType>, which converts the <xref:System.Security.SecureString> string value to a binary string (BSTR) recognized by COM.
- <xref:System.Runtime.InteropServices.Marshal.SecureStringToCoTaskMemAnsi%2A?displayProperty=nameWithType> and <xref:System.Runtime.InteropServices.Marshal.SecureStringToGlobalAllocAnsi%2A?displayProperty=nameWithType>, which copy the <xref:System.Security.SecureString> string value to an ANSI string in unmanaged memory.
- <xref:System.Runtime.InteropServices.Marshal.SecureStringToCoTaskMemUnicode%2A?displayProperty=nameWithType> and <xref:System.Runtime.InteropServices.Marshal.SecureStringToCoTaskMemUnicode%2A?displayProperty=nameWithType>, which copy the <xref:System.Security.SecureString> string value to a Unicode string in unmanaged memory.
Each of these methods creates a clear-text string in unmanaged memory. It is the responsibility of the developer to zero out and free that memory as soon as it is no longer needed. Each of the string conversion and memory allocation methods has a corresponding method to zero out and free the allocated memory:
|Allocation and conversion method|Zero and free method|
|--------------------------------------|--------------------------|
|<xref:System.Runtime.InteropServices.Marshal.SecureStringToBSTR%2A?displayProperty=nameWithType>|<xref:System.Runtime.InteropServices.Marshal.ZeroFreeBSTR%2A?displayProperty=nameWithType>|
|<xref:System.Runtime.InteropServices.Marshal.SecureStringToCoTaskMemAnsi%2A?displayProperty=nameWithType>|<xref:System.Runtime.InteropServices.Marshal.ZeroFreeCoTaskMemAnsi%2A?displayProperty=nameWithType>|
|<xref:System.Runtime.InteropServices.Marshal.SecureStringToCoTaskMemUnicode%2A?displayProperty=nameWithType>|<xref:System.Runtime.InteropServices.Marshal.ZeroFreeCoTaskMemUnicode%2A?displayProperty=nameWithType>|
|<xref:System.Runtime.InteropServices.Marshal.SecureStringToGlobalAllocAnsi%2A?displayProperty=nameWithType>|<xref:System.Runtime.InteropServices.Marshal.ZeroFreeGlobalAllocAnsi%2A?displayProperty=nameWithType>|
|<xref:System.Runtime.InteropServices.Marshal.SecureStringToCoTaskMemUnicode%2A?displayProperty=nameWithType>|<xref:System.Runtime.InteropServices.Marshal.ZeroFreeGlobalAllocUnicode%2A?displayProperty=nameWithType>|
[Back to top](#top)
<a name="HowSecure"></a>
## How secure is SecureString?
When created properly, a <xref:System.Security.SecureString> instance provides more data protection than a <xref:System.String>. When creating a string from a character-at-a-time source, <xref:System.String> creates multiple intermediate in memory, whereas <xref:System.Security.SecureString> creates just a single instance. Garbage collection of <xref:System.String> objects is non-deterministic. In addition, because its memory is not pinned, the garbage collector will make additional copies of <xref:System.String> values when moving and compacting memory. In contrast, the memory allocated to a <xref:System.Security.SecureString> object is pinned, and that memory can be freed by calling the <xref:System.Security.SecureString.Dispose%2A> method.
Although data stored in a <xref:System.Security.SecureString> instance is more secure than data stored in a <xref:System.String> instance, there are significant limitations on how secure a <xref:System.Security.SecureString> instance is. These include:
Platform
On the Windows operating system, the contents of a <xref:System.Security.SecureString> instance's internal character array are encrypted. However, whether because of missing APIs or key management issues, encryption is not available on all platforms. Because of this platform dependency, <xref:System.Security.SecureString> does not encrypt the internal storage on non-Windows platform. Other techniques are used on those platforms to provide additional protection.
Duration
Even if the <xref:System.Security.SecureString> implementation is able to take advantage of encryption, the plain text assigned to the <xref:System.Security.SecureString> instance may be exposed at various times:
- Because Windows doesn't offer a secure string implementation at the operating system level, the .NET Framework still has to convert the secure string value to its plain text representation in order to use it.
