How to properly convert SecureString to String

最新推荐文章于 2021-06-21 02:00:25 发布
转载 最新推荐文章于 2021-06-21 02:00:25 发布 · 1k 阅读 · 0

本文讨论了.NET Framework中SecureString的正确使用方式,特别是在将其转换为明文字符串时的注意事项。文章提供了两个错误示例,并给出了一种正确的实现方法,通过try/finally块确保分配的内存得到释放。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

It feels like forever since SecureString has been introduced in the .Net Framework and yet I keep seeing it being mishandled, in particular by code that returns or receives passwords in clear text, so in this post I’ll show what you should be looking for when doing code reviews and finding conversions from SecureString to string.

The main idea with SecureString is that you would never store a password or other textual secret in plain text, unencrypted memory – at least not in a System.String instance. Unfortunately, SecureString was introduced in the framework only after plenty of APIs were built and shipped using passwords stored in String, such as System.Net.NetworkCredential, so an application that must use these APIs has no option but to convert SecureStrings to strings.

However, the SecureString class itself doesn’t provide any methods to get back a plain string with its content, exactly to discourage this type of usage. What a developer has to do is use functions from System.Runtime.InteropServices.Marshal to get a native buffer with the plain string, marshal the value into a managed string then – very importantly – free the native buffer.

And this is where I’ve seen people people making mistakes. You can certainly spot the problems in the following functions:

public static string BAD_ConvertToUnsecureString(this SecureString securePassword)
{
    IntPtr unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(securePassword);
    var s = Marshal.PtrToStringUni(unmanagedString);
    Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
    return s;
}

public static string REALLY_BAD_ConvertToUnsecureString(this SecureString securePassword)
{
    IntPtr unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(securePassword);
    return Marshal.PtrToStringUni(unmanagedString);
}

The first one is almost ok, but if an exception happens after the native buffer is allocated then we leak that password. The second one is just plain wrong; the developer completely forgot to free the native buffer, introducing an unconditional leak of that password.

I’ve seen both mistakes being freely cut-and-paste because the original code was embedded in a larger function that was doing multiple things, so the details of the conversion were easy to overlook. Lacking a simple, reusable function leads to that, so don’t let these bugs creep into your project.

The correct implementation is to use a try/finally block to free the native buffer. Here’s an example, using SecureStringToGlobalAllocUnicode and ZeroFreeGlobalAllocUnicode:

public static string ConvertToUnsecureString(this SecureString securePassword)
{
    if (securePassword == null)
        throw new ArgumentNullException("securePassword");

    IntPtr unmanagedString = IntPtr.Zero;
    try
    {
        unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(securePassword);
        return Marshal.PtrToStringUni(unmanagedString);
    }
    finally
    {
        Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
    }
}

Please understand that a little village bursts on fire every time you call such a function, but if you do need it, write it like this, so there’s no excuse for anyone to write that code again.

The extension method syntax makes it easy to call the conversion as if it was part of SecureString itself:

SecureString password = someCodeToGetSecureString();
var credentials = new NetworkCredential(userName, password.ConvertToUnsecureString())

While at it you may want to provide the counterpart that converts a plain String to a SecureString. Following the same pattern as above we’ll have:

public static SecureString ConvertToSecureString(this string password)
{
    if (password == null)
        throw new ArgumentNullException("password");

    unsafe
    {
        fixed (char* passwordChars = password)
        {
            var securePassword = new SecureString(passwordChars, password.Length);
            securePassword.MakeReadOnly();
            return securePassword;
        }
    }
}

The important point here is to mark the secure string as read-only before returning it – it is very unlikely that you’ll need to edit a secure string that was created from an existing string. You’ll also note that in the above example I used unsafe code to initialize the SecureString from its fixed/char* representation, which is about 10x faster than using AppendChar. If you are not allowed to use unsafe code, don’t worry, just write it using AppendChar and it works fine.

I’m not proud to have clear text passwords in my process memory, but we’ll have to live with it until the day somebody updates the framework to use SecureString everywhere, particularly in System.Net.

If you need to learn more about SecureString this post is a great start:http://blogs.msdn.com/shawnfa/archive/2004/05/27/143254.aspx.

Referenced from: http://blogs.msdn.com/b/fpintos/archive/2009/06/12/how-to-properly-convert-securestring-to-string.aspx

