securestring

问题 I'm using Rijndael Algorithm to encrypt strings (user passwords), but when I decrypt them, it returns me "System.SecureString", and not my decrypted password. I'm using this basic code: public static string DecryptString(string cipherText, string password) { byte[] key, iv; Rfc2898DeriveBytes rfcDb = new Rfc2898DeriveBytes(password, Encoding.UTF8.GetBytes(password)); key = rfcDb.GetBytes(16); iv = rfcDb.GetBytes(16); byte[] cipheredData = Convert.FromBase64String(cipherText); RijndaelManaged

问题 I'm trying to get a SecureString as plain text parameter to a command line PowerShell. I know what is the form of the secure string. For example, the string "abc" would be a Secure String of "71289371289". Then, I want to pass "71289371289" as a parameter to the script (Running it from command line), that would be my Secure String and then Decrypt it to a clear text to pass it to another program i'm calling from Powershell. How would I do something like this? Update: I ended up using Credfile

问题 When writing a WPF application, the PasswordBox stores the entered password as a SecureString . This totally makes sense. However, I want to send the password via a HTTP API, and the HttpClient PostAsync seems to accept strings for form-encoded data. I am aware that other people have asked related questions, most notably Is SecureString ever practical in a C# application?, but I have not found a satisfactory method to send this SecureString to the Http endpoint, without first converting it to

来源： https://stackoverflow.com/questions/62842903/java-guardedstring-is-the-random-key-used-for-encryption-is-stored-inside-java

来源： https://stackoverflow.com/questions/62842903/java-guardedstring-is-the-random-key-used-for-encryption-is-stored-inside-java

来源： https://stackoverflow.com/questions/62842903/java-guardedstring-is-the-random-key-used-for-encryption-is-stored-inside-java

来源： https://stackoverflow.com/questions/62842903/java-guardedstring-is-the-random-key-used-for-encryption-is-stored-inside-java

来源： https://stackoverflow.com/questions/43796107/convertto-securestring-key-not-valid-for-use-in-specified-state

来源： https://stackoverflow.com/questions/43796107/convertto-securestring-key-not-valid-for-use-in-specified-state

问题 The use case is to protect strings in memory programming in c#. The use of the class SecureString (https://docs.microsoft.com/en-us/dotnet/api/system.security.securestring?view=netframework-4.7.2) is discouraged by Microsoft itself. I was wondering if it could be a valid alternative to: transform the string in a byte array and immediately set the string to null (and eventually call the garbage collector), encrypt the byte array with the class ProtectedMemory. Any suggestion? 回答1: There is no