Add SecureStringHelper.FromPlainTextString (#14124)

xtqqczze · web-flow · commit a6abf1694105 · 2021-04-12T14:05:20.000-07:00
diff --git a/src/Microsoft.PowerShell.Security/security/SecureStringCommands.cs b/src/Microsoft.PowerShell.Security/security/SecureStringCommands.cs
@@ -359,8 +359,7 @@ protected override void ProcessRecord()
                 }
                 else
                 {
-                    importedString = new SecureString();
-                    foreach (char currentChar in String) { importedString.AppendChar(currentChar); }
+                    importedString = SecureStringHelper.FromPlainTextString(String);
                 }
             }
             catch (ArgumentException e)
diff --git a/src/System.Management.Automation/DscSupport/CimDSCParser.cs b/src/System.Management.Automation/DscSupport/CimDSCParser.cs
@@ -22,6 +22,8 @@
 using Microsoft.Management.Infrastructure.Serialization;
 using Microsoft.PowerShell.Commands;
 
+using static Microsoft.PowerShell.SecureStringHelper;
+
 namespace Microsoft.PowerShell.DesiredStateConfiguration.Internal
 {
     /// <summary>
@@ -259,12 +261,7 @@ private static object ConvertCimInstancePsCredential(string providerName, CimIns
                 throw invalidOperationException;
             }
 
-            // Extract the password into a SecureString.
-            var password = new SecureString();
-            foreach (char t in plainPassWord)
-            {
-                password.AppendChar(t);
-            }
+            SecureString password = SecureStringHelper.FromPlainTextString(plainPassWord);
 
             password.MakeReadOnly();
             return new PSCredential(userName, password);
diff --git a/src/System.Management.Automation/security/SecureStringHelper.cs b/src/System.Management.Automation/security/SecureStringHelper.cs
@@ -2,6 +2,7 @@
 // Licensed under the MIT License.
 
 using System;
+using System.Diagnostics;
 using System.Globalization;
 using System.IO;
 using System.Management.Automation;
@@ -385,6 +386,26 @@ internal static SecureString Decrypt(string input, byte[] key, byte[] IV)
                 return s;
             }
         }
+
+#nullable enable
+        /// <summary>Creates a new <see cref="SecureString"/> from a <see cref="string"/>.</summary>
+        /// <param name="plainTextString">Plain text string. Must not be null.</param>
+        /// <returns>A new SecureString.</returns>
+        internal static unsafe SecureString FromPlainTextString(string plainTextString)
+        {
+            Debug.Assert(plainTextString is not null);
+
+            if (plainTextString.Length == 0)
+            {
+                return new SecureString();
+            }
+
+            fixed (char* charsPtr = plainTextString)
+            {
+                return new SecureString(charsPtr, plainTextString.Length);
+            }
+        }
+#nullable restore
     }
 
     /// <summary>

Original file line number	Diff line number	Diff line change
`@@ -359,8 +359,7 @@ protected override void ProcessRecord()`
`359`	`359`	`}`
`360`	`360`	`else`
`361`	`361`	`{`
`362`		`- importedString = new SecureString();`
`363`		`- foreach (char currentChar in String) { importedString.AppendChar(currentChar); }`
	`362`	`+ importedString = SecureStringHelper.FromPlainTextString(String);`
`364`	`363`	`}`
`365`	`364`	`}`
`366`	`365`	`catch (ArgumentException e)`