SecureString Class
Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. This class cannot be inherited.
Assembly: mscorlib (in mscorlib.dll)
The SecureString type exposes the following members.
| Name | Description | |
|---|---|---|
|
|
SecureString | Initializes a new instance of the SecureString class. |
|
|
SecureString(Char*, Int32) | Infrastructure. Initializes a new instance of the SecureString class from a subarray of System.Char objects. |
| Name | Description | |
|---|---|---|
|
|
AppendChar | Appends a character to the end of the current secure string. |
|
|
Clear | Deletes the value of the current secure string. |
|
|
Copy | Creates a copy of the current secure string. |
|
|
Dispose | Releases all resources used by the current SecureString object. |
|
|
Equals(Object) | Determines whether the specified Object is equal to the current Object. (Inherited from Object.) |
|
|
Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
|
|
GetHashCode | Serves as a hash function for a particular type. (Inherited from Object.) |
|
|
GetType | Gets the Type of the current instance. (Inherited from Object.) |
|
|
InsertAt | Inserts a character in this secure string at the specified index position. |
|
|
IsReadOnly | Indicates whether this secure string is marked read-only. |
|
|
MakeReadOnly | Makes the text value of this secure string read-only. |
|
|
MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
|
|
RemoveAt | Removes the character at the specified index position from this secure string. |
|
|
SetAt | Replaces the existing character at the specified index position with another character. |
|
|
ToString | Returns a string that represents the current object. (Inherited from Object.) |
An instance of the System.String class is both immutable and, when no longer needed, cannot be programmatically scheduled for garbage collection; that is, the instance is read-only after it is created and it is not possible to predict when the instance will be deleted from computer memory. Consequently, if a String object contains sensitive information such as a password, credit card number, or personal data, there is a risk the information could be revealed after it is used because your application cannot delete the data from computer memory.
A SecureString object is similar to a String object in that it has a text value. However, the value of a SecureString object is automatically encrypted, can be modified until your application marks it as read-only, and can be deleted from computer memory by either your application or the .NET Framework garbage collector.
The value of an instance of SecureString is automatically encrypted when the instance is initialized or when the value is modified. Your application can render the instance immutable and prevent further modification by invoking the MakeReadOnly method.
Note that SecureString has no members that inspect, compare, or convert the value of a SecureString. The absence of such members helps protect the value of the instance from accidental or malicious exposure. Use appropriate members of the System.Runtime.InteropServices.Marshal class, such as the SecureStringToBSTR method, to manipulate the value of a SecureString object.
The SecureString class is derived from the CriticalFinalizerObject class and implements the IDisposable interface. For more information about implementing the IDisposable interface, see Garbage Collection.
The SecureString class and its members are not visible to COM. For more information, see ComVisibleAttribute.
Windows 2000 Platform Note: In addition to Windows 2000 Service Pack 4 and later, SecureString is supported on Windows 2000 Service Pack 3.
Windows 95, Windows 98, Windows 98 Second Edition, Windows Millennium Edition Platform Note: The SecureString class is not supported on Windows 98 or Windows Millennium Edition.
The following example demonstrates how to use a SecureString to secure a user’s password for use as a credential to start a new process.
using System; using System.ComponentModel; using System.Diagnostics; using System.Security; public class Example { public static void Main() { // Instantiate the secure string. SecureString securePwd = new SecureString(); ConsoleKeyInfo key; Console.Write("Enter password: "); do { key = Console.ReadKey(true); // Ignore any key out of range. if (((int) key.Key) >= 65 && ((int) key.Key <= 90)) { // Append the character to the password. securePwd.AppendChar(key.KeyChar); Console.Write("*"); } // Exit if Enter key is pressed. } while (key.Key != ConsoleKey.Enter); Console.WriteLine(); try { Process.Start("Notepad.exe", "MyUser", securePwd, "MYDOMAIN"); } catch (Win32Exception e) { Console.WriteLine(e.Message); } } }
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
What's the point? Unless you are using WPF, whose PasswordTextBox has a SecurePassword property that is a SecureString, or you populate one character at a time directly from the keyboard or from a previously encrypted string, it doesn't seem to have any advantages because there's a copy of the original string floating around.
- 11/14/2011
- gdosborne
SecureStringToBSTR returns the original string? That's a joke right? No salt, no encryption provider?
- 12/20/2010
- deo.is
http://msdn.microsoft.com/en-us/library/system.security.cryptography.protectedmemory.aspx
- 12/14/2010
- LukePuplett
is to make you feel good that you are being more "secure".
- 7/28/2010
- B White
class SecureMethods
{
public static SecureString StringToSecureString(string input)
{
SecureString output = new SecureString();
int l = input.Length;
char[] s = input.ToCharArray(0, l);
foreach (char c in s)
{
output.AppendChar(c);
}
return output;
}
public static String SecureStringToString(SecureString input)
{
string output = "";
IntPtr ptr = SecureStringToBSTR(input);
output = PtrToStringBSTR(ptr);
return output;
}
private static IntPtr SecureStringToBSTR(SecureString ss)
{
IntPtr ptr = new IntPtr();
ptr = Marshal.SecureStringToBSTR(ss);
return ptr;
}
private static string PtrToStringBSTR(IntPtr ptr)
{
string s = Marshal.PtrToStringBSTR(ptr);
Marshal.ZeroFreeBSTR(ptr);
return s;
}
}
- 5/20/2010
- Rudedog2
{
SecureString ret = new SecureString();
foreach (char c in value)
{
ret.AppendChar(c);
}
ret.MakeReadOnly();
return ret;
}
- 5/19/2010
- Ewald Hofman