From d78fbef32cbaa81013a9e24c3e287df10b4efd81 Mon Sep 17 00:00:00 2001 From: Steve Lee Date: Fri, 22 Mar 2019 10:20:16 -0700 Subject: [PATCH 1/2] add note to reflect that .Net Core doesn't encrypt contents of secure string --- .../Microsoft.PowerShell.Security/ConvertFrom-SecureString.md | 4 ++++ .../6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/reference/6/Microsoft.PowerShell.Security/ConvertFrom-SecureString.md b/reference/6/Microsoft.PowerShell.Security/ConvertFrom-SecureString.md index 438df8f7bdac..307fffc5896e 100644 --- a/reference/6/Microsoft.PowerShell.Security/ConvertFrom-SecureString.md +++ b/reference/6/Microsoft.PowerShell.Security/ConvertFrom-SecureString.md @@ -35,6 +35,10 @@ If an encryption key is specified by using the *Key* or *SecureKey* parameters, The specified key must have a length of 128, 192, or 256 bits, because those are the key lengths supported by the AES encryption algorithm. If no key is specified, the Windows Data Protection API (DPAPI) is used to encrypt the standard string representation. +> [!NOTE] +> Note that per [DotNet](https://github.com/dotnet/platform-compat/blob/master/docs/DE0001.md), the +> contents of a SecureString are not encrypted. + ## EXAMPLES ### Example 1: Create a secure string diff --git a/reference/6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md b/reference/6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md index 26395facb3a4..1f8153676e81 100644 --- a/reference/6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md +++ b/reference/6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md @@ -43,6 +43,10 @@ This enables it to be stored in a file for later use. If the standard string being converted was encrypted with **ConvertFrom-SecureString** using a specified key, that same key must be provided as the value of the *Key* or *SecureKey* parameter of the **ConvertTo-SecureString** cmdlet. +> [!NOTE] +> Note that per [DotNet](https://github.com/dotnet/platform-compat/blob/master/docs/DE0001.md), the +> contents of a SecureString are not encrypted. + ## EXAMPLES ### Example 1: Convert a secure string to an encrypted string From 74df24359282a82a733781ed5885d380dbd3bb88 Mon Sep 17 00:00:00 2001 From: Steve Lee Date: Fri, 22 Mar 2019 10:34:37 -0700 Subject: [PATCH 2/2] fix link to remarks in .net doc --- .../6/Microsoft.PowerShell.Security/ConvertFrom-SecureString.md | 2 +- .../6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/reference/6/Microsoft.PowerShell.Security/ConvertFrom-SecureString.md b/reference/6/Microsoft.PowerShell.Security/ConvertFrom-SecureString.md index 307fffc5896e..2ad27e98fe17 100644 --- a/reference/6/Microsoft.PowerShell.Security/ConvertFrom-SecureString.md +++ b/reference/6/Microsoft.PowerShell.Security/ConvertFrom-SecureString.md @@ -36,7 +36,7 @@ The specified key must have a length of 128, 192, or 256 bits, because those are If no key is specified, the Windows Data Protection API (DPAPI) is used to encrypt the standard string representation. > [!NOTE] -> Note that per [DotNet](https://github.com/dotnet/platform-compat/blob/master/docs/DE0001.md), the +> Note that per [DotNet](/dotnet/api/system.security.securestring?view=netcore-2.1#remarks), the > contents of a SecureString are not encrypted. ## EXAMPLES diff --git a/reference/6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md b/reference/6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md index 1f8153676e81..21dc418f4267 100644 --- a/reference/6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md +++ b/reference/6/Microsoft.PowerShell.Security/ConvertTo-SecureString.md @@ -44,7 +44,7 @@ This enables it to be stored in a file for later use. If the standard string being converted was encrypted with **ConvertFrom-SecureString** using a specified key, that same key must be provided as the value of the *Key* or *SecureKey* parameter of the **ConvertTo-SecureString** cmdlet. > [!NOTE] -> Note that per [DotNet](https://github.com/dotnet/platform-compat/blob/master/docs/DE0001.md), the +> Note that per [DotNet](/dotnet/api/system.security.securestring?view=netcore-2.1#remarks), the > contents of a SecureString are not encrypted. ## EXAMPLES