Using SecureString

c# security securestring

Can this be simplified to a one liner? Feel free to completely rewrite it as long as secureString gets initialized properly.

SecureString secureString = new SecureString ();
foreach (char c in "fizzbuzz".ToCharArray())
{
    secureString.AppendChar (c);
}

Just use NetworkCredential. It has the conversion logic built-in.

SecureString ss = new NetworkCredential("", "fizzbuzz").SecurePassword;

As others have noted, all of these techniques strip the security benefits of SecureString, but in certain situations (such as unit tests) this may be acceptable.

Update:

As noted in the comments, NetworkCredential can also be used to convert a SecureString back to a string.

string s = new NetworkCredential("", ss).Password;

You could use Linq:

"fizzbuzz".ToCharArray().ToList().ForEach(p => secureString.AppendChar(p));

Apart from using unsafe code and a char*, there isn't a (much) better way.

The point here is not to copy SecureString contents to/from normal strings. The constant "fizzbuzz" constant is the security leak here.

Related

Explain Hough Transformation
Warning! PATH is not properly set up, usually this is caused by shell initialization files
Is it possible to modify a registry entry via a .bat/.cmd script?
Convert Minutes to milliseconds Java/android
SQLSTATE[42000]: Syntax error or access violation: 1055 Expression #3 of SELECT list is not in GROUP BY clause and contains nonaggregated
ManagementObject Class not showing up in System.Management namespace
How to install clearlinux gcc in ubuntu?
Removing all unnecessary fonts from system
python-pip package disappeared in Ubuntu 20.04
NSSet to NSArray casting calling objectAtIndex?
Ubuntu on virtualbox no internet connection
Can I install canonical-livepatch on a system without snapd