Introduction to COM - What It Is and How to Use It.(ZT)
tianyu的专栏 - Linux site:blog.youkuaiyun.com/wishfly
09-20 1939
Purpose of this ArticleI have written this tutorial for programmers who are just starting out in COM and need some help in understanding the basics. The article briefly covers the COM specification,
Model Context Protocol (MCP) 简介
AI天才研究院
05-11 385
Model Context Protocol (MCP) 是一个开放协议,旨在标准化应用程序如何为大型语言模型(LLMs)提供上下文。MCP 类似于 AI 应用的 USB-C 接口,提供了一种标准化的方式,将 AI 模型连接到不同的数据源和工具。MCP 的核心架构采用客户端-服务器模式,主机应用程序可以连接到多个服务器,访问本地和远程数据源。MCP 提供了预构建的集成、灵活的 LLM 供应商切换以及数据安全的最佳实践。开发者可以根据需求选择快速入门指南,构建自己的服务器或客户端,或使用预构建的服务器。MCP
SecureString赋值,和String类型转换
bydxyj的专栏
03-06 9544
例如想将字符串“123456”赋给SecureString类型,可采用以下两种方法:(以下两种方法其实是一样的,只是一个没有用循环,一个用了循环)1、SecureString password=new SecureString();     password.AppendChar(1);     password.AppendChar(2);     password.Ap
编写高质量代码改善C#程序的157个建议——建议118:使用SecureString保存密钥等机密字符串...
weixin_30457881的博客
08-22 232
建议118:使用SecureString保存密钥等机密字符串 托管代码中的字符串是一类特殊的对象,它们不可用被改变。每次使用System.String类张的方法之一时,或者使用此类型进行运算时(如赋值、拼接等),都要在内存中创建新的字符串对象,也就是为该新对象分配新的空间。这就带来了两个问题: 原来的字符串是不是还在内存当中? 如果在内存当中,那么机密数据(如密码)该如何保存才足够安全?...
securitystringstring的互相转换
orichisonic的专栏
06-14 5792
/// /// Demonstrate how to convert SecureString into String /// static String SecureStringToString(SecureString value) { IntPtr bstr = Marshal.Secu
StringSecureString
michaellfd的专栏
05-12 1757
using System.Security;private static SecureString ToSecureString(string sourceString) { if (string.IsNullOrWhiteSpace(sourceString)) return null; else
Powershell将string转化为SecureString
weixin_33788244的博客
10-08 956
例如,将“A123456”转化为SecurestringPSC:\WINDOWS\system32>$seString=ConvertTo-SecureString-String"A123456"-AsPlainText-Force PSC:\WINDOWS\system32>$seStr System.Security.SecureString ...
word convert to html,How to Convert HTML to Word
weixin_39536010的博客
06-21 200
Why Use C#/VB.NET to Convert HTML to Word?Save HTML file content into Word document can be very easy only through copy and paste. Or users can right click on the html document and then choose edit. It...
java json to string,Java String to JSON转换
weixin_39540271的博客
02-12 194
i am getting data from restful api in String variable now i want to convert to JSON object but i am having problem while conversion it throws exception .Here is my code :URL url = new URL("SOME URL");...
12C ORA-错误汇总17 NZE-43000 to ORA-56974
ugghhj的博客
11-11 1558
12C ORA-错误汇总17 NZE-43000 to ORA-56974
Data Integrity Constraints and Index Optimization in MySQL with Python: Key to Improving Database ...
# Python and MySQL: Data Integrity Constraints and Index Optimization for Enhanced Database Performance ## 1. Concepts and Functions of Data Integrity Constraints Data integrity constraints are ...
SPM How-tos SPM预处理及统计分析指南
weixin_34041003的博客
01-10 2543
Source: SPM How-tos NOTE: The manual is detailed but too long to edit. Just pasted here for further consulting. This web-page contains excerpts from the SPM user-group's burster. SPM users around th...
继续SecureString
weixin_30412577的博客
12-05 181
上回写了关于SecureString的特征和为什么我们要使用它,这篇继续研究研究这个SecureString。 **主要内容:** - SecureStringString之间的转换 - SecureString的基本操作 - 如何销毁一个String? ##SecureStringString之间的转换 ###SecureString --> String的转换...
系统管理员常用的Powershell命令
weixin_33862514的博客
11-04 632
上周豆子参加了微软Teched 2014 Sydney的2天会议。这个会议包括了50多个讲座,包括了开发,架构,移动3个大的方向。其中一个300级别的讲座介绍了一些系统管理常用的命令。这些命令,豆子绝大部分都很熟悉,这里再温故知新一下。作为一个系统管理员,一般都对长篇大论的脚本,各种参数,循环,判断语句,输入输出等等是敬而远之的~但是短小精悍的命令行语句还是可以试试的。开始之前,先说两个最最基本的...
收集整理 OCR 相关数据集并统一标注格式以满足实验需求
08-18
资源下载链接为: https://pan.quark.cn/s/630d0ad9e234 收集整理 OCR 相关数据集并统一标注格式以满足实验需求(最新、最全版本!打开链接下载即可用!)
