how to handle the secure strings?

srinivas

New member
Joined
May 9, 2019
Messages
2
Programming Experience
3-5
Hi every one,

working on the secure string let us know how to work with secure string with loop statements

Thanks
 

srinivas

New member
Joined
May 9, 2019
Messages
2
Programming Experience
3-5
Thank you for your reply John,

actually I am writing to resolve existing code issue where the code is looks like
C#:
string[] tokens = tokenSt.Split(',');
int cPos = -1;
int pPos = -1;
string lConnString = connectionString.ToLower(CultureInfo.CurrentCulture);

foreach (string token in Tokens)
{
    cPos = lConnString .IndexOf(token);

    if (cPos > pPos)
    {
        tokenPos = cPos;
        tokenMPos = cPos + token.ToString().Length ;
        pPos = cPos;
    }
}
as suggested by the team it should be written using secure string and how to convert the above strings to secure strings

Please let me know
 
Last edited by a moderator:

JohnH

C# Forum Moderator
Staff member
Joined
Apr 23, 2011
Messages
515
Location
Norway
Programming Experience
10+

jmcilhinney

C# Forum Moderator
Staff member
Joined
Apr 23, 2011
Messages
2,275
Location
Sydney, Australia
Programming Experience
10+
actually I am writing to resolve existing code issue where the code is looks like
For future reference, please ask the question that you actually want answered. If you have existing code and you want help to make that work then say so, and post the existing code. Don't just ask how to use a particular class in general if want to know how to use it in a specific scenario. There's every chance that we would waste our time and yours by telling you things you already know and not telling you the things that you actually need. ALWAYS post a FULL and CLEAR explanation of the ACTUAL problem you want to solve.
 

Skydiver

Well-known member
Joined
Apr 6, 2019
Messages
205
Location
Virginia Beach, VA
Programming Experience
10+
My impression is that the OP has existing code that knows how to handle plain strings. He is being asked by his team to rewrite it so that it can handle SecureString's. e.g. How to re-write the code if connectionString or lConnString were secure strings?

Anyway, I don't think your colleagues realize that secure strings are just meant for strings to be stored securely in memory. They were never really meant for strings that need to be manipulated to parsed -- which seems to be what you are doing in your code above.

As an aside, why are you trying to parse a connection string yourself? Why not simply use the SqlConnectionStringBuilder or one of the other concrete DbConnectionStringBuilder classes?
 
Last edited:
Top Bottom