- Whenever the value of the secure string is modified by methods such as <xref:System.Security.SecureString.AppendChar%2A> or <xref:System.Security.SecureString.RemoveAt%2A>, it must be decrypted (that is, converted back to plain text), modified, and then encrypted again.
- If the secure string is used in an interop call, it must be converted to an ANSI string, a Unicode string, or a binary string (BSTR). For more information, see the [SecureString and interop](#interop) section.
The time interval for which the <xref:System.Security.SecureString> instance's value is exposed is merely shortened in comparison to the <xref:System.String> class.
Storage versus usage
More generally, the <xref:System.Security.SecureString> class defines a storage mechanism for string values that should be protected or kept confidential. However, outside of the .NET Framework itself, no usage mechanism supports <xref:System.Security.SecureString>. This means that the secure string must be converted to a usable form (typically a clear text form) that can be recognized by its target, and that decryption and conversion must occur in user space.
Overall, <xref:System.Security.SecureString> is more secure than <xref:System.String> because it limits the exposure of sensitive string data. However, those strings may still be exposed to any process or operation that has access to raw memory, such as a malicious process running on the host computer, a process dump, or a user-viewable swap file. Instead of using <xref:System.Security.SecureString> to protect passwords, the recommended alternative is to use an opaque handle to credentials that are stored outside of the process.
[Back to top](#top)
## Examples
The following example demonstrates how to use a <xref:System.Security.SecureString> to secure a user's password for use as a credential to start a new process.
[!code-csharp[System.Security.SecureString.Ctor#4](~/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.SecureString.Ctor/cs/ctor4.cs#4)]
[!code-vb[System.Security.SecureString.Ctor#4](~/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.SecureString.Ctor/vb/ctor4.vb#4)]
]]></format>
</remarks>
<altmember cref="T:System.Runtime.InteropServices.ComVisibleAttribute" />
<altmember cref="T:System.Runtime.InteropServices.Marshal" />
<altmember cref="T:System.Runtime.ConstrainedExecution.CriticalFinalizerObject" />
<altmember cref="T:System.IDisposable" />
</Docs>
<Members>
<MemberGroup MemberName=".ctor">
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<Docs>
<summary>Initializes a new instance of the <see cref="T:System.Security.SecureString" /> class.</summary>
</Docs>
</MemberGroup>
<Member MemberName=".ctor">
<MemberSignature Language="C#" Value="public SecureString ();" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor() cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.#ctor" />
<MemberSignature Language="VB.NET" Value="Public Sub New ()" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; SecureString();" />
<MemberType>Constructor</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<Parameters />
<Docs>
<summary>Initializes a new instance of the <see cref="T:System.Security.SecureString" /> class.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Examples
The following example uses the default (or parameterless) constructor to instantiate a new <xref:System.Security.SecureString> object. It then calls the <xref:System.Security.SecureString.AppendChar%2A> method to add an array of characters to it.
[!code-cpp[System.Security.SecureString.Ctor#2](~/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.SecureString.Ctor/cpp/Ctor2.cpp#2)]
[!code-csharp[System.Security.SecureString.Ctor#2](~/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.SecureString.Ctor/cs/Ctor2.cs#2)]
[!code-vb[System.Security.SecureString.Ctor#2](~/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.SecureString.Ctor/vb/ctor2.vb#2)]
The following example creates a <xref:System.Security.SecureString> object from the value of a <xref:System.String> object.
