Skip to content

Commit

Permalink
Update Security.md
Browse files Browse the repository at this point in the history 
- Change '.Net' to '.NET' to keep it consistent.
- Change incorrect usage of spaces within example code (space after opening parenthesis and space before closing parenthesis).
- Change several inconsistencies in example code:
   - Change '[System.Runtime.InteropServices.marshal]' to '[System.Runtime.InteropServices.Marshal]'.
   - Remove semicolon at the end of the lines.
   - Remove an unnecessary 'return' keyword.
- Remove extra line at the end.
  • Loading branch information
@richy58729
richy58729 authored Apr 16, 2023
1 parent 9477842 commit e06936a
Showing 1 changed file with 6 additions and 7 deletions.
13 changes: 6 additions & 7 deletions Best-Practices/Security.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,11 @@ param (
)
```

If you absolutely must pass a password in a plain string to a .Net API call or a third party library it is better to decrypt the credential as it is being passed instead of saving it in a variable.
If you absolutely must pass a password in a plain string to a .NET API call or a third party library, it is better to decrypt the credential as it is being passed instead of saving it in a variable.

```PowerShell
# Get the cleartext password for a method call:
$Insecure.SetPassword( $Credentials.GetNetworkCredential().Password )
$Insecure.SetPassword($Credentials.GetNetworkCredential().Password)
```

#### Other Secure Strings
Expand All @@ -32,10 +32,10 @@ Note, if you ever need to turn a SecureString into a string, you can use this me

```PowerShell
# Decrypt a secure string.
$BSTR = [System.Runtime.InteropServices.marshal]::SecureStringToBSTR($this);
$plaintext = [System.Runtime.InteropServices.marshal]::PtrToStringAuto($BSTR);
[System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($BSTR);
return $plaintext
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($this)
$plaintext = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)
[System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($BSTR)
$plaintext
```

* For credentials that need to be saved to disk, serialize the credential object using
Expand Down Expand Up @@ -63,4 +63,3 @@ computer where it was generated.
# Read the Standard String from disk and convert to a SecureString
$Secure = Get-Content -Path "${Env:AppData}\Sec.bin" | ConvertTo-SecureString
```

0 comments on commit e06936a

Please sign in to comment.