Related
I have this bot that is fairly complicated, but it works locally. But as soon as I publish it, it fails with the error:
Sorry, my bot code is having an issue.
I have tried using Application Insights, but it isn't showing the error details.
The error always happens at the same point:
/// <summary>
/// Start our response
/// </summary>
/// <param name="context">The current context</param>
/// <returns></returns>
public async Task StartAsync(IDialogContext context)
{
// Get our current step
_groups = await _groupProvider.ListAsync();
_group = _groups.First();
// Post the question header
await context.PostAsync(_group.Text);
// Wait for the users response
context.Wait(AskQuestion);
}
/// <summary>
/// When our message is recieved we execute this delegate
/// </summary>
/// <param name="context">The current context</param>
/// <param name="result">The result object</param>
/// <returns></returns>
private async Task AskQuestion(IDialogContext context, IAwaitable<IMessageActivity> result)
{
// Get our question and answers
var question = this._group.Questions[_currentQuestion];
var questionText = question.Text;
var answers = question.Answers.Select(m => m.Text).ToList();
var answerCount = question.Answers.Count;
// Create our options
var options = new PromptOptions<string>(questionText, options: answers);
// Ask our question
Choice<string>(context, GetAnswer, options);
}
/// <summary>
/// Get our answer and decide what to do next
/// </summary>
/// <param name="context">The current context</param>
/// <param name="result">The answer text</param>
/// <returns></returns>
private async Task GetAnswer(IDialogContext context, IAwaitable<string> result)
{
// Get our quest
var questions = _group.Questions;
var length = questions.Count;
var question = _group.Questions[_currentQuestion];
var selectedAnswer = await result;
// Assign our answer to our question
foreach (var answer in question.Answers)
if (answer.Text == selectedAnswer)
question.Answer = answer;
// If we have an answer, filter the products
if (question.Answer != null)
_productProvider.Score(await GetCurrentProducts(), _groups);
// Increase our index
_currentQuestion++;
// If our current index is greater or equal than the length of the questions
if (_currentQuestion == length)
{
// Create our dialog
var dialog = _dialogFactory.CreateSecondStepDialog(_dialogFactory, _groupProvider, _questionProvider, _productProvider, await GetCurrentProducts());
// Otherwise, got to the next step
await context.Forward(dialog, ResumeAfter, new Activity { }, CancellationToken.None);
return;
}
// Ask our next question
await AskQuestion(context, null);
}
So when this dialog starts, it posts the question introduction to the client.
I then invoke context.Wait and ask the question. The question is a choice. I believe that this is where the issue is, because it always throws that message as soon as the question appears.
Can anyone spot anything glaringly obvious with the code?
The error message you have cited, is given when your bot throws a 500. Looking at your code, my guess is that you have a null ref exception. In the section under "// Get our question and answers", try checking that group.Questions isn't null and that _currentQuestion is a valid index into that array.
I have class working with excel worksheet.
How to you write test to prove that Merge method gets called.
/// <summary>
/// Merges the cells together.
/// </summary>
/// <param name="ws">The worksheet.</param>
/// <param name="cellsToMerge">The cells to merge.</param>
/// <exception cref="System.ArgumentNullException">ws;Worksheet has to be defined</exception>
/// <exception cref="System.ArgumentException">Cells cannot contain null or empty string;cellsToMerge</exception>
public void MergeCellsTogether(Worksheet ws, string cellsToMerge)
{
if(ws==null) throw new ArgumentNullException("ws","Worksheet has to be defined");
if(string.IsNullOrEmpty(cellsToMerge))throw new ArgumentException("Cells cannot contain null or empty string", "cellsToMerge");
var cells = ws.Cells[cellsToMerge]; // failing to setup
ws.Range[cells].Merge();
}
now my test is using MOQ
[TestMethod]
public void TestForMergingCellsTogether()
{
// assign
var cellsToMerge = "A1:C3";
// mock
var ws = new Mock<Worksheet>();
var range = new Mock<Range>();
ws.Setup(x => x.get_Range(It.IsAny<object>(), It.IsAny<object>())).Returns(range.Object);
// this is part that is giving my headake
ws.Setup(x => x.Cells[It.IsAny<object>(),It.IsAny<object>()]).Returns(range.Object);
range.Setup(x => x.Merge(It.IsAny<object>()));
// act
var ps = new RenderProcess("fileName");
ps.MergeCellsTogether(ws.Object, cellsToMerge);
// assert
range.VerifyAll();
}
I have found solution to my question.
