This is Xamarin's bug tracking system. For product support, please use the support links listed in your Xamarin Account.
Bug 44109 - NetworkCredential does not convert SecureString
Summary: NetworkCredential does not convert SecureString
Alias: None
Product: Class Libraries
Classification: Mono
Component: System (show other bugs)
Version: unspecified
Hardware: PC Linux
: High normal
Target Milestone: Untriaged
Assignee: Alexander Köplinger [MSFT]
Depends on:
Reported: 2016-09-08 13:31 UTC by Menno
Modified: 2016-11-04 13:04 UTC (History)
2 users (show)

See Also:
Is this bug a regression?: ---
Last known good build:


Description Menno 2016-09-08 13:31:26 UTC
In this file on GitHub 
the implementation does not convert the SecureString password to the decrypted Password.

Many code snippets suggest using the following to get the decrypted string from a SecureString `encrypted`:

    string decrypted = new System.Net.NetworkCredential(string.Empty, encrypted).Password;

As can be seen in the code above, this would not do anything in the Mono implementation of NetworkCredential.

Fortunately, the following works on Mono:

string decrypted;
IntPtr unmanagedString = IntPtr.Zero;
  unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(encrypted);
  decrypted = Marshal.PtrToStringUni(unmanagedString);

It might be nice to implement this in NetworkCredential as well.
Comment 1 Marek Safar 2016-10-27 12:21:02 UTC
Another related issue
Comment 2 Alexander Köplinger [MSFT] 2016-11-04 13:04:38 UTC
Fixed in Mono master/c3b6638688417bc385da743ab965f5dd6d2ed592 and mono-4.8.0-branch/f4b4f97fc8353cae364711f56ad50d11ab467049

Note You need to log in before you can comment on or make changes to this bug.