[!code-cpp[System.Security.SecureString.Ctor#3](~/samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.SecureString.Ctor/cpp/Ctor3.cpp#3)]
[!code-csharp[System.Security.SecureString.Ctor#3](~/samples/snippets/csharp/VS_Snippets_CLR_System/system.Security.SecureString.Ctor/cs/Ctor3.cs#3)]
[!code-vb[System.Security.SecureString.Ctor#3](~/samples/snippets/visualbasic/VS_Snippets_CLR_System/system.Security.SecureString.Ctor/vb/Ctor3.vb#3)]
]]></format>
</remarks>
<exception cref="T:System.Security.Cryptography.CryptographicException">An error occurred while protecting or unprotecting the value of this instance.</exception>
<exception cref="T:System.NotSupportedException">This operation is not supported on this platform.</exception>
</Docs>
</Member>
<Member MemberName=".ctor">
<MemberSignature Language="C#" Value="public SecureString (char* value, int length);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor(char* value, int32 length) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.#ctor(System.Char*,System.Int32)" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; SecureString(char* value, int length);" />
<MemberSignature Language="F#" Value="new System.Security.SecureString : nativeptr&lt;char&gt; * int -&gt; System.Security.SecureString" Usage="new System.Security.SecureString (value, length)" />
<MemberType>Constructor</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netcore-1.0;netcore-1.1;netcore-2.0;netcore-2.1;netframework-2.0;netframework-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netstandard-2.0;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0;netframework-4.8;netcore-2.2;netcore-3.0;netstandard-2.1">
<AttributeName>System.CLSCompliant(false)</AttributeName>
</Attribute>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecurityCritical</AttributeName>
</Attribute>
</Attributes>
<Parameters>
<Parameter Name="value" Type="System.Char*" />
<Parameter Name="length" Type="System.Int32" />
</Parameters>
<Docs>
<param name="value">A pointer to an array of <see cref="T:System.Char" /> objects.</param>
<param name="length">The number of elements of <paramref name="value" /> to include in the new instance.</param>
<summary>Initializes a new instance of the <see cref="T:System.Security.SecureString" /> class from a subarray of <see cref="T:System.Char" /> objects.
This constructor is not CLS-compliant. The CLS-compliant alternative is <see cref="M:System.Security.SecureString.#ctor" />.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
This constructor initializes the new <xref:System.Security.SecureString> object to the number of characters in `value` specified by `length`; the value of the instance is then encrypted.
In C#, this constructor is defined only in the context of unsafe code.
## Examples
The following example instantiates a new <xref:System.Security.SecureString> object by passing its constructor a pointer to a character array.
[!code-cpp[System.Security.SecureString.Ctor2#1](~/samples/snippets/cpp/VS_Snippets_CLR_System/system.security.securestring.ctor2/cpp/ctor1.cpp#1)]
[!code-csharp[System.Security.SecureString.Ctor2#1](~/samples/snippets/csharp/VS_Snippets_CLR_System/system.security.securestring.ctor2/cs/ctor1.cs#1)]
]]></format>
</remarks>
<exception cref="T:System.ArgumentNullException">
<paramref name="value" /> is <see langword="null" />.</exception>
<exception cref="T:System.ArgumentOutOfRangeException">
<paramref name="length" /> is less than zero or greater than 65,536.</exception>
<exception cref="T:System.Security.Cryptography.CryptographicException">An error occurred while protecting or unprotecting the value of this secure string.</exception>
<exception cref="T:System.NotSupportedException">This operation is not supported on this platform.</exception>
<permission cref="T:System.Security.SecurityCriticalAttribute">requires full trust for the immediate caller. This member cannot be used by partially trusted or transparent code.</permission>
</Docs>
</Member>
<Member MemberName="AppendChar">
<MemberSignature Language="C#" Value="public void AppendChar (char c);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig instance void AppendChar(char c) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.AppendChar(System.Char)" />
<MemberSignature Language="VB.NET" Value="Public Sub AppendChar (c As Char)" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; void AppendChar(char c);" />
<MemberSignature Language="F#" Value="member this.AppendChar : char -&gt; unit" Usage="secureString.AppendChar c" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netstandard-2.0;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0;netframework-4.8;netstandard-2.1">
<AttributeName>System.Runtime.ExceptionServices.HandleProcessCorruptedStateExceptions</AttributeName>
</Attribute>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="c" Type="System.Char" />
</Parameters>
<Docs>
<param name="c">A character to append to this secure string.</param>
<summary>Appends a character to the end of the current secure string.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
If the implementation uses a protection mechanism, such as encryption, the value of this secure string, if any, is unprotected; `c` is appended; then the new value of the secure string is re-protected.
