Back to Blog
Passwordbox export passwords6/27/2023 ![]() Just to be clear: My main intent with this question is to evaluate if I should pass all my password handling code to C++ from my C# (probably using C++/CLI or interop) to achieve a more secure code than what C# has to offer. NET string manipulations (like verifying if the password string is null or white space or has the correct length or has the desired password strength)?Ģ - If question's #1 answer is "yes" then should I invest some time to pass the BSTR string to a interop C++ code to calculate it's hash and verify?ģ - Is my later code correct or am I missing something on SecureString manipulation? This makes some questions arise in my mind:ġ - Are BSTR strings like C strings in the sense of memory management? Are they pinned in RAM and I can manipulate them and erase them as I see fit so it will be more secure to use them in C# or interop it with a C++ code so I can eliminate a lot of my. This way the password raw string will be copied multiple times for the BCrypt method and probably even more times inside it. InsecureString = string.Empty // hoping for the GC to act now, fingers crossed. Use the ually as:īool result = (insecurePassword, user.Password) // This hashes the provided password and compares it with another BCrypt hash. String insecurePassword = Marshal.PtrToStringBSTR(passwordBSTR) IntPtr passwordBSTR = Marshal.SecureStringToBSTR(password) I didn't find any libraries that would accept a SecureString directly, so I don't have much of an option but use it.Ĭurrently I run code such as this: SecureString password // This usually comes from a PasswordBox Property It uses a regular string for calculating the hashes, which I think is far from ideal. In my case I use a library for password hashing called BCrypt. So far all implementations I see use a regular string at the end, with the extracted and decrypted content from the SecureString which I think (or hope) it's avoidable in some cases even though it might involve some complicated code to get around a. And yes, SecureString does allow us to write one char at a time and gives us some other minor usages while hiding it's secret, but sometimes we need the whole string at once or something like it. I ask this because sooner or later you will have to extract the inner string. The thing is: what is the proper way of using it? In order to mitigate this Microsoft came up with SecureString. It's a well known fact that C# string is pretty insecure, it's not pinned in RAM, the Garbage Collector can move it, copy it, leave multiple traces of it in RAM and the RAM can be swapped and be available as a file to be read, not mentioning several other known facts.
0 Comments
Read More
Leave a Reply. |