Commits

Devin Martin  committed dbc45f7

add an internal key utilities class for working with plain keys

  • Participants
  • Parent commits 873278e

Comments (0)

Files changed (4)

File OtpSharp/Key.cs

             }
             finally
             {
-                // wipe the key from memory by writing random stuff out to it
-                new Random().NextBytes(plainKey);
+                // wipe the key from memory by writing random stuff out to it as best as we can
+                KeyUtilities.Destroy(plainKey);
             }
         }
 

File OtpSharp/KeyGeneration.cs

             masterKey.UsePlainKey(plainMasterKey =>
             {
                 var hashAlgorithm = GetHashAlgorithmForMode(mode);
-                var masterKeyWithPublicIdentifier = Combine(plainMasterKey, publicIdentifier);
+                var masterKeyWithPublicIdentifier = KeyUtilities.Combine(plainMasterKey, publicIdentifier);
                 key = hashAlgorithm.ComputeHash(masterKeyWithPublicIdentifier);
-                Destroy(masterKeyWithPublicIdentifier);
+                KeyUtilities.Destroy(masterKeyWithPublicIdentifier);
             });
 
             return key;
                     return 20;
             }
         }
-
-        #region key utilities
-
-        internal static byte[] Combine(params byte[][] arrays)
-        {
-            byte[] rv = new byte[arrays.Sum(a => a.Length)];
-            int offset = 0;
-            foreach (byte[] array in arrays)
-            {
-                System.Buffer.BlockCopy(array, 0, rv, offset, array.Length);
-                offset += array.Length;
-            }
-            return rv;
-        }
-
-        internal static void Destroy(byte[] sensetiveData)
-        {
-            if (sensetiveData == null)
-                throw new ArgumentNullException("sensetiveData");
-            new Random().NextBytes(sensetiveData);
-        }
-
-        #endregion
     }
 }

File OtpSharp/KeyUtilities.cs

+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+
+namespace OtpSharp
+{
+    /// <summary>
+    /// Some helper methods to perform common key functions
+    /// </summary>
+    internal class KeyUtilities
+    {
+        /// <summary>
+        /// Concatinate two byte arrays together
+        /// </summary>
+        /// <param name="arrays">The two arrays to concatinate</param>
+        /// <returns></returns>
+        internal static byte[] Combine(params byte[][] arrays)
+        {
+            byte[] rv = new byte[arrays.Sum(a => a.Length)];
+            int offset = 0;
+            foreach (byte[] array in arrays)
+            {
+                System.Buffer.BlockCopy(array, 0, rv, offset, array.Length);
+                offset += array.Length;
+            }
+            return rv;
+        }
+
+        /// <summary>
+        /// Overwrite potentially sensetive data with random junk
+        /// </summary>
+        /// <remarks>
+        /// Warning!
+        /// 
+        /// This isn't foolproof by any means.  The garbage collector could have moved the actual
+        /// location in memory to another location during a collection cycle and left the old data in place
+        /// simply marking it as available.  We can't control this or even detect it.
+        /// This method is simply a good faith effort to limit the exposure of sensetive data in memory as much as possible
+        /// </remarks>
+        internal static void Destroy(byte[] sensetiveData)
+        {
+            if (sensetiveData == null)
+                throw new ArgumentNullException("sensetiveData");
+            new Random().NextBytes(sensetiveData);
+        }
+    }
+}

File OtpSharp/OtpSharp.csproj

     <Compile Include="GlobalSuppressions.cs" />
     <Compile Include="Hotp.cs" />
     <Compile Include="Key.cs" />
+    <Compile Include="KeyUtilities.cs" />
     <Compile Include="Ntp.cs" />
     <Compile Include="NtpException.cs" />
     <Compile Include="TimeCorrection.cs" />