You say "You?ll notice the code simply displays the name of the class (System.Security.SecureString) when it executes." This is incorrect. The output is "TechRepublic.com". The editor owes me a brewski.
doug in Seattle
Discussion on:
View:
Show:
At least for me it is. I am running the code in version 2.0.50727 of the framework and it does output the name of the class, not the contents.
One thing worth noticing though is that the VB.NET class has only one constructor with no arguments as VB.NET does not provide pointer functionality and the AppendChar lines will blow if you have OPTION STRICT ON unless you explicitly cast the values to Char type. In C# that is not the case since single quote denotes Char and Double quote denotes String.
One thing worth noticing though is that the VB.NET class has only one constructor with no arguments as VB.NET does not provide pointer functionality and the AppendChar lines will blow if you have OPTION STRICT ON unless you explicitly cast the values to Char type. In C# that is not the case since single quote denotes Char and Double quote denotes String.
You have an example type in the "Getting the data" section.
"IntPtr pointerName ="
and
".PtrToStringBSTR(bstr));"
are inconsistent. One of them should be changed to be consistent with later examples.
"IntPtr pointerName ="
and
".PtrToStringBSTR(bstr));"
are inconsistent. One of them should be changed to be consistent with later examples.
Calling to Marshal.PtrToStringBSTR(ptr) creates a System.String that has the same content with ss. You end up having another copy of the password that has all the problem that you try to avoid in the first place. It defeats the purpose of having SecureString.
Lets assume i have one connection string defined in Module which has sensitive db pass n other information which i seldom use it in all my forms.
here you use console.writeline method which is accomplished once, and pointer is terminated, cleared thereafter. but in my case there is no certainty about how long do i need to use my "connectionstring". How can i secure string with this method, keeping in mind i need to use it again n again.
here you use console.writeline method which is accomplished once, and pointer is terminated, cleared thereafter. but in my case there is no certainty about how long do i need to use my "connectionstring". How can i secure string with this method, keeping in mind i need to use it again n again.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
