in src/PFXImportPowershell/EncryptionUtilities/Source/SecureStringUtil.cs [246:294]
public static SecureString EncodeForXMLElementValue(SecureString inputString)
{
if (inputString == null)
{
throw new ArgumentNullException(nameof(inputString));
}
SecureString retString = new SecureString();
IntPtr inputPtr = IntPtr.Zero;
try
{
inputPtr = Marshal.SecureStringToGlobalAllocUnicode(inputString);
for (int inputOffset = 0; inputOffset < inputString.Length * 2; inputOffset += 2)
{
char curInputChar = (char)Marshal.ReadInt16(inputPtr, inputOffset);
switch (curInputChar)
{
case '&':
AppendToSecureString(retString, "&");
break;
case '\'':
AppendToSecureString(retString, "'");
break;
case '<':
AppendToSecureString(retString, "<");
break;
case '>':
AppendToSecureString(retString, ">");
break;
case '"':
AppendToSecureString(retString, """);
break;
default:
retString.AppendChar(curInputChar);
break;
}
}
}
finally
{
Marshal.ZeroFreeGlobalAllocUnicode(inputPtr);
inputPtr = IntPtr.Zero;
}
return retString;
}