My approach was incorrect.
My updated(simplified) code
/// <summary>
/// Merges the cells together.
/// </summary>
/// <param name="worksheet">The worksheet.</param>
/// <param name="cellsToMerge">The cells to merge.</param>
/// <exception cref="System.ArgumentNullException">ws;Worksheet has to be defined</exception>
/// <exception cref="System.ArgumentException">Cells cannot contain null or empty string;cellsToMerge</exception>
public void MergeCellsTogether(Worksheet worksheet, string cellsToMerge)
{
if(worksheet==null) throw new ArgumentNullException("worksheet","Worksheet has to be defined");
if(string.IsNullOrEmpty(cellsToMerge))throw new ArgumentException("Cells cannot contain null or empty string", "cellsToMerge");
worksheet.Range[cellsToMerge].Merge();
}
And my tests method:
// assign
var cellsToMerge = "A1:C3";
// mock
var ws = new Mock<Worksheet>();
var range = new Mock<Range>();
ws.Setup(x => x.get_Range(It.IsAny<object>(), It.IsAny<object>())).Returns(range.Object);
range.Setup(x => x.Merge(It.IsAny<object>()));
// act
var process = new RenderExcel();
process.CreateExcelWorkSheet("fileName");
process.MergeCellsTogether((Worksheet)ws.Object, cellsToMerge);
// assert
range.VerifyAll();
iI am trying to use the sample code provided on the site alphavss. I am trying to include the class VssBackup.cs and then use this in my program. Most likely I am missing a dll reference but I am not getting any errors on the using components. Anyone knows what the problem could be?
I am getting 3 errors:
The type or namespace name 'Snapshot' could not be found (are you missing a using directive or an assembly reference?)
Snapshot _snap;
The type or namespace name 'IVssAsync' could not be found (are you missing a using directive or an assembly reference?
using (IVssAsync async = _backup.GatherWriterMetadata())
{.......
The type or namespace name 'Snapshot' could not be found (are you missing a using directive or an assembly reference?)
_snap = new Snapshot(_backup);
Class **VssBackup.cs C# Sample Code that the site provides**
/* Copyright (c) 2008-2012 Peter Palotas
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
#region Copyright Notice
/*
* AlphaVSS Sample Code
* Written by Jay Miller
*
* This code is hereby released into the public domain, This applies
* worldwide.
*/
#endregion
using System;
using System.Diagnostics;
using System.Collections.Generic;
using Alphaleonis.Win32.Vss;
using Alphaleonis.Win32.Filesystem;
namespace VssSample
{
/// <summary>
/// This class encapsulates some simple VSS logic. Its goal is to allow
/// a user to backup a single file from a shadow copy (presumably because
/// that file is otherwise unavailable on its home volume).
/// </summary>
/// <example>
/// This code creates a shadow copy and copies a single file from
/// the new snapshot to a location on the D drive. Here we're
/// using the AlphaFS library to make a full-file copy of the file.
/// <code>
/// string source_file = #"C:\Windows\system32\config\sam";
/// string backup_root = #"D:\Backups";
/// string backup_path = Path.Combine(backup_root,
/// Path.GetFilename(source_file));
///
/// // Initialize the shadow copy subsystem.
/// using (VssBackup vss = new VssBackup())
/// {
/// vss.Setup(Path.GetPathRoot(source_file));
/// string snap_path = vss.GetSnapshotPath(source_file);
///
/// // Here we use the AlphaFS library to make the copy.
/// Alphaleonis.Win32.Filesystem.File.Copy(snap_path, backup_path);
/// }
/// </code>
/// This code creates a shadow copy and opens a stream over a file
/// on the new snapshot volume.
/// <code>
/// string source_file = #"C:\Windows\system32\config\sam";
///
/// // Initialize the shadow copy subsystem.
