Description
Credentials currently only support taking in username and password as plain text. Being able to pass a secure string in and have LibGit2Sharp handle the retrieval of the plain text as close as possible to it's use would improve security and centralize the action. Essentially moving the decryption responsibility from the client to the library where it can be handled in a correct way.
I'm thinking a new SecureUsernamePasswordCrentials
class could be implemented relatively simply. It would be very similar to the existing class. Instead of a System.String
for Username
and Password
, we would simply use a SecureString
instead.
/// <summary>
/// Username for username/password authentication (as in HTTP basic auth).
/// </summary>
public SecureString Username { get; set; }
/// <summary>
/// Password for username/password authentication (as in HTTP basic auth).
/// </summary>
public SeucreString Password { get; set; }
The GitCredentialHandler
override would be very similar to the existing implementation as well. This is where the SecureString
would be converted to an unmanaged string to be passed along to the NativeMethods and immediately freed from memory once a credential is created.
I'm willing to do the work and submit a pull request if there is any interest in this.
Am I missing any caveats?
What kinds of tests would you like to see for this functionality?