Making use of the SecureString

Published Sunday, February 19, 2006 10:32 PM

In .Net V2, there is a class called the SecureString in the System.Security namespace. Its a nifty little class that stores its contents in encrypted form, and is not subject to managed heap garbage collection side effects, where copies of the string are left around while waiting to be collected, and also its string value is not sitting in memory for all to see, nor are multiple copies made each time a character is added and a whole bunch of other things I have talked about previously. Basically, it allows secure storage, in memory, of a string, such that tools that can pry into your memory, don't see things they are not supposed to.

Problem is, to use this class in any meaningful way from a user interface perspective, you usually have to enter your string first into some UI element such as a textbox, or other control, and these controls themselves dont utilise a secure string class. Rather, they use standard string mechanisms to store their data, so even though you may have immediately copied the contents to a secure string class, they are still loitering around in memory, waiting to be collected (or worse yet, with a valid reference to them, and not being collected for some time).

I have been wanting to upgrade my personal password manager application for some time now, as it was only written as a little micky mouse app to try out some UI elements a very long time ago, but ended up proving very useful. Its implementation is not what I would call good practice code though. In V2, I wanted to utilise the secure string class to store my passwords in memory, however its not so easy from a UI perspective, as already mentioned. To that end, I have started to develop a 'SecureTextBox' control which allows textual entry like a textbox with a password character defined, however all internal storage is via a secure string. No standard managed string instance is used at all. Its in a semi-working form right now, and will be finished soon. I'll release it for others to use ofcourse. I'd be interested in hearing if there are already implementations out there around this.

Oh well, back to it....

by Glav

Comments

# Paul Glavich said on Sunday, February 19, 2006 3:31 PM

Hi Robert,
At the moment, its pretty raw and appends a System.Char to the secure string instance. Currently, I have taken the lazy way out and inherited from the TextBox control, and am making it do the things I want. The internal text string that the textbox uses, wont contain the password itself at any time, and currently only holds a series of asterisks for display purposes.

The control intercepts any keystrokes and processes them appropriately, adding what is needed (or removing) from the secure string instance.

# Robert Hurlbut said on Monday, February 20, 2006 6:40 AM

Very cool -- that's what I had in mind. I would like to "borrow" your ideas (giving you due credit of course) for my next .NET 2.0 security talk as a possible work around. Looking forward to seeing the code.

# Paul Glavich said on Monday, February 20, 2006 4:33 PM

Sure Robert.

Ping via MSN if you like on glav AT aspalliance DOT com.

I'll try and get a basic working version out soon.

Leave a Comment

(required) 
(required) 
(optional)
(required) 

This Blog

Syndication