C# SecureString Question

后端未结

关注

 6  1513

忘掉有多难 2020-11-29 00:58

Is there any way to get the value of a SecureString without comprising security? For example, in the code below as soon as you do PtrToStringBSTR the string is no longer sec

6条回答

没有蜡笔的小新 (楼主)

2020-11-29 02:00
Use Marshal.ZeroFreeBSTR:

EDIT: Yes, creating a new String will create a copy, so you will lose control over cleanup of the contents. You can access the char[] by casting the pointer returned by IntPtr.ToPointer() in an unsafe context:
```
IntPtr ptr = Marshal.SecureStringToBSTR(str);
unsafe
{
    char *cp = (char*)ptr.ToPointer();
    //access char[] through cp
}

Marshal.ZeroFreeBSTR(ptr);
```
0 讨论(0)

查看其它6个回答
发布评论:

提交评论
- 加载中...