2

When writing a WPF application, the PasswordBox stores the entered password as a SecureString. This totally makes sense. However, I want to send the password via a HTTP API, and the HttpClient PostAsync seems to accept strings for form-encoded data.

I am aware that other people have asked related questions, most notably Is SecureString ever practical in a C# application?, but I have not found a satisfactory method to send this SecureString to the Http endpoint, without first converting it to a String. The conversion totally defeats the object of SecureString in the first place (because it puts the plaintext right back into the managed memory).

Is there a canonically correct (and preferably straightforward) way to do this?

For complete disclosure - I have no control over the HTTP API.

Philip Adler
  • 2,111
  • 17
  • 25

1 Answers1

1

I think that, although not perfect, the best solution for you is to use the DecryptSecureString method, posted by rdev5 on this answer (after all, the password is being transfered in plaintext over the network anyway)

rdev5's method decrypts the SecureString into a string, do what you tell it to do with the password and then wipe it from memory. This reduces the window where the password is in the memory, and thus the time that it could be peeked from there.

Strings.DecryptSecureString(secureString, (password) =>
{
    // Do your API call here
});

P.S.: As pointed out in the original post, just be sure not to save the content of password elsewhere.

appa yip yip
  • 1,404
  • 1
  • 17
  • 38
  • It might not be globally ideal, but it does solve the problem of the lack of a `DisposableString` type. So thankyou. I would like to note that the password is not technically sent in plaintext since the HTTP API is a secure connection. – Philip Adler Oct 20 '17 at 07:36