## Examples
The following example demonstrates how the <xref:System.Security.SecureString.AppendChar%2A>, <xref:System.Security.SecureString.InsertAt%2A>, <xref:System.Security.SecureString.RemoveAt%2A>, <xref:System.Security.SecureString.SetAt%2A>, and <xref:System.Security.SecureString.Clear%2A> methods affect the value of a <xref:System.Security.SecureString> object.
[!code-cpp[SecureString.xAt#1](~/samples/snippets/cpp/VS_Snippets_CLR/SecureString.xAt/CPP/SecureString.xAt.cpp#1)]
[!code-csharp[SecureString.xAt#1](~/samples/snippets/csharp/VS_Snippets_CLR/SecureString.xAt/CS/xat.cs#1)]
[!code-vb[SecureString.xAt#1](~/samples/snippets/visualbasic/VS_Snippets_CLR/SecureString.xAt/VB/xat.vb#1)]
The following example demonstrates how the <xref:System.Security.SecureString.AppendChar%2A> and <xref:System.Security.SecureString.RemoveAt%2A> methods can be used to collect the characters in a password.
[!code-cpp[SecureString.xChar#1](~/samples/snippets/cpp/VS_Snippets_CLR/SecureString.xChar/CPP/SecureString.xChar.cpp#1)]
[!code-csharp[SecureString.xChar#1](~/samples/snippets/csharp/VS_Snippets_CLR/SecureString.xChar/CS/xchar.cs#1)]
[!code-vb[SecureString.xChar#1](~/samples/snippets/visualbasic/VS_Snippets_CLR/SecureString.xChar/VB/xchar.vb#1)]
]]></format>
</remarks>
<exception cref="T:System.ObjectDisposedException">This secure string has already been disposed.</exception>
<exception cref="T:System.InvalidOperationException">This secure string is read-only.</exception>
<exception cref="T:System.ArgumentOutOfRangeException">Performing this operation would make the length of this secure string greater than 65,536 characters.</exception>
<exception cref="T:System.Security.Cryptography.CryptographicException">An error occurred while protecting or unprotecting the value of this secure string.</exception>
</Docs>
</Member>
<Member MemberName="Clear">
<MemberSignature Language="C#" Value="public void Clear ();" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig instance void Clear() cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.Clear" />
<MemberSignature Language="VB.NET" Value="Public Sub Clear ()" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; void Clear();" />
<MemberSignature Language="F#" Value="member this.Clear : unit -&gt; unit" Usage="secureString.Clear " />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters />
<Docs>
<summary>Deletes the value of the current secure string.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
The computer memory that contains the value of this secure string is zeroed, then the length of the value of this secure string is set to zero.
## Examples
The following example demonstrates how the <xref:System.Security.SecureString.AppendChar%2A>, <xref:System.Security.SecureString.InsertAt%2A>, <xref:System.Security.SecureString.RemoveAt%2A>, <xref:System.Security.SecureString.SetAt%2A>, and <xref:System.Security.SecureString.Clear%2A> methods affect the value of a <xref:System.Security.SecureString> object.
[!code-cpp[SecureString.xAt#1](~/samples/snippets/cpp/VS_Snippets_CLR/SecureString.xAt/CPP/SecureString.xAt.cpp#1)]
[!code-csharp[SecureString.xAt#1](~/samples/snippets/csharp/VS_Snippets_CLR/SecureString.xAt/CS/xat.cs#1)]
[!code-vb[SecureString.xAt#1](~/samples/snippets/visualbasic/VS_Snippets_CLR/SecureString.xAt/VB/xat.vb#1)]
]]></format>
</remarks>
<exception cref="T:System.ObjectDisposedException">This secure string has already been disposed.</exception>
<exception cref="T:System.InvalidOperationException">This secure string is read-only.</exception>
<altmember cref="P:System.Security.SecureString.Length" />
</Docs>
</Member>
<Member MemberName="Copy">
<MemberSignature Language="C#" Value="public System.Security.SecureString Copy ();" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig instance class System.Security.SecureString Copy() cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.Copy" />
<MemberSignature Language="VB.NET" Value="Public Function Copy () As SecureString" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; System::Security::SecureString ^ Copy();" />
<MemberSignature Language="F#" Value="member this.Copy : unit -&gt; System.Security.SecureString" Usage="secureString.Copy " />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Security.SecureString</ReturnType>
</ReturnValue>
<Parameters />
<Docs>
<summary>Creates a copy of the current secure string.</summary>
<returns>A duplicate of this secure string.</returns>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
If an instance of a <xref:System.Security.SecureString> is marked read-only, the copy of that instance will not be read-only.
