Converts a plain String value to a SecureString value, and a SecureString value to a String value.
using System;
using System.Runtime.InteropServices;
using System.Security;
namespace ConsoleTester
{
public static class Extensions
{
/// <summary>
/// Converts the string to an unsecure string.
/// </summary>
/// <remarks>
/// How to properly convert SecureString to String:
/// https://blogs.msdn.microsoft.com/fpintos/2009/06/12/how-to-properly-convert-securestring-to-string/
/// </remarks>
/// <param name="securePassword">The secure password.</param>
/// <returns>The specified SecureString as a String.</returns>
public static string ConvertToUnsecureString(this SecureString securePassword)
{
if (securePassword == null)
{
throw new ArgumentNullException("securePassword");
}
IntPtr unmanagedString = IntPtr.Zero;
try
{
unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(securePassword);
return Marshal.PtrToStringUni(unmanagedString);
}
finally
{
Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
}
}
/// <summary>
/// Converts to secure string.
/// </summary>
/// <remarks>
/// How to properly convert SecureString to String:
/// https://blogs.msdn.microsoft.com/fpintos/2009/06/12/how-to-properly-convert-securestring-to-string/
/// IMPORTANT: The project must have "Allow unsafe code"
/// enabled for this code run.
/// </remarks>
/// <param name="password">The password.</param>
/// <returns>The specified String as a SecureString.</returns>
public static SecureString ConvertToSecureString(this string password)
{
if (password == null)
{
throw new ArgumentNullException("password");
}
unsafe
{
fixed (char* passwordChars = password)
{
var securePassword = new SecureString(passwordChars, password.Length);
securePassword.MakeReadOnly();
return securePassword;
}
}
}
}
}