0

If I do the following in a class, is my password cached/discoverable in memory?

public class ConnectionInfo { private SecureString _password; public string UserName; public string Password { get { IntPtr valuePtr = IntPtr.Zero; try { valuePtr = Marshal.SecureStringToGlobalAllocUnicode(_password); return Marshal.PtrToStringUni(valuePtr); } finally { Marshal.ZeroFreeGlobalAllocUnicode(valuePtr); } } set { _password = new SecureString(); foreach (char c in value) { _password.AppendChar(c); } } } }

In other words, if I use it like this

ConnectionInfo connectionInfo = new Models.DomainInfo(); connectionInfo.Password = "Password1";

and later use it with a directoryEntry

DirectoryEntry entry = new DirectoryEntry("LDAP://Domain.com", $"Domain\\{connectionInfo.UserName}", connectionInfo.Password);

is the cleartext password cached via the property Password? (I am not referring to any leaks that might occur via DirectoryEntry etc., only the Property)

Password is stored in web/app.config and retrieved via this

staticKey = Encoding.UTF8.GetBytes(sEncryptionKey.Substring(0, 8)); DESCryptoServiceProvider des = new DESCryptoServiceProvider(); inputByteArray = Convert.FromBase64String(stringToDecrypt); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(staticKey, staticIV), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); Encoding encoding = Encoding.UTF8; return encoding.GetString(ms.ToArray());

Is the encryption strong enough?

Improve this question
1
  • 1
    Btw. see stackoverflow.com/a/26202992/1336590 on the purpose of SecureString. It's basically protection against stupidity. Not actually all that "secure". Commented May 9, 2019 at 7:50

1 Answer 1

Reset to default
1

The answer is complicated - yes, the Property itself is secure, there is no caching done. BUT - the string returned will be managed by the Garbage Collector and exist until garbage collected.

I honestly do not thing SecureString is all that worthwile. It somewhat protects against analysing a memory dump, but it only shortens the threat window. Since input und usage are usually plain old strings, the password WILL show up in the memory dump sooner or later.

Also, how do you get the password to the application? That's usually the part where an attacker can get the PW.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

The password is stored in the web/app.config as an encrypted string, see edit in question
Does that mean the securestring version of my property is cached? How can I prevent that if this is the case?

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.