]]></format>
</remarks>
<exception cref="T:System.ObjectDisposedException">This secure string has already been disposed.</exception>
<exception cref="T:System.Security.Cryptography.CryptographicException">An error occurred while protecting or unprotecting the value of this secure string.</exception>
<altmember cref="M:System.Security.SecureString.MakeReadOnly" />
<altmember cref="M:System.Security.SecureString.IsReadOnly" />
</Docs>
</Member>
<Member MemberName="Dispose">
<MemberSignature Language="C#" Value="public void Dispose ();" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig newslot virtual instance void Dispose() cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.Dispose" />
<MemberSignature Language="VB.NET" Value="Public Sub Dispose ()" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; virtual void Dispose();" />
<MemberSignature Language="F#" Value="abstract member Dispose : unit -&gt; unit&#xA;override this.Dispose : unit -&gt; unit" Usage="secureString.Dispose " />
<MemberType>Method</MemberType>
<Implements>
<InterfaceMember>M:System.IDisposable.Dispose</InterfaceMember>
</Implements>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters />
<Docs>
<summary>Releases all resources used by the current <see cref="T:System.Security.SecureString" /> object.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
The <xref:System.Security.SecureString.Dispose%2A> method writes binary zeroes to the allocated memory that contains the value of this <xref:System.Security.SecureString> object, then frees the allocated memory.
For more information, see [Garbage Collection](~/docs/standard/garbage-collection/index.md).
]]></format>
</remarks>
</Docs>
</Member>
<Member MemberName="InsertAt">
<MemberSignature Language="C#" Value="public void InsertAt (int index, char c);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig instance void InsertAt(int32 index, char c) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.InsertAt(System.Int32,System.Char)" />
<MemberSignature Language="VB.NET" Value="Public Sub InsertAt (index As Integer, c As Char)" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; void InsertAt(int index, char c);" />
<MemberSignature Language="F#" Value="member this.InsertAt : int * char -&gt; unit" Usage="secureString.InsertAt (index, c)" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netstandard-2.0;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0;netframework-4.8;netstandard-2.1">
<AttributeName>System.Runtime.ExceptionServices.HandleProcessCorruptedStateExceptions</AttributeName>
</Attribute>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="index" Type="System.Int32" />
<Parameter Name="c" Type="System.Char" />
</Parameters>
<Docs>
<param name="index">The index position where parameter <paramref name="c" /> is inserted.</param>
<param name="c">The character to insert.</param>
<summary>Inserts a character in this secure string at the specified index position.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
The index is zero-based; the first character in this secure string is at index position zero.
If the implementation uses a protection mechanism, such as encryption, the value of the secure string, if any, is unprotected; `c` is inserted at the specified index position; then the new value is re-protected. The <xref:System.Security.SecureString.InsertAt%2A> method yields the same results as the <xref:System.Security.SecureString.AppendChar%2A> method, which inserts a character at the end of a secure string, if the `index` parameter of <xref:System.Security.SecureString.InsertAt%2A> is set to the length of this instance.
## Examples
The following example demonstrates how the <xref:System.Security.SecureString.AppendChar%2A>, <xref:System.Security.SecureString.InsertAt%2A>, <xref:System.Security.SecureString.RemoveAt%2A>, <xref:System.Security.SecureString.SetAt%2A>, and <xref:System.Security.SecureString.Clear%2A> methods affect the value of a <xref:System.Security.SecureString> object.
