51

我希望将文本框中输入的文本转换为 c# 中的安全字符串。

4

7 回答 7

87

最简单的方法是遍历源字符串并一次将一个字符附加到安全字符串,如下所示:

var secure = new SecureString();
foreach (char c in textbox1.Text)
{
    secure.AppendChar(c);
}
于 2012-03-27T10:50:35.473 回答
34

一次发明,多次重复使用。创建一个简单的扩展方法来扩展字符串基类并将其存储在某个静态实用程序类中

using System.Security;

/// <summary>
/// Returns a Secure string from the source string
/// </summary>
/// <param name="Source"></param>
/// <returns></returns>
public static SecureString ToSecureString(this string source)
{
    if (string.IsNullOrWhiteSpace(source))
        return null;
    else
    {
        SecureString result = new SecureString();
        foreach (char c in source.ToCharArray())
            result.AppendChar(c);
        return result;
    }
}

然后调用如下:

textbox1.Text.ToSecureString();
于 2013-07-10T00:32:46.743 回答
18

您应该将 SecureString 设为只读。所以代码应该是这样的:

static class SecureStringExtensions
{
    public static string ToUnsecureString(this SecureString secureString)
    {
        if (secureString == null) throw new ArgumentNullException("secureString");

        var unmanagedString = IntPtr.Zero;
        try
        {
            unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(secureString);
            return Marshal.PtrToStringUni(unmanagedString);
        }
        finally
        {
            Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
        }
    }

    public static SecureString ToSecureString(this string unsecureString)
    {
        if (unsecureString == null) throw new ArgumentNullException("unsecureString");

        return unsecureString.Aggregate(new SecureString(), AppendChar, MakeReadOnly);
    }

    private static SecureString MakeReadOnly(SecureString ss)
    {
        ss.MakeReadOnly();
        return ss;
    }

    private static SecureString AppendChar(SecureString ss, char c)
    {
        ss.AppendChar(c);
        return ss;
    }
}
于 2015-07-18T13:52:11.763 回答
1

可能有点晚了,但您也可以通过这种方式将 SecureString 转换为 String

using System.Security;
.
.
.
/// <summary>
/// Converts String to SecureString
/// </summary>
/// <param name="input">Input in String</param>
/// <returns>Input in SecureString</returns>
public SecureString String2SecureString(String input) {
    SecureString _output = new SecureString();
    input.ToCharArray().ToList().ForEach((q) => _output.AppendChar(q));
    return _output;
}

尽管这与 Balazs Tihanyi 的回答相同:

谷歌是你的朋友...

var secure = new SecureString(); 
foreach(char c in textbox1.Text) 
{
secure.AppendChar(c); 
}
于 2015-09-28T19:39:53.510 回答
1

我很惊讶没有人提到 SecureString 构造函数将指针指向 char 数组。

public static SecureString ToSecureString(this string source)
{
    char[] charArray = source.ToCharArray();
    unsafe
    {
        fixed (char* chars = charArray)
        {
            return new SecureString(chars, charArray.Length);
        }
    }
}

请注意,此代码仅适用于/unsafe编译器选项。要设置此选项,请转到项目属性、构建选项卡并选中允许不安全代码复选框。

于 2017-04-21T12:19:57.310 回答
1

几乎相同,但更短:

SecureString secureString = new SecureString();
textbox1.Text.ToCharArray().ForEach(c => secureString.AppendChar(c));
于 2018-10-11T13:43:26.943 回答
-1

将此用于文本框上的事件处理程序:

private void textbox1_TextChanged(object sender, EventArgs e)
    {
    SecureString newSecureTextBox = new SecureString();
        foreach (char c in textbox1.Text.ToCharArray())
        {
        newSecureTextBox.AppendChar(c);
        }
    }

通常将您的变量称为newSecureTextBox

于 2014-06-19T14:15:33.060 回答