Saturday, September 22, 2007

UserNamePasswordClientCredential   Say you are doing a banking SmartClient application, people finally got tired of phissing and "fat" clients is the answer here. Now my SmartClient uses WCF (duh) as the communication infrastructure between the end user and the bank. The end user is presented with the usual login box + some extra security id RSA key she must enter. The credentials is then stored in memory and each time I call out to my WCF proxy I pass in those credentials + the extra rsa custom token. I am holding on to the username token in memory using SecureString of course. So here is my concern, say I am holding on to my session aware channelfactory for many reasons, performance amongst other things. Obviously I have to set the Username and Password on the channel, fine but the UserNamePasswordClientCredential class uses string to hold my identity!! WTF. Great eh, out goes the SecureString idea. We're not talking about securing the token when it crosses the wire, that part is secured, but I am talking about the fact that my password and username is visible to prying eyes in memory, the second I set my credentials on the channelfactory. Might not be a big deal, but why not use SecureString on the UserNamePasswordClientCredential in the first place!. I might be missing the obvious reason as why UserNamePasswordClientCredential is designed like this, comments are welcome here. Btw: a possible implementation of the cached identity could be written like this (given the fact that UserNamePasswordClientCredential uses System.String ;-)). public sealed class CacheClientCredentials {         private static SecureString usr = new SecureString();         private static SecureString  pwd= new SecureString();           public static string UserName         {             get  { return SecureStringToString(usr); }             set             {                 char[] chars = value.ToCharArray();                 foreach (char c in chars)                     usr.AppendChar(c);                 usr.MakeReadOnly();             }         }           public static string Password         {             get { return SecureStringToString(pwd);  }             set             {                     char[] chars = value.ToCharArray();                     foreach (char c in chars)                         pwd.AppendChar(c);                     pwd.MakeReadOnly();             }         }           private  static string SecureStringToString(SecureString value)         {             IntPtr bstr = Marshal.SecureStringToBSTR(value);             try             {                 return Marshal.PtrToStringBSTR(bstr);             }             finally             {                 Marshal.FreeBSTR(bstr);             }         }     } The average, healthy, well-adjusted adult gets up at seven-thirty in the morning feeling just plain terrible.     -- Jean Kerr 10:41:57 AM    comment []

© Copyright 2007 Allan Nielsen.