如何从 Azure KeyVault 中获取 SecureString - C#
How to get a SecureString out of an Azure KeyVault - C#
我有一个 Azure KeyVault,它提供了我想读入 SecureString 的密码。
如果我尝试从 IConfiguration 对象中读取作为 SecureString 的字符串,它将 return 为 null:
config.GetValue<SecureString>("AdminPW") == null
我可以将字符串作为字符串读取并转换为 SecureString,但这似乎是一个肮脏的 hack:
var pass = new SecureString();
foreach (var c in config.GetValue<string>("AdminPW").ToCharArray())
{
pass.AppendChar(c);
}
有没有办法直接从 IConfiguration 获取 SecureString?
正如汉斯所说,这不是安全。
If the assemblies you are using don't have native support for SecureString serialization, that's exactly where you Key Vault as a service for secrets need to pass them only an encrypted payload which when you do decrypt is kept immediately in a SecureString (CryptoStream byte by byte to SecureString followed by dispose to purge the buffers from memory).
因此不建议您从 Azure KeyVault 中获取 SecureString。
你可以参考这个问题Azure KeyVault client should support SecureStrings。
对于检查此内容的任何其他人,无法直接从 Azure KeyVault 中获取 SecureString。
我有一个 Azure KeyVault,它提供了我想读入 SecureString 的密码。
如果我尝试从 IConfiguration 对象中读取作为 SecureString 的字符串,它将 return 为 null:
config.GetValue<SecureString>("AdminPW") == null
我可以将字符串作为字符串读取并转换为 SecureString,但这似乎是一个肮脏的 hack:
var pass = new SecureString();
foreach (var c in config.GetValue<string>("AdminPW").ToCharArray())
{
pass.AppendChar(c);
}
有没有办法直接从 IConfiguration 获取 SecureString?
正如汉斯所说,这不是安全。
If the assemblies you are using don't have native support for
SecureStringserialization, that's exactly where you Key Vault as a service for secrets need to pass them only an encrypted payload which when you do decrypt is kept immediately in a SecureString (CryptoStream byte by byte to SecureString followed by dispose to purge the buffers from memory).
因此不建议您从 Azure KeyVault 中获取 SecureString。
你可以参考这个问题Azure KeyVault client should support SecureStrings。
对于检查此内容的任何其他人,无法直接从 Azure KeyVault 中获取 SecureString。