/// using (VssBackup vss = new VssBackup())
/// {
/// vss.Setup(Path.GetPathRoot(filename));
///
/// // We can now access the shadow copy by either retrieving a stream:
/// using (Stream s = vss.GetStream(filename))
/// {
/// Debug.Assert(s.CanRead == true);
/// Debug.Assert(s.CanWrite == false);
/// }
/// }
/// </code>
/// </example>
public class VssBackup : IDisposable
{
/// <summary>
/// Setting this flag to true will enable 'component mode', which
/// does not, in this example, do much of any substance.
/// </summary>
/// <remarks>
/// VSS has the ability to selectively disable VSS-compatible
/// components according to the specifics of the current backup. One
/// might, for example, only quiesce Outlook if only the Outlook PST
/// file is intended to be backed up. The ExamineComponents() method
/// provides a framework for this sort of mode if you're interested.
/// Otherwise, this example code quiesces all VSS-compatible components
/// before making its shadow copy.
/// </remarks>
bool ComponentMode = false;
/// <summary>A reference to the VSS context.</summary>
IVssBackupComponents _backup;
/// <summary>Some persistent context for the current snapshot.</summary>
Snapshot _snap;
/// <summary>
/// Constructs a VssBackup object and initializes some of the necessary
/// VSS structures.
/// </summary>
public VssBackup()
{
InitializeBackup();
}
/// <summary>
/// Sets up a shadow copy against the specified volume.
/// </summary>
/// <remarks>
/// This methods is separated out from the constructor because if it
/// throws, we still want the Dispose() method to be called.
/// </remarks>
/// <param name="volumeName">Name of the volume to copy.</param>
public void Setup(string volumeName)
{
Discovery(volumeName);
PreBackup();
}
/// <summary>
/// The disposal of this object involves sending completion notices
/// to the writers, removing the shadow copies from the system and
/// finally releasing the BackupComponents object. This method must
/// be called when this class is no longer used.
/// </summary>
public void Dispose()
{
try { Complete(true); } catch { }
if (_snap != null)
{
_snap.Dispose();
_snap = null;
}
if (_backup != null)
{
_backup.Dispose();
_backup = null;
}
}
/// <summary>
/// This stage initializes both the requester (this program) and
/// any writers on the system in preparation for a backup and sets
/// up a communcation channel between the two.
/// </summary>
void InitializeBackup()
{
// Here we are retrieving an OS-dependent object that encapsulates
// all of the VSS functionality. The OS indepdence that this single
// factory method provides is one of AlphaVSS's major strengths!
IVssImplementation vss = VssUtils.LoadImplementation();
// Now we create a BackupComponents object to manage the backup.
// This object will have a one-to-one relationship with its backup
// and must be cleaned up when the backup finishes (ie. it cannot
// be reused).
//
// Note that this object is a member of our class, as it needs to
// stick around for the full backup.
_backup = vss.CreateVssBackupComponents();
// Now we must initialize the components. We can either start a
// fresh backup by passing null here, or we could resume a previous
// backup operation through an earlier use of the SaveXML method.
_backup.InitializeForBackup(null);
// At this point, we're supposed to establish communication with
// the writers on the system. It is possible before this step to
// enable or disable specific writers via the BackupComponents'
// Enable* and Disable* methods.
//
// Note the 'using' construct here to dispose of the asynchronous
// comm link once we no longer need it.
using (IVssAsync async = _backup.GatherWriterMetadata())
{
// Because allowing writers to prepare their metadata can take
// a while, we are given a VssAsync object that gives us some
// status on the background operation. In this case, we just
// wait for it to finish.
async.Wait();
}
}
/// <summary>
/// This stage involes the requester (us, again) processing the
/// information it received from writers on the system to find out
/// which volumes - if any - must be shadow copied to perform a full
/// backup.
/// </summary>
void Discovery(string fullPath)
{
if (ComponentMode)
// In component mode, we would need to enumerate through each
// component and decide whether it should be added to our
// backup document.
ExamineComponents(fullPath);
else
// Once we are finished with the writer metadata, we can dispose
// of it. If we were in component mode, we would want to keep it
// around so that we could notify the writers of our success or
// failure when we finish the backup.
_backup.FreeWriterMetadata();
// Now we use our helper class to add the appropriate volume to the
// shadow copy set.
