如何以安全的方式将 SecureString 附加到 SecureString
How to Append SecureString to SecureString in a secure way
如何追加多个 SecureString?
因为我做不到
SecureString pepper
SecureString salt
SecureString pepperAndSalt = pepper + salt;
如果我会使用
SecureString.AppendChar(Char)
我必须将 salt 转换为不安全的 char 数组,这是我想避免的。
你不能1, by definition:
Note that SecureString has no members that inspect, compare, or convert the value of a SecureString. The absence of such members helps protect the value of the instance from accidental or malicious exposure. Use appropriate members of the System.Runtime.InteropServices.Marshal class, such as the SecureStringToBSTR method, to manipulate the value of a SecureString object.
一旦取值,就无法取出。
1:除非您愿意通过使用 Marshal.SecureStringToBSTR 开始使用非托管代码,否则会违反 SecureString 的用法…
解决方法是使用 System.Runtime.InteropServices.Marshal class 中描述的 this 答案将安全字符串转换为字符串,附加两个字符串并将连接的字符串转换回安全字符串
如何追加多个 SecureString?
因为我做不到
SecureString pepper
SecureString salt
SecureString pepperAndSalt = pepper + salt;
如果我会使用
SecureString.AppendChar(Char)
我必须将 salt 转换为不安全的 char 数组,这是我想避免的。
你不能1, by definition:
Note that SecureString has no members that inspect, compare, or convert the value of a SecureString. The absence of such members helps protect the value of the instance from accidental or malicious exposure. Use appropriate members of the System.Runtime.InteropServices.Marshal class, such as the SecureStringToBSTR method, to manipulate the value of a SecureString object.
一旦取值,就无法取出。
1:除非您愿意通过使用 Marshal.SecureStringToBSTR 开始使用非托管代码,否则会违反 SecureString 的用法…
解决方法是使用 System.Runtime.InteropServices.Marshal class 中描述的 this 答案将安全字符串转换为字符串,附加两个字符串并将连接的字符串转换回安全字符串