How to convert a string to securestring explicitly

c# securestring

I want the text entered in the textbox to be converted to securestring in c#.


The simplest approach is to iterate over the source string and append one character at a time to the secure string, like so:

var secure = new SecureString();
foreach (char c in textbox1.Text)
{
    secure.AppendChar(c);
}

Invent once and reuse lots. Create a simple extension method to extend the string base class and store it some static utilities class somewhere

using System.Security;

/// <summary>
/// Returns a Secure string from the source string
/// </summary>
/// <param name="Source"></param>
/// <returns></returns>
public static SecureString ToSecureString(this string source)
{
    if (string.IsNullOrWhiteSpace(source))
        return null;
    else
    {
        SecureString result = new SecureString();
        foreach (char c in source.ToCharArray())
            result.AppendChar(c);
        return result;
    }
}

and then call as follows:

textbox1.Text.ToSecureString();

You should make the SecureString readonly. So the code should look like this: 

static class SecureStringExtensions
{
    public static string ToUnsecureString(this SecureString secureString)
    {
        if (secureString == null) throw new ArgumentNullException("secureString");

        var unmanagedString = IntPtr.Zero;
        try
        {
            unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(secureString);
            return Marshal.PtrToStringUni(unmanagedString);
        }
        finally
        {
            Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
        }
    }

    public static SecureString ToSecureString(this string unsecureString)
    {
        if (unsecureString == null) throw new ArgumentNullException("unsecureString");

        return unsecureString.Aggregate(new SecureString(), AppendChar, MakeReadOnly);
    }

    private static SecureString MakeReadOnly(SecureString ss)
    {
        ss.MakeReadOnly();
        return ss;
    }

    private static SecureString AppendChar(SecureString ss, char c)
    {
        ss.AppendChar(c);
        return ss;
    }
}

It may be a little late but you can convert SecureString to String this way either

using System.Security;
.
.
.
/// <summary>
/// Converts String to SecureString
/// </summary>
/// <param name="input">Input in String</param>
/// <returns>Input in SecureString</returns>
public SecureString String2SecureString(String input) {
    SecureString _output = new SecureString();
    input.ToCharArray().ToList().ForEach((q) => _output.AppendChar(q));
    return _output;
}

although it all the same as Balazs Tihanyi's answer:

Google is your friend... 

var secure = new SecureString(); 
foreach(char c in textbox1.Text) 
{
secure.AppendChar(c); 
}

I'm supprised nobody metioned about SecureString constructor taking pointer to char array.

public static SecureString ToSecureString(this string source)
{
    char[] charArray = source.ToCharArray();
    unsafe
    {
        fixed (char* chars = charArray)
        {
            return new SecureString(chars, charArray.Length);
        }
    }
}

Note that this code only works with /unsafe compiler option. To set this option go to project properties, Build tab and check Allow unsafe code checkbox.

Related

Retrofit 2.0 throwing "IllegalArgumentException: @Field parameters can only be used with form encoding". How to do right API query and fix it?
Which eslint rules in my config are slow?
spring boot test unable to inject TestRestTemplate and MockMvc
Error in Visual Studio Code Dotnet Core C#: "The type or namespace name 'System' could not be found", but build succeeds
React Native rounded image with a border
JQuery, setTimeout not working
NetBeans shortcut key for collapsing/expanding a method
how to flip Image in wpf
How to restore a minimized Window in code-behind?
jQuery: How to count table columns?
Understanding Recursion to generate permutations
Digital signature for a file using openssl