_snap = new Snapshot(_backup);
_snap.AddVolume(Path.GetPathRoot(fullPath));
}
/// <summary>
/// This method is optional in this implementation, and in fact does
/// nothing of substance. It does demonstrate how one might parse
/// through the various writers on the system and add them to the
/// backup document if necessary.
/// </summary>
/// <param name="fullPath">The full path of the file to back up.</param>
void ExamineComponents(string fullPath)
{
// At this point it is the requester's duty to examine what the
// writers have prepared for us. The WriterMetadata property
// (in place of the C API's 'GetWriterMetadata' function) collects
// metadata from each writer behind a list interface.
IList<IVssExamineWriterMetadata> writer_mds = _backup.WriterMetadata;
// If you receive a "bad state" error when enumerating, you might
// have a registry inconsistency from a program that improperly
// uninstalled itself. If your event log is showing an error like,
// "ContentIndexingService called routine RegQueryValueExW which
// failed," you'll want to read Microsoft's KB article #907574.
foreach (IVssExamineWriterMetadata metadata in writer_mds)
{
// We can see the name of the writer, if we like.
Trace.WriteLine("Examining metadata for " + metadata.WriterName);
// The important bit of the writers' metadata is the list of
// components each writer is broken into. These components are
// responsible for some number of files, so going through this
// data allows us to construct an initial list of files for our
// shadow copies.
foreach (IVssWMComponent cmp in metadata.Components)
{
// Print out some info for each component.
Trace.WriteLine(" Component: " + cmp.ComponentName);
Trace.WriteLine(" Component info: " + cmp.Caption);
// If a component is available for backup, it's then up to us to
// decide whether it is relevant to the current backup. To do
// this, we may examine the files each component manages.
foreach (VssWMFileDescription file in cmp.Files)
{
// The idea here is to find out whether these files are
// relevant to whatever purpose your application holds. If
// they are, you should a) add this component to your backup
// set so VSS involves it in the shadow copy operation, and
// b) record the files' volume names so you know later which
// volumes need to be shadow copied.
// I'm not worried about that stuff for this example, though,
// so instead I'm printing out the stuff you might need to
// examine if you have requirements of that sort.
Trace.WriteLine(" Path: " + file.Path);
Trace.WriteLine(" Spec: " + file.FileSpecification);
// Here we might insert some logic to:
//
// 1. Check whether the AlternateLocation property is valid.
// 2. Expand environment vairables in either Path.or
// AlternateLocation, as appropriate.
// 3. Considering the FileSpecification and the IsRecursive
// properties, decide whether this component manages
// the file(s) you wish to backup (in this case, the
// fullPath argument).
//
// If this component is relevant, add it with AddComponent().
// (The FileToPathSpecification method below might help with
// some of these steps.)
}
}
}
}
/// <summary>
/// This phase of the backup is focused around creating the shadow copy.
/// We will notify writers of the impending snapshot, after which they
/// have a short period of time to get their on-disk data in order and
/// then quiesce writing.
/// </summary>
void PreBackup()
{
Debug.Assert(_snap != null);
// This next bit is a way to tell writers just what sort of backup
// they should be preparing for. The important parts for us now
// are the first and third arguments: we want to do a full,
// backup and, depending on whether we are in component mode, either
// a full-volume backup or a backup that only requires specific
// components.
_backup.SetBackupState(ComponentMode,
true, VssBackupType.Full, false);
// From here we just need to send messages to each writer that our
// snapshot is imminent,
using (IVssAsync async = _backup.PrepareForBackup())
{
// As before, the 'using' statement automatically disposes of
// our comm link. Also as before, we simply block while the
// writers to complete their background preparations.
async.Wait();
}
// It's now time to create the snapshot. Each writer will have to
// freeze its I/O to the selected volumes for up to 10 seconds
// while this process takes place.
_snap.Copy();
}
/// <summary>
/// This simple method uses a bit of string manipulation to turn a
/// full, local path into its corresponding snapshot path. This
/// method may help users perform full file copies from the snapsnot.
/// </summary>
/// <remarks>
/// Note that the System.IO methods are not able to access files on
/// the snapshot. Instead, you will need to use the AlphaFS library
/// as shown in the example.