[!code-cpp[SecureString.xAt#1](~/samples/snippets/cpp/VS_Snippets_CLR/SecureString.xAt/CPP/SecureString.xAt.cpp#1)]
[!code-csharp[SecureString.xAt#1](~/samples/snippets/csharp/VS_Snippets_CLR/SecureString.xAt/CS/xat.cs#1)]
[!code-vb[SecureString.xAt#1](~/samples/snippets/visualbasic/VS_Snippets_CLR/SecureString.xAt/VB/xat.vb#1)]
]]></format>
</remarks>
<exception cref="T:System.ObjectDisposedException">This secure string has already been disposed.</exception>
<exception cref="T:System.InvalidOperationException">This secure string is read-only.</exception>
<exception cref="T:System.ArgumentOutOfRangeException">
<paramref name="index" /> is less than zero, or greater than the length of this secure string.
-or-
Performing this operation would make the length of this secure string greater than 65,536 characters.</exception>
<exception cref="T:System.Security.Cryptography.CryptographicException">An error occurred while protecting or unprotecting the value of this secure string.</exception>
</Docs>
</Member>
<Member MemberName="IsReadOnly">
<MemberSignature Language="C#" Value="public bool IsReadOnly ();" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig instance bool IsReadOnly() cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.IsReadOnly" />
<MemberSignature Language="VB.NET" Value="Public Function IsReadOnly () As Boolean" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; bool IsReadOnly();" />
<MemberSignature Language="F#" Value="member this.IsReadOnly : unit -&gt; bool" Usage="secureString.IsReadOnly " />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Boolean</ReturnType>
</ReturnValue>
<Parameters />
<Docs>
<summary>Indicates whether this secure string is marked read-only.</summary>
<returns>
<see langword="true" /> if this secure string is marked read-only; otherwise, <see langword="false" />.</returns>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
After an instance of <xref:System.Security.SecureString> is marked read-only by the <xref:System.Security.SecureString.MakeReadOnly%2A> method, any attempt to modify the value of the instance throws an <xref:System.InvalidOperationException>. Use the <xref:System.Security.SecureString.IsReadOnly%2A> method to test whether a <xref:System.Security.SecureString> is read-only before attempting to modify it.
]]></format>
</remarks>
<exception cref="T:System.ObjectDisposedException">This secure string has already been disposed.</exception>
<altmember cref="M:System.Security.SecureString.MakeReadOnly" />
</Docs>
</Member>
<Member MemberName="Length">
<MemberSignature Language="C#" Value="public int Length { get; }" />
<MemberSignature Language="ILAsm" Value=".property instance int32 Length" />
<MemberSignature Language="DocId" Value="P:System.Security.SecureString.Length" />
<MemberSignature Language="VB.NET" Value="Public ReadOnly Property Length As Integer" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; property int Length { int get(); };" />
<MemberSignature Language="F#" Value="member this.Length : int" Usage="System.Security.SecureString.Length" />
<MemberType>Property</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>get: System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Int32</ReturnType>
</ReturnValue>
<Docs>
<summary>Gets the number of characters in the current secure string.</summary>
<value>The number of <see cref="T:System.Char" /> objects in this secure string.</value>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
The <xref:System.Security.SecureString.Length%2A> property returns the number of <xref:System.Char> objects in this instance, not the number of Unicode characters. A Unicode character might be represented by more than one <xref:System.Char> object.
The maximum length of a <xref:System.Security.SecureString> instance is 65,536 characters.
]]></format>
</remarks>
<exception cref="T:System.ObjectDisposedException">This secure string has already been disposed.</exception>
</Docs>
</Member>
<Member MemberName="MakeReadOnly">
<MemberSignature Language="C#" Value="public void MakeReadOnly ();" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig instance void MakeReadOnly() cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.MakeReadOnly" />
<MemberSignature Language="VB.NET" Value="Public Sub MakeReadOnly ()" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; void MakeReadOnly();" />
<MemberSignature Language="F#" Value="member this.MakeReadOnly : unit -&gt; unit" Usage="secureString.MakeReadOnly " />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters />
<Docs>
<summary>Makes the text value of this secure string read-only.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
Initialize the text value of an instance of the <xref:System.Security.SecureString> class with the <xref:System.Security.SecureString.%23ctor%2A> constructors, and modify the value with the <xref:System.Security.SecureString.Clear%2A>, <xref:System.Security.SecureString.RemoveAt%2A>, <xref:System.Security.SecureString.SetAt%2A>, <xref:System.Security.SecureString.InsertAt%2A>, and <xref:System.Security.SecureString.AppendChar%2A> methods.
