CSHARP-2163: Make PasswordEvidence implementation FIPS compliant.

Author: rstam

src/MongoDB.Driver/DecryptedSecureString.cs

@@ -0,0 +1,118 @@
+/* Copyright 2018-present MongoDB Inc.
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+using System;
+using System.Runtime.InteropServices;
+using System.Security;
+using MongoDB.Bson.IO;
+using MongoDB.Driver.Core.Misc;
+
+namespace MongoDB.Driver
+{
+    internal sealed class DecryptedSecureString : IDisposable
+    {
+        // private fields
+        private char[] _chars;
+        private GCHandle _charsHandle;
+        private IntPtr _charsIntPtr;
+        private bool _disposed;
+        private readonly SecureString _secureString;
+        private byte[] _utf8Bytes;
+        private GCHandle _utf8BytesHandle;
+
+        // constructors
+        public DecryptedSecureString(SecureString secureString)
+        {
+            _secureString = Ensure.IsNotNull(secureString, nameof(secureString));
+        }
+
+        // finalizer
+        ~DecryptedSecureString()
+        {
+            Dispose(false);
+        }
+
+        // public methods
+        public void Dispose()
+        {
+            Dispose(true);
+            GC.SuppressFinalize(this);
+        }
+
+        public char[] GetChars()
+        {
+            if (_chars == null)
+            {
+#if NET45
+                _charsIntPtr = Marshal.SecureStringToGlobalAllocUnicode(_secureString);
+#else
+                _charsIntPtr = SecureStringMarshal.SecureStringToGlobalAllocUnicode(_secureString);
+#endif
+                _chars = new char[_secureString.Length];
+                _charsHandle = GCHandle.Alloc(_chars, GCHandleType.Pinned);
+                Marshal.Copy(_charsIntPtr, _chars, 0, _secureString.Length);
+            }
+
+            return _chars;
+        }
+
+        public byte[] GetUtf8Bytes()
+        {
+            if (_utf8Bytes == null)
+            {
+                var chars = GetChars();
+                var encoding = Utf8Encodings.Strict;
+                _utf8Bytes = new byte[encoding.GetByteCount(chars)];
+                _utf8BytesHandle = GCHandle.Alloc(_utf8Bytes, GCHandleType.Pinned);
+                encoding.GetBytes(chars, 0, chars.Length, _utf8Bytes, 0);
+            }
+
+            return _utf8Bytes;
+        }
+
+        // private methods
+        private void Dispose(bool disposing)
+        {
+            if (!_disposed)
+            {
+                if (disposing)
+                {
+                    if (_utf8Bytes != null)
+                    {
+                        Array.Clear(_utf8Bytes, 0, _utf8Bytes.Length);
+                    }
+                    if (_chars != null)
+                    {
+                        Array.Clear(_chars, 0, _chars.Length);
+                    }
+                }
+                if (_utf8BytesHandle.IsAllocated)
+                {
+                    _utf8BytesHandle.Free();
+                }
+                if (_charsHandle.IsAllocated)
+                {
+                    _charsHandle.Free();
+                }
+                if (_charsIntPtr != IntPtr.Zero)
+                {
+                    Marshal.ZeroFreeGlobalAllocUnicode(_charsIntPtr);
+                    _charsIntPtr = IntPtr.Zero; // to facilitate testing
+                }
+                _disposed = true;
+            }
+        }
+    }
+}

src/MongoDB.Driver/MongoDB.Driver.csproj

@@ -106,6 +106,7 @@
     <Compile Include="ClientSessionWrappingCoreSession.cs" />
     <Compile Include="CreateIndexModel.cs" />
     <Compile Include="CreateViewOptions.cs" />
+    <Compile Include="DecryptedSecureString.cs" />
     <Compile Include="DeleteOptions.cs" />
     <Compile Include="FieldValueSerializerHelper.cs" />
     <Compile Include="FilteredMongoCollectionBase.cs" />

src/MongoDB.Driver/PasswordEvidence.cs

@@ -18,10 +18,10 @@
 using System.Runtime.InteropServices;
 using System.Security;
 using System.Security.Cryptography;
-using System.Text;
 using MongoDB.Bson;
 using MongoDB.Bson.IO;
 using MongoDB.Driver.Core.Misc;
+using MongoDB.Shared;
 
 namespace MongoDB.Driver
 {
@@ -32,7 +32,6 @@ public sealed class PasswordEvidence : MongoIdentityEvidence
     {
         // private fields
         private readonly SecureString _securePassword;
-        private readonly string _digest; // used to implement Equals without referring to the SecureString
 
         // constructors
         /// <summary>
@@ -41,18 +40,20 @@ public sealed class PasswordEvidence : MongoIdentityEvidence
         /// <param name="password">The password.</param>
         public PasswordEvidence(SecureString password)
         {
+            Ensure.IsNotNull(password, nameof(password));
             _securePassword = password.Copy();
             _securePassword.MakeReadOnly();
-            _digest = GenerateDigest(password);
         }
 
