securestring

How do I write the contents of a SecureString to the Response stream?

时光毁灭记忆、已成空白 提交于 2019-12-13 17:24:00
问题 In an Asp.net MVC 5 application I have a SecureString being passed into my view via the model. I would now like to write the contents of that SecureString to the Response stream without having to convert it to a string first. How can I achieve this? 回答1: This is the HtmlHelper extension I have come up with. I am sure it can be improved, but it achieves my goal of writing a SecureString to the Response stream without it ever being represented as a string. public static class

ConvertTo-SecureString without -AsPlainText -Force

浪子不回头ぞ 提交于 2019-12-12 12:17:03
问题 The PSScriptAnalyzer has a PSAvoidUsingConvertToSecureStringWithPlainText warning. Meaning that using the following code will fail. $password = [System.Web.Security.Membership]::GeneratePassword(128,0) $securePassword = ConvertTo-SecureString -String $password -AsPlainText -Force $configCredential = New-Object System.Management.Automation.PSCredential ($username,$securePassword) However there is very little (/none) guidance on how convert a regular string into a secure string without the

Oracle DB and SecureString

纵然是瞬间 提交于 2019-12-12 03:16:47
问题 I am currently storing the user password in a SecureString . Which is also kept around in case the connection to the DB resets. My problem is, I'm trying to pass this password to an OracleParamater , but I'm not sure if it supports it or not. Does Oracle's Oracle.DataAccess dll support SecureString or BStr ? Since If I have to convert it to a string then that would kinda defeat the purpose of SecureString . --- EDIT I know that SecureString is about reducing the attack surface by keeping as

How do I login to a XEN session from a C# program using a secure string password?

喜你入骨 提交于 2019-12-11 10:57:54
问题 I'm using PowerShell 5.1, Visual Studio 2017, C# , and XenServer SDK 7.1.1. Using Get-Credentials and Export-CliXml in a PowerShell program, I've saved my pool master server login credentials for the root user to an XML credentials file (xml_creds.xml) Now, I want to create and login to a session using C# (see code below). As you can see, I'm forced to convert my secure string to a plain text string to satisfy the signature for the Xen .NET API's login_with_password method. Using the API, how

Burning in memory System.String

独自空忆成欢 提交于 2019-12-11 08:23:01
问题 I am trying to remove any traces of a normal string from memory, to do so I am creating an instance of SecureString from a reference of the normal string. Like so: public static unsafe void Burn(this string input) { fixed (char* c = input) { var secure = new SecureString(c, input.Length); secure.Dispose(); } } The problem is that even after calling the dispose method the contents of input are non-changed. From my understanding the SecureString instance should reference the input address and

How to use SecureStringToBSTR in .net standard? (convert SecureString to IntPtr)

天涯浪子 提交于 2019-12-11 06:19:56
问题 I would like to convert a SecureString to an IntPtr. Until now, in .net 4.7 I was using this way: try { IntPtr bstr1 = IntPtr.Zero; bstr1 = Marshal.SecureStringToBSTR(ss1); } finally { if (bstr2 != IntPtr.Zero) Marshal.ZeroFreeBSTR(bstr2); if (bstr1 != IntPtr.Zero) Marshal.ZeroFreeBSTR(bstr1); } But I am trying to convert this project to .net standard 1.6, but the method is not available in Marshal type. So I would like to know how to convert the SecureString to IntPtr in .net standard.

xamarin securestring equivalent in PCL

不打扰是莪最后的温柔 提交于 2019-12-11 03:18:00
问题 SecureString is not friendly with PCL.I Know this problem can be worked around using dependency injection But I don't want to do that instead I would like to use something in PCL that would be equivalent to SecureString. But so far I am not able to find any other class or framework. 回答1: System.Security.* is mostly not present in any Portable Class Library profile. You might be able to find this in some of the higher versions of .NET Standard, which provide a much bigger subset of .NET. You

How to use secureObject or securestring returned from a linked ARM template

天涯浪子 提交于 2019-12-10 23:45:36
问题 How do I use the value of a returned securestring or secureObject that is returned from a linked ARM template? For example, one child linked template named CreateStorage creates an Azure storage account creates blob containers on that account creates a SAS key for the container returns the SAS key in the templates outputs section. e.g. returning SAS in the templates outputs: "outputs": { "createdContainerSas": { "type": "string", "value": "[concat('https://', variables('storageAccountName'),

using securestring for a sql connection

一曲冷凌霜 提交于 2019-12-10 03:48:45
问题 I want to use a SecureString to hold a connection string for a database. But as soon as I set the SqlConnection object's ConnectionString property to the value of the securestring surely it will become visible to any other application that is able to read my application's memory? I have made the following assumptions: a) I am not able to instantiate a SqlConnection object outside of managed memory b) any string within managed memory can be read by an application such as Hawkeye 回答1: Your

securely convert encrypted standard string to securestring

丶灬走出姿态 提交于 2019-12-08 20:14:30
I have an encrypted standard string, created in powershell via "convertfrom-securestring" and saved to a file. Later, I read this encrypted string with a C# app (under same user ID and on same machine). I want to convert this encrypted string into a securestring object. In powershell, one can do this using "convertto-securestring". How can one do this securely in c#? I am aware of this answer ( How can I use ConvertTo-SecureString ), but it assumes the encrypted string has been created with a known key . This is different from the case where the encrypted string has been created with no key
订阅 securestring