After you have made your final modifications, use the <xref:System.Security.SecureString.MakeReadOnly%2A> method to make the value of the instance immutable (read-only). After the value is marked as read-only, any further attempt to modify it throws an <xref:System.InvalidOperationException>.
The effect of invoking <xref:System.Security.SecureString.MakeReadOnly%2A> is permanent because the <xref:System.Security.SecureString> class provides no means to make the secure string modifiable again. Use the <xref:System.Security.SecureString.IsReadOnly%2A> method to test whether an instance of <xref:System.Security.SecureString> is read-only.
## Examples
The following example demonstrates how the <xref:System.Security.SecureString.AppendChar%2A> and <xref:System.Security.SecureString.RemoveAt%2A> methods can be used to collect the characters in a password. After the password is collected, it is made read-only.
[!code-cpp[SecureString.xChar#1](~/samples/snippets/cpp/VS_Snippets_CLR/SecureString.xChar/CPP/SecureString.xChar.cpp#1)]
[!code-csharp[SecureString.xChar#1](~/samples/snippets/csharp/VS_Snippets_CLR/SecureString.xChar/CS/xchar.cs#1)]
[!code-vb[SecureString.xChar#1](~/samples/snippets/visualbasic/VS_Snippets_CLR/SecureString.xChar/VB/xchar.vb#1)]
]]></format>
</remarks>
<exception cref="T:System.ObjectDisposedException">This secure string has already been disposed.</exception>
<altmember cref="M:System.Security.SecureString.IsReadOnly" />
</Docs>
</Member>
<Member MemberName="RemoveAt">
<MemberSignature Language="C#" Value="public void RemoveAt (int index);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig instance void RemoveAt(int32 index) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.RemoveAt(System.Int32)" />
<MemberSignature Language="VB.NET" Value="Public Sub RemoveAt (index As Integer)" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; void RemoveAt(int index);" />
<MemberSignature Language="F#" Value="member this.RemoveAt : int -&gt; unit" Usage="secureString.RemoveAt index" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netstandard-2.0;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0;netframework-4.8;netstandard-2.1">
<AttributeName>System.Runtime.ExceptionServices.HandleProcessCorruptedStateExceptions</AttributeName>
</Attribute>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="index" Type="System.Int32" />
</Parameters>
<Docs>
<param name="index">The index position of a character in this secure string.</param>
<summary>Removes the character at the specified index position from this secure string.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
The index is zero-based; the first character in this instance is at index position zero.
If the implementation uses a protection mechanism, such as encryption, the value of this secure string, if any, is unprotected; the character at the specified index position is removed; then the new value is re-protected.
## Examples
The following example demonstrates how the <xref:System.Security.SecureString.AppendChar%2A>, <xref:System.Security.SecureString.InsertAt%2A>, <xref:System.Security.SecureString.RemoveAt%2A>, <xref:System.Security.SecureString.SetAt%2A>, and <xref:System.Security.SecureString.Clear%2A> methods affect the value of a <xref:System.Security.SecureString> object.
[!code-cpp[SecureString.xAt#1](~/samples/snippets/cpp/VS_Snippets_CLR/SecureString.xAt/CPP/SecureString.xAt.cpp#1)]
[!code-csharp[SecureString.xAt#1](~/samples/snippets/csharp/VS_Snippets_CLR/SecureString.xAt/CS/xat.cs#1)]
[!code-vb[SecureString.xAt#1](~/samples/snippets/visualbasic/VS_Snippets_CLR/SecureString.xAt/VB/xat.vb#1)]
The following example demonstrates how the <xref:System.Security.SecureString.AppendChar%2A> and <xref:System.Security.SecureString.RemoveAt%2A> methods can be used to collect the characters in a password.