/// </remarks>
/// <example>
/// This code creates a shadow copy and copies a single file from
/// the new snapshot to a location on the D drive. Here we're
/// using the AlphaFS library to make a full-file copy of the file.
/// <code>
/// string source_file = #"C:\Windows\system32\config\sam";
/// string backup_root = #"D:\Backups";
/// string backup_path = Path.Combine(backup_root,
/// Path.GetFilename(source_file));
///
/// // Initialize the shadow copy subsystem.
/// using (VssBackup vss = new VssBackup())
/// {
/// vss.Setup(Path.GetPathRoot(source_file));
/// string snap_path = vss.GetSnapshotPath(source_file);
///
/// // Here we use the AlphaFS library to make the copy.
/// Alphaleonis.Win32.Filesystem.File.Copy(snap_path, backup_path);
/// }
/// </code>
/// </example>
/// <seealso cref="GetStream"/>
/// <param name="localPath">The full path of the original file.</param>
/// <returns>A full path to the same file on the snapshot.</returns>
public string GetSnapshotPath(string localPath)
{
Trace.WriteLine("New volume: " + _snap.Root);
// This bit replaces the file's normal root information with root
// info from our new shadow copy.
if (Path.IsPathRooted(localPath))
{
string root = Path.GetPathRoot(localPath);
localPath = localPath.Replace(root, String.Empty);
}
string slash = Path.DirectorySeparatorChar.ToString();
if (!_snap.Root.EndsWith(slash) && !localPath.StartsWith(slash))
localPath = localPath.Insert(0, slash);
localPath = localPath.Insert(0, _snap.Root);
Trace.WriteLine("Converted path: " + localPath);
return localPath;
}
/// <summary>
/// This method opens a stream over the shadow copy of the specified
/// file.
/// </summary>
/// <example>
/// This code creates a shadow copy and opens a stream over a file
/// on the new snapshot volume.
/// <code>
/// string source_file = #"C:\Windows\system32\config\sam";
///
/// // Initialize the shadow copy subsystem.
/// using (VssBackup vss = new VssBackup())
/// {
/// vss.Setup(Path.GetPathRoot(filename));
///
/// // We can now access the shadow copy by either retrieving a stream:
/// using (Stream s = vss.GetStream(filename))
/// {
/// Debug.Assert(s.CanRead == true);
/// Debug.Assert(s.CanWrite == false);
/// }
/// }
/// </code>
/// </example>
public System.IO.Stream GetStream(string localPath)
{
// GetSnapshotPath() returns a very funky-looking path. The
// System.IO methods can't handle these sorts of paths, so instead
// we're using AlphaFS, another excellent library by Alpha Leonis.
// Note that we have no 'using System.IO' at the top of the file.
// (The Stream it returns, however, is just a System.IO stream.)
return File.OpenRead(GetSnapshotPath(localPath));
}
/// <summary>
/// The final phase of the backup involves some cleanup steps.
/// If we're in component mode, we're supposed to notify each of the
/// writers of the outcome of the backup. Once that's done, or if
/// we're not in component mode, we send the BackupComplete event to
/// all of the writers.
/// </summary>
/// <param name="succeeded">Success value for all of the writers.</param>
void Complete(bool succeeded)
{
if (ComponentMode)
{
// As before, we iterate through all of the writers on the system.
// A more efficient method might only iterate through those writers
// that were actually involved in this backup.
IList<IVssExamineWriterMetadata> writers = _backup.WriterMetadata;
foreach (IVssExamineWriterMetadata metadata in writers)
{
foreach (IVssWMComponent component in metadata.Components)
{
// The BackupSucceeded call should mirror the AddComponent
// call that was called during the discovery phase.
_backup.SetBackupSucceeded(
metadata.InstanceId, metadata.WriterId,
component.Type, component.LogicalPath,
component.ComponentName, succeeded);
}
}
// Finally, we can dispose of the writer metadata.
_backup.FreeWriterMetadata();
}
try
{
// The BackupComplete event must be sent to all of the writers.
using (IVssAsync async = _backup.BackupComplete())
async.Wait();
}
// Not sure why, but this throws a VSS_BAD_STATE on XP and W2K3.
// Per some forum posts about this, I'm just ignoring it.
catch (VssBadStateException) { }
}
/// <summary>
/// This method takes the information in a file description and
/// converts it to a full path specification - with wildcards.