【多变量时间序列预测】项目介绍 MATLAB实现基于CSA-Transformer 跨尺度注意力机制(CSA)结合 Transformer 编码器进行多变量时间序列预测的详细项目实例(含模型描述及部分
08-18
内容概要:本文档详细介绍了一个基于MATLAB实现的跨尺度注意力机制(CSA)结合Transformer编码器的多变量时间序列预测项目。项目旨在精准捕捉多尺度时间序列特征,提升多变量时间序列的预测性能,降低模型计算复杂度与训练时间,增强模型的解释性和可视化能力。通过跨尺度注意力机制,模型可以同时捕获局部细节和全局趋势,显著提升预测精度和泛化能力。文档还探讨了项目面临的挑战,如多尺度特征融合、多变量复杂依赖关系、计算资源瓶颈等问题,并提出了相应的解决方案。此外,项目模型架构包括跨尺度注意力机制模块、Transformer编码器层和输出预测层,文档最后提供了部分MATLAB代码示例。 适合人群:具备一定编程基础,尤其是熟悉MATLAB和深度学习的科研人员、工程师和研究生。 使用场景及目标:①需要处理多变量、多尺度时间序列数据的研究和应用场景,如金融市场分析、气象预测、工业设备监控、交通流量预测等;②希望深入了解跨尺度注意力机制和Transformer编码器在时间序列预测中的应用;③希望通过MATLAB实现高效的多变量时间序列预测模型,提升预测精度和模型解释性。 其他说明:此项目不仅提供了一种新的技术路径来处理复杂的时间序列数据,还推动了多领域多变量时间序列应用的创新。文档中的代码示例和详细的模型描述有助于读者快速理解和复现该项目,促进学术和技术交流。建议读者在实践中结合自己的数据集进行调试和优化,以达到最佳的预测效果。
rubygem-mongo-doc-2.5.1-2.module_el8.3.0+571+bab7c6bc.tar.gz
08-18
# 适用操作系统:Centos8 #Step1、解压 tar -zxvf xxx.el8.tar.gz #Step2、进入解压后的目录,执行安装 sudo rpm -ivh *.rpm
前端监控 SDK:收集上报代码报错、性能数据、页面录屏、用户行为、白屏检测及个性化指标数据
最新发布
08-18
资源下载链接为: https://pan.quark.cn/s/051efea6017a 前端监控 SDK:收集上报代码报错、性能数据、页面录屏、用户行为、白屏检测及个性化指标数据(最新、最全版本!打开链接下载即可用!)
【Python开发】IntelliJ IDEA配置Python开发环境与调试技巧:环境搭建、调试方法及规范模板设置指南
08-18
内容概要:本文档详细介绍了在IntelliJ IDEA中配置Python开发环境的方法,包括安装Python插件、配置Python解释器和创建Python项目。调试技巧方面,涵盖基础调试方法如设置行断点、进入调试模式,高级断点类型如方法断点、条件断点和异常断点,以及使用快捷键控制执行流程和查看变量状态。规范模板设置部分讲解了文件头模板配置,提供了一个示例模板内容,并给出了PEP8规范建议,如缩进使用4个空格、每行代码不超过79个字符等。最后,实用技巧部分介绍了虚拟环境管理、依赖安装和代码辅助等功能。; 适合人群:使用IntelliJ IDEA进行Python开发的初学者或有一定经验的开发者。; 使用场景及目标:①帮助开发者快速搭建Python开发环境;②掌握多种调试技巧,提高开发效率;③遵循PEP8规范,编写高质量代码;④利用实用技巧简化开发流程,如管理虚拟环境、安装依赖和代码导航。; 阅读建议:在阅读过程中,建议读者结合自身开发需求,重点关注环境配置、调试技巧和代码规范部分,并动手实践相关操作,以加深理解和应用。
Implement the classic method for composing secret messages called a square code. Given an English text, output the encoded version of that text. First, the input is normalized: the spaces and punctuation are removed from the English text and the message is down-cased. Then, the normalized characters are broken into rows. These rows can be regarded as forming a rectangle when printed with intervening newlines. For example, the sentence ```text "If man was meant to stay on the ground, god would have given us roots." ``` is normalized to: ```text "ifmanwasmeanttostayonthegroundgodwouldhavegivenusroots" ``` The plaintext should be organized into a rectangle as square as possible. The size of the rectangle should be decided by the length of the message. If `c` is the number of columns and `r` is the number of rows, then for the rectangle `r` x `c` find the smallest possible integer `c` such that: - `r * c >= length of message`, - and `c >= r`, - and `c - r <= 1`. Our normalized text is 54 characters long, dictating a rectangle with `c = 8` and `r = 7`: ```text "ifmanwas" "meanttos" "tayonthe" "groundgo" "dwouldha" "vegivenu" "sroots " ``` The coded message is obtained by reading down the columns going left to right. The message above is coded as: ```text "imtgdvsfearwermayoogoanouuiontnnlvtwttddesaohghnsseoau" ``` Output the encoded text in chunks that fill perfect rectangles `(r X c)`, with `c` chunks of `r` length, separated by spaces. For phrases that are `n` characters short of the perfect rectangle, pad each of the last `n` chunks with a single trailing space. ```text "imtgdvs fearwer mayoogo anouuio ntnnlvt wttddes aohghn sseoau " ``` 上述为题目要求,请用C语言实现,函数声明如下: char *ciphertext(const char *input)
08-13
- Remove all non-alphanumeric characters and convert the string to lowercase. - Calculate the number of rows and columns required to fit the normalized string into a rectangular grid. The number of ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值