[!code-cpp[SecureString.xChar#1](~/samples/snippets/cpp/VS_Snippets_CLR/SecureString.xChar/CPP/SecureString.xChar.cpp#1)]
[!code-csharp[SecureString.xChar#1](~/samples/snippets/csharp/VS_Snippets_CLR/SecureString.xChar/CS/xchar.cs#1)]
[!code-vb[SecureString.xChar#1](~/samples/snippets/visualbasic/VS_Snippets_CLR/SecureString.xChar/VB/xchar.vb#1)]
]]></format>
</remarks>
<exception cref="T:System.ObjectDisposedException">This secure string has already been disposed.</exception>
<exception cref="T:System.InvalidOperationException">This secure string is read-only.</exception>
<exception cref="T:System.ArgumentOutOfRangeException">
<paramref name="index" /> is less than zero, or greater than or equal to the length of this secure string.</exception>
<exception cref="T:System.Security.Cryptography.CryptographicException">An error occurred while protecting or unprotecting the value of this secure string.</exception>
</Docs>
</Member>
<Member MemberName="SetAt">
<MemberSignature Language="C#" Value="public void SetAt (int index, char c);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig instance void SetAt(int32 index, char c) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Security.SecureString.SetAt(System.Int32,System.Char)" />
<MemberSignature Language="VB.NET" Value="Public Sub SetAt (index As Integer, c As Char)" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; void SetAt(int index, char c);" />
<MemberSignature Language="F#" Value="member this.SetAt : int * char -&gt; unit" Usage="secureString.SetAt (index, c)" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Security.SecureString</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>mscorlib</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Runtime.InteropServices</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netstandard-2.0;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0;netframework-4.8;netstandard-2.1">
<AttributeName>System.Runtime.ExceptionServices.HandleProcessCorruptedStateExceptions</AttributeName>
</Attribute>
<Attribute FrameworkAlternate="netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8">
<AttributeName>System.Security.SecuritySafeCritical</AttributeName>
</Attribute>
</Attributes>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="index" Type="System.Int32" />
<Parameter Name="c" Type="System.Char" />
</Parameters>
<Docs>
<param name="index">The index position of an existing character in this secure string</param>
<param name="c">A character that replaces the existing character.</param>
<summary>Replaces the existing character at the specified index position with another character.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
The index is zero-based; the first character in this instance is at index position zero.
If the implementation uses a protection mechanism, such as encryption, the value of the secure string, if any, is unprotected; `c` is assigned to the specified index position; then the new value is re-protected.
## Examples
The following example demonstrates how the <xref:System.Security.SecureString.AppendChar%2A>, <xref:System.Security.SecureString.InsertAt%2A>, <xref:System.Security.SecureString.RemoveAt%2A>, <xref:System.Security.SecureString.SetAt%2A>, and <xref:System.Security.SecureString.Clear%2A> methods affect the value of a <xref:System.Security.SecureString> object.
[!code-cpp[SecureString.xAt#1](~/samples/snippets/cpp/VS_Snippets_CLR/SecureString.xAt/CPP/SecureString.xAt.cpp#1)]
[!code-csharp[SecureString.xAt#1](~/samples/snippets/csharp/VS_Snippets_CLR/SecureString.xAt/CS/xat.cs#1)]
[!code-vb[SecureString.xAt#1](~/samples/snippets/visualbasic/VS_Snippets_CLR/SecureString.xAt/VB/xat.vb#1)]
]]></format>
</remarks>
<exception cref="T:System.ObjectDisposedException">This secure string has already been disposed.</exception>
<exception cref="T:System.InvalidOperationException">This secure string is read-only.</exception>
<exception cref="T:System.ArgumentOutOfRangeException">
<paramref name="index" /> is less than zero, or greater than or equal to the length of this secure string.</exception>
<exception cref="T:System.Security.Cryptography.CryptographicException">An error occurred while protecting or unprotecting the value of this secure string.</exception>
</Docs>
</Member>
</Members>
</Type>
You can’t perform that action at this time.