How to convert String
to SecureString
?
14 Answers
You don't. The whole reason for using the SecureString object is to avoid creating a string object (which is loaded into memory and kept there in plaintext until garbage collection). However, you can add characters to a SecureString by appending them.
var s = new SecureString();
s.AppendChar('d');
s.AppendChar('u');
s.AppendChar('m');
s.AppendChar('b');
s.AppendChar('p');
s.AppendChar('a');
s.AppendChar('s');
s.AppendChar('s');
s.AppendChar('w');
s.AppendChar('d');
There is also another way to convert between SecureString
and String
.
1. String to SecureString
SecureString theSecureString = new NetworkCredential("", "myPass").SecurePassword;
2. SecureString to String
string theString = new NetworkCredential("", theSecureString).Password;
Here is the link
below method helps to convert string to secure string
private SecureString ConvertToSecureString(string password)
{
if (password == null)
throw new ArgumentNullException("password");
var securePassword = new SecureString();
foreach (char c in password)
securePassword.AppendChar(c);
securePassword.MakeReadOnly();
return securePassword;
}
I'll throw this out there. Why?
You can't just change all your strings to secure strings and suddenly your application is "secure". Secure string is designed to keep the string encrypted for as long as possible, and only decrypted for a very short period of time, wiping the memory after an operation has been performed upon it.
I would hazard saying that you may have some design level issues to deal with before worrying about securing your application strings. Give us some more information on what your trying to do and we may be able to help better.
I just want to point out to all the people saying, "That's not the point of SecureString
", that many of the people asking this question might be in an application where, for whatever reason, justified or not, they are not particularly concerned about having a temporary copy of the password sit on the heap as a GC-able string, but they have to use an API that only accepts SecureString
objects. So, you have an app where you don't care whether the password is on the heap, maybe it's internal-use only and the password is only there because it's required by the underlying network protocols, and you find that that string where the password is stored cannot be used to e.g. set up a remote PowerShell Runspace -- but there is no easy, straight-forward one-liner to create that SecureString
that you need. It's a minor inconvenience -- but probably worth it to ensure that the applications that really do need SecureString
don't tempt the authors to use System.String
or System.Char[]
intermediaries. :-)
The following 2 extensions should do the trick:
For a
char
arraypublic static SecureString ToSecureString(this char[] _self) { SecureString knox = new SecureString(); foreach (char c in _self) { knox.AppendChar(c); } return knox; }
And for
string
public static SecureString ToSecureString(this string _self) { SecureString knox = new SecureString(); char[] chars = _self.ToCharArray(); foreach (char c in chars) { knox.AppendChar(c); } return knox; }
Thanks to John Dagg for the AppendChar
recommendation.
If you would like to compress the conversion of a string
to a SecureString
into a LINQ
statement you can express it as follows:
var plain = "The quick brown fox jumps over the lazy dog";
var secure = plain
.ToCharArray()
.Aggregate( new SecureString()
, (s, c) => { s.AppendChar(c); return s; }
, (s) => { s.MakeReadOnly(); return s; }
);
However, keep in mind that using LINQ
does not improve the security of this solution. It suffers from the same flaw as any conversion from string
to SecureString
. As long as the original string
remains in memory the data is vulnerable.
That being said, what the above statement can offer is keeping together the creation of the SecureString
, its initialization with data and finally locking it from modification.
For completeness, I added two unit tests and methods to convert from char array and string into SecureString and back again. You should try to avoid strings altogether and only pass in either a pointer to a char array or the char array itself as in the methods I provide here, as strings are unsafe since they keep data in plain text in managed memory for rather indeterministic amount of time until next GC is run or forced, it is better to put your character array as soon as possible into a SecureString and keep it there and read it back again as a character array also.
The tests look like this:
using NUnit.Framework;
using System;
using SecureStringExtensions;
using System.Security;
namespace SecureStringExtensions.Test
{
[TestFixture]
public class SecureStringExtensionsTest
{
[Test]
[TestCase(new char[] { 'G', 'O', 'A', 'T', '1', '2', '3' })]
public void CopyCharArrayToSecureStringAndCopyBackToCharArrayReturnsExpected(char[] inputChars)
{
SecureString sec = inputChars.ToSecureString();
var copiedFromSec = sec.FromSecureStringToCharArray();
CollectionAssert.AreEqual(copiedFromSec, inputChars);
}
[Test]
[TestCase("GOAT456")]
public void CopyStringToSecureStringAndCopyBackToUnsafeStringReturnsExpected(string inputString)
{
SecureString sec = inputString.ToSecureString();
var copiedFromSec = sec.FromSecureStringToUnsafeString();
Assert.AreEqual(copiedFromSec, inputString);
}
}
}
And we have our extension methods here:
using System;
using System.Runtime.InteropServices;
using System.Security;
namespace SecureStringExtensions
{
public static class SecureStringExtensions
{
public static SecureString ToSecureString(this string str)
{
return ToSecureString(str.ToCharArray());
}
public static SecureString ToSecureString(this char[] str)
{
var secureString = new SecureString();
Array.ForEach(str, secureString.AppendChar);
return secureString;
}
/// <summary>
/// Creates a managed character array from the secure string using methods in System.Runetime.InteropServices
/// copying data into a BSTR (unmanaged binary string) and then into a managed character array which is returned from this method.
/// Data in the unmanaged memory temporarily used are freed up before the method returns.
/// </summary>
/// <param name="secureString"></param>
/// <returns></returns>
public static char[] FromSecureStringToCharArray(this SecureString secureString)
{
char[] bytes;
var ptr = IntPtr.Zero;
try
{
//alloc unmanaged binary string (BSTR) and copy contents of SecureString into this BSTR
ptr = Marshal.SecureStringToBSTR(secureString);
bytes = new char[secureString.Length];
//copy to managed memory char array from unmanaged memory
Marshal.Copy(ptr, bytes, 0, secureString.Length);
}
finally
{
if (ptr != IntPtr.Zero)
{
//free unmanaged memory
Marshal.ZeroFreeBSTR(ptr);
}
}
return bytes;
}
/// <summary>
/// Returns an unsafe string in managed memory from SecureString.
/// The use of this method is not recommended - use instead the <see cref="FromSecureStringToCharArray(SecureString)"/> method
/// as that method has not got multiple copies of data in managed memory like this method.
/// Data in unmanaged memory temporarily used are freed up before the method returns.
/// </summary>
/// <param name="secureString"></param>
/// <returns></returns>
public static string FromSecureStringToUnsafeString(this SecureString secureString)
{
if (secureString == null)
{
throw new ArgumentNullException(nameof(secureString));
}
var unmanagedString = IntPtr.Zero;
try
{
//copy secure string into unmanaged memory
unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(secureString);
//alloc managed string and copy contents of unmanaged string data into it
return Marshal.PtrToStringUni(unmanagedString);
}
finally
{
if (unmanagedString != IntPtr.Zero)
{
Marshal.FreeBSTR(unmanagedString);
}
}
}
}
}
Here, we use methods from System.Runtime.InteropServices to alloc BSTR (binary unmanaged string) temporarily and also make sure to free up temporary used unmanaged memory.