Re: Best practice SecureString and pswd collection

Hello Mitch,

String pswdstr = Console.ReadLine();
Char[] chars = pswdstr.ToCharArray() ;
SecureString password = new SecureString();

This way, you again have the password in string representation, and you
don't know when that instance is garbage collected.

Greetings,
Henning Krause

"Mitch Gallant" <jensigner@xxxxxxxxxxxxxxxx> wrote in message
news:O5Wyo8HVGHA.5332@xxxxxxxxxxxxxxxxxxxxxxx
Just noticed that there's a useful .NET 2 sdk SecureString console sample
app:
http://msdn2.microsoft.com/en-us/library/07b9wyhy.aspx
which uses a lot of the greatly expanded Console capability .. to parse
single
keystrokes. The sample has some other useful parts; interesting title:

Console.Title = "Fanatical Health Entry System";

The basic code for building the SecureString from keystrokes is:
----------------------
SecureString password = new SecureString();
..
ConsoleKeyInfo cki = Console.ReadKey(true);
...
password.AppendChar(cki.KeyChar);
-----------------------


By comparison, this is the simpler approach:
-----------------
String pswdstr = Console.ReadLine();
Char[] chars = pswdstr.ToCharArray() ;
SecureString password = new SecureString();

for(int i = 0; i <= chars.Length - 1; i++)
password.AppendChar(chars[i]) ;
-------------------

From a security perspective, are these equivalent? i.e. does the
ConsoleKeyInfo actually expose any string content related to
the clicked key characters that is immutable?

- Mitch Gallant
MVP Security

"Dominick Baier [DevelopMentor]" <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in message news:4580be631990f78c822462bcefa3a@xxxxxxxxxxxxxxxxxxxxx
Hi,
there will be more classes that use SecureString in .NET 3.0

Avalon (WinFX) contains a Password Textbox that returns a SecureString -
not sure if SS is used anywhere in WCF or WF

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

Thanks Henning. Good article.

I'm looking for some commentary from MS on this also .. to see what
plans exist to implement secured credentials prompting in future .NET
releases.

Trying to dig into the api used in the generic IE export to pfx
and the pswd dialog that is used there (probably some internal
fn based on CredUIPromptForCredential ).
I'm updating the keypal.exe .NET tool to include pfx exportation,
so am idling on how to implement the pswd prompting :-)
Cheers,
- Mitch Gallant
MVP Security
jensign.com
"Henning Krause [MVP]" <newsgroups.remove@xxxxxxxxxxxxxxxxx> wrote in
message news:%23V%23TFEBVGHA.4900@xxxxxxxxxxxxxxxxxxxxxxx

Hello,

my implementation is a CommonDialog, which can be dragged on a form
and invoked easily...

Greetings,
Henning Krause
"Mitch Gallant" <jensigner@xxxxxxxxxxxxxxxx> wrote in message
news:epVpt$AVGHA.328@xxxxxxxxxxxxxxxxxxxxxxx

Hi Henning,

Yup .. I'm already aware of pinvoking like that .. looked at 2
references herein:

http://groups.google.com/group/microsoft.public.dotnet.languages.csh
arp/browse_thread/thread/156736d67df0b2e9/7d58cd0be12e5d4c

But there should obviously be a managed simplified wrapper fn which
simplifies this procedure. Should be a nice simple .net
implementation
to prompt a user for providing a pswd which securely manages the
memory of
the string and returns a SecureString to be used by (granted few)
functions that accept a SecureString arg.
Cheers,
- Mitch Gallant
"Henning Krause [MVP]" <newsgroups.remove@xxxxxxxxxxxxxxxxx> wrote
in message news:OK%232%23rAVGHA.328@xxxxxxxxxxxxxxxxxxxxxxx

Hello,

you can use the CredUIPromptForCredential function.

If you google for this, you will find plenty of implementations.
I've one on my website, too :-)

http://www.infinitec.de/software/nettoolbox/infinitec.security.aspx

Greetings,
Henning Krause
"Mitch Gallant" <jensigner@xxxxxxxxxxxxxxxx> wrote in message
news:u4kfYDAVGHA.1868@xxxxxxxxxxxxxxxxxxxxxxx

Using .NET 2 managed code only, what is the best that can be done
security-wise in collecting a password from the user (as console
or some pswd control dialog) and passing to a function (like
X509Certificate.Import) which can accept a SecureString?

What about pinvoking to access a secure password dialog input?
Going out of managed code, but does this remove immutable string
input ?

- Mitch







.

Relevant Pages

  • Re: Best practice SecureString and pswd collection
    ... because ConsoleKeyInfo just keeps one char in it's structure. ... There is never a string exposed. ... SecureString password = new SecureString; ...
    (microsoft.public.dotnet.security)
  • Re: Best practice SecureString and pswd collection
    ... SecureString password = new SecureString; ... This way, you again have the password in string representation, and you don't know when that instance is garbage ... ConsoleKeyInfo cki = Console.ReadKey; ...
    (microsoft.public.dotnet.security)
  • Re: Best practice SecureString and pswd collection
    ... Just noticed that there's a useful .NET 2 sdk SecureString console sample app: ... SecureString password = new SecureString; ... and the pswd dialog that is used there (probably some internal ...
    (microsoft.public.dotnet.security)
  • Re: Destroy a string
    ... public static unsafe void OverwriteString{ ... The string is still on the heap, ... That's why the SecureString was invented, it get's allocated in a non swappable fixed ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: System.Diagnostics.Process() hangs
    ... very simple and runs %system% ver, and returns the windows version. ... webservice will need to invoke an exe (which is a server application ... public string CreateTSUser ... SecureString securePass = new SecureString; ...
    (microsoft.public.dotnet.framework.aspnet)