How to convert SecureString to System.String?
Use the System.Runtime.InteropServices.Marshal
class:
String SecureStringToString(SecureString value) {
IntPtr valuePtr = IntPtr.Zero;
try {
valuePtr = Marshal.SecureStringToGlobalAllocUnicode(value);
return Marshal.PtrToStringUni(valuePtr);
} finally {
Marshal.ZeroFreeGlobalAllocUnicode(valuePtr);
}
}
If you want to avoid creating a managed string object, you can access the raw data using Marshal.ReadInt16(IntPtr, Int32)
:
void HandleSecureString(SecureString value) {
IntPtr valuePtr = IntPtr.Zero;
try {
valuePtr = Marshal.SecureStringToGlobalAllocUnicode(value);
for (int i=0; i < value.Length; i++) {
short unicodeChar = Marshal.ReadInt16(valuePtr, i*2);
// handle unicodeChar
}
} finally {
Marshal.ZeroFreeGlobalAllocUnicode(valuePtr);
}
}
Convert String to SecureString
You don't. The whole reason for using the SecureString object is to avoid creating a string object (which is loaded into memory and kept there in plaintext until garbage collection). However, you can add characters to a SecureString by appending them.
var s = new SecureString();
s.AppendChar('d');
s.AppendChar('u');
s.AppendChar('m');
s.AppendChar('b');
s.AppendChar('p');
s.AppendChar('a');
s.AppendChar('s');
s.AppendChar('s');
s.AppendChar('w');
s.AppendChar('d');
How do you decrypt securestring in powershell
$password = Read-Host "Enter password" -AsSecureString
$password = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($password)
$password = [Runtime.InteropServices.Marshal]::PtrToStringBSTR($password)
echo $password
pause
To convert Read-Host
SecureString
s to normal strings, you use
$NewVaraible = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($ReadVariable)
$NewNewVariable = [Runtime.InteropServices.Marshal]::PtrToStringBSTR($NewVariable)
Or you could just update the existing variable:
$ReadVaraible = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($ReadVariable)
$ReadVariable = [Runtime.InteropServices.Marshal]::PtrToStringBSTR($ReadVariable)
Thank you @mklement0 for your insightful comments; updated answer accordingly to mklement0's comment
Convert a secure string to plain text
You are close, but the parameter you pass to SecureStringToBSTR
must be a SecureString
. You appear to be passing the result of ConvertFrom-SecureString
, which is an encrypted standard string. So call ConvertTo-SecureString
on this before passing to SecureStringToBSTR
.
$SecurePassword = ConvertTo-SecureString $PlainPassword -AsPlainText -Force
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecurePassword)
$UnsecurePassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)
[Runtime.InteropServices.Marshal]::ZeroFreeBSTR($BSTR)
Cannot convert the System.Security.SecureString value of type System.String to type System.Security.SecureString
I finally find a solution for my problem. I used the command NET
, so here the che command line that I used
NET USER $user $pass /ADD
For the other parameters, I'll pass after it creates the user
$pass is NOT a secure string!
Convert SecureString with ANSI-character to unmanaged string
Strings are sequences of char
s, not bytes. (char)128
represents the Unicode codepoint U+0080 which has no representation in whatever code page is your machine's ANSI code page, so you get the question mark (ANSI 63) instead.
This has nothing to do with SecureString
s. You would get the same result with Encoding.GetBytes
/Encoding.GetString
.
Please make sure you have visited this before you proceed.
If you are certain that your secure string will only contain codepoints below 256, and you want roundtrip representation of such codepoints in ANSI, then you can arrange that using codepage 28591:
public static byte[] SecureStringToRoundtripAnsiByteArray(SecureString secureString)
{
var buffer_ptr = Marshal.SecureStringToCoTaskMemUnicode(secureString);
try
{
byte[] buffer = new byte[secureString.Length * sizeof(char)];
Marshal.Copy(buffer_ptr, buffer, 0, buffer.Length);
try
{
return System.Text.Encoding.Convert(System.Text.Encoding.Unicode, System.Text.Encoding.GetEncoding(28591), buffer);
}
finally
{
Array.Clear(buffer, 0, buffer.Length);
}
}
finally
{
Marshal.ZeroFreeCoTaskMemUnicode(buffer_ptr);
}
}
using (var secureString = new SecureString())
{
for (int i = 0; i < 256; i++)
secureString.AppendChar((char)i);
secureString.MakeReadOnly();
byte[] b = SecureStringToRoundtripAnsiByteArray(secureString);
for (int i = 0; i < 256; i++)
Console.WriteLine(b[i]);
}
Can not convert String to Secure String for use in New-ADUser
Change
AccountPassword = "$password"
to
AccountPassword = $password
If you have quotes around the variable, it is taken as a regular string instead of a secure string. Proof:
$plainText = "Plain text"
$secureString = ConvertTo-SecureString $plainText -AsPlainText -Force
$quotedSecureString = "$secureString"
$plainText.GetType()
$secureString.GetType()
$quotedSecureString.GetType()
results in
IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True True String System.Object
True False SecureString System.Object
True True String System.Object
Related Topics
C# How to Loop While Mouse Button Is Held Down
Except Has Similar Effect to Distinct
Using Prepared Statement in C# with MySQL
Sending Outlook Meeting Requests Without Outlook
Interfaces VS. Abstract Classes
Why Can't I Have Protected Interface Members
How to List All Loaded Assemblies
C# Native Host with Chrome Native Messaging
Deserialize JSON in a "Tryparse" Way
How to "Zip" or "Rotate" a Variable Number of Lists
How to Use Httpwebrequest to Pull Image from Website to Local File
Center Multiple Rows of Controls in a Flowlayoutpanel
How Does Task<Int> Become an Int
String.Isnullorempty(String) VS. String.Isnullorwhitespace(String)
Date Format Yyyy-Mm-Ddthh:Mm:Ssz
Extension Methods Syntax VS Query Syntax
Declaring a Variable Inside or Outside an Foreach Loop: Which Is Faster/Better