         /// <summary>
         /// Initializes a new instance of the <see cref="PasswordEvidence" /> class.
         /// </summary>
         /// <param name="password">The password.</param>
         public PasswordEvidence(string password)
-            : this(CreateSecureString(password))
-        { }
+        {
+            Ensure.IsNotNull(password, nameof(password));
+            _securePassword = CreateSecureString(password);
+        }
 
         // public properties
         /// <summary>
@@ -74,18 +75,26 @@ public SecureString SecurePassword
         public override bool Equals(object rhs)
         {
             if (object.ReferenceEquals(rhs, null) || GetType() != rhs.GetType()) { return false; }
-            return _digest == ((PasswordEvidence)rhs)._digest;
+
+            using (var lhsDecryptedPassword = new DecryptedSecureString(_securePassword))
+            using (var rhsDecryptedPassword = new DecryptedSecureString(((PasswordEvidence)rhs)._securePassword))
+            {
+                return lhsDecryptedPassword.GetChars().SequenceEqual(rhsDecryptedPassword.GetChars());
+            }
         }
 
         /// <summary>
         /// Returns a hash code for this instance.
         /// </summary>
         /// <returns>
-        /// A hash code for this instance, suitable for use in hashing algorithms and data structures like a hash table. 
+        /// A hash code for this instance, suitable for use in hashing algorithms and data structures like a hash table.
         /// </returns>
         public override int GetHashCode()
         {
-            return _digest.GetHashCode();
+            using (var decryptedPassword = new DecryptedSecureString(_securePassword))
+            {
+                return new Hasher().HashStructElements(decryptedPassword.GetChars()).GetHashCode();
+            }
         }
 
         // internal methods
@@ -97,94 +106,25 @@ public override int GetHashCode()
         internal string ComputeMongoCRPasswordDigest(string username)
         {
             using (var md5 = MD5.Create())
+            using (var decryptedPassword = new DecryptedSecureString(_securePassword))
             {
                 var encoding = Utf8Encodings.Strict;
                 var prefixBytes = encoding.GetBytes(username + ":mongo:");
-                var hash = ComputeHash(md5, prefixBytes, _securePassword);
+                var hash = ComputeHash(md5, prefixBytes, decryptedPassword.GetUtf8Bytes());
                 return BsonUtils.ToHexString(hash);
             }
         }
 
         // private static methods
-        private static SecureString CreateSecureString(string str)
-        {
-            if (str != null)
-            {
-                var secureStr = new SecureString();
-                foreach (var c in str)
-                {
-                    secureStr.AppendChar(c);
-                }
-                secureStr.MakeReadOnly();
-                return secureStr;
-            }
-
-            return null;
-        }
-
-        /// <summary>
-        /// Computes the hash value of the secured string 
-        /// </summary>
-        private static string GenerateDigest(SecureString password)
-        {
-            using (var sha256 = SHA256.Create())
-            {
-                var hash = ComputeHash(sha256, new byte[0], password);
-                return BsonUtils.ToHexString(hash);
-            }
-        }
-
-        private static byte[] ComputeHash(HashAlgorithm algorithm, byte[] prefixBytes, SecureString password)
+        private static SecureString CreateSecureString(string value)
         {
-            if (password.Length == 0)
-            {
-                return ComputeHash(algorithm, prefixBytes, new byte[0]);
-            }
-            else
-            {
-#if NET45
-                var passwordIntPtr = Marshal.SecureStringToGlobalAllocUnicode(password);
-#else
-                var passwordIntPtr = SecureStringMarshal.SecureStringToGlobalAllocUnicode(password);
-#endif
-                try
-                {
-                    var passwordChars = new char[password.Length];
-                    var passwordCharsHandle = GCHandle.Alloc(passwordChars, GCHandleType.Pinned);
-                    try
-                    {
-                        Marshal.Copy(passwordIntPtr, passwordChars, 0, password.Length);
-
-                        return ComputeHash(algorithm, prefixBytes, passwordChars);
-                    }
-                    finally
-                    {
-                        Array.Clear(passwordChars, 0, passwordChars.Length);
-                        passwordCharsHandle.Free();
-                    }
-                }
-                finally
-                {
-                    Marshal.ZeroFreeGlobalAllocUnicode(passwordIntPtr);
-                }
-            }
-        }
-
-        private static byte[] ComputeHash(HashAlgorithm algorithm, byte[] prefixBytes, char[] passwordChars)
-        {
-            var passwordBytes = new byte[Utf8Encodings.Strict.GetByteCount(passwordChars)];
-            var passwordBytesHandle = GCHandle.Alloc(passwordBytes, GCHandleType.Pinned);
-            try
-            {
-                Utf8Encodings.Strict.GetBytes(passwordChars, 0, passwordChars.Length, passwordBytes, 0);
-
-                return ComputeHash(algorithm, prefixBytes, passwordBytes);
-            }
-            finally
+            var secureString = new SecureString();
+            foreach (var c in value)
             {
-                Array.Clear(passwordBytes, 0, passwordBytes.Length);
-                passwordBytesHandle.Free();
+                secureString.AppendChar(c);
             }
+            secureString.MakeReadOnly();
+            return secureString;
         }
 
         private static byte[] ComputeHash(HashAlgorithm algorithm, byte[] prefixBytes, byte[] passwordBytes)