/// </summary>
/// <remarks>
/// Using the wildcard-to-regex library found at
/// http://www.codeproject.com/KB/string/wildcmp.aspx on the
/// output of this method might be very helpful.
/// </remarks>
/// <param name="file">Object describing a component's file.</param>
/// <returns>
/// Returns a full path, potentially including DOS wildcards. Eg.
/// 'c:\windows\config\*'.
/// </returns>
string FileToPathSpecification(VssWMFileDescription file)
{
// Environment variables (eg. "%windir%") are common.
string path = Environment.ExpandEnvironmentVariables(file.Path);
// Use the alternate location if it's present.
if (!String.IsNullOrEmpty(file.AlternateLocation))
path = Environment.ExpandEnvironmentVariables(
file.AlternateLocation);
// Normalize wildcard usage.
string spec = file.FileSpecification.Replace("*.*", "*");
// Combine the file specification and the directory name.
return Path.Combine(path, file.FileSpecification);
}
}
}
I ran into the same issues when attempting to use that sample code. You should note that in addition to linking, and adding references to the references you need for AlphaVss, that this code also uses AlphaFS. In particular, you should link and reference AlphaFS.dll from that package.
The Snapshot class could not be found...you should bring in the Snapshot.cs file from the sample to your project.
But wait...there's more...
This was a bit frustrating til I found a few clever notes in the change log from version 1.1.
"* BREAKING CHANGE: The class VssWMFileDescription has been renamed to VssWMFileDescriptor
BREAKING CHANGE: The IVssAsync interface has been removed. Any methods previously returning
IVssAsync are now synchronous and returns void. Asynchronous versions of these
methods have been added with the standard APM naming scheme of BeginXXX, EndXXX
where the Begin method returns an IVssAsyncResult instance which implements
the standard IAsyncResult interface.
"
Replacing "VssWMFileDescription" with "VssWMFileDescriptor" will get you half the way there.
To get this code to compile and function, change the messages in the following pattern of:
using (IVssAsync async = _backup.GatherWriterMetadata())
{
// Because allowing writers to prepare their metadata can take
// a while, we are given a VssAsync object that gives us some
// status on the background operation. In this case, we just
// wait for it to finish.
async.Wait();
}
to
_backup.GatherWriterMetadata();
In short, the methods are now synchronous, so calling them differently will do the trick.
I hope this helps. I have my VssSample code working with these changes.
You've added references to all the AlphaVSS files? AlphaVSS.Common loads the correct assembly for the OS via IVssImplementation vss = VssUtils.LoadImplementation();.
The list for AlphaVSS 1.1 (add references to all of them):
AlphaVSS.Common
AlphaVSS.51.x86
AlphaVSS.52.x64
AlphaVSS.52.x86
AlphaVSS.60.x64
AlphaVSS.60.x86
I know the .NET library offers a way of storing a string in a protected/secure manner = SecureString.
My question is, if I would like to store a byte array, what would be the best, most secure container to hold this?
It is important to understand the vulnerability of the System.String type. It is impossible to make it completely secure, SecureString exists to minimize the risk of exposure. System.String is risky because:
Their content is visible elsewhere, without having to use a debugger. An attacker can look in the paging file (c:\pagefile.sys), it preserves the content of RAM pages that were swapped out to disk to make room for other programs that need RAM
System.String is immutable, you cannot scrub the content of a string after you used it
The garbage collected heap compacts the heap but does not reset the content of the memory that was freed-up. Which can leave a copy of the string data in memory, entirely out of reach from your program.
The clear risk here is that the string content can be visible long after the string was used, thus greatly increasing the odds that an attacker can see it. SecureString provides a workaround by storing the string in unmanaged memory, where it is not subject to the garbage collector leaving stray copies of the string content.
It should be clear now how you can create your own version of secure array with the same kind of guarantees that SecureString provides. You do not have the immutability problem, scrubbing the array after you use it is not a problem. Which in itself is almost always good enough, implicit in reducing the likelihood of exposure is that you don't keep a reference to the array for very long either. So the odds of the non-scrubbed copy of the array data surviving after a garbage collection should already be low. You can reduce that risk as well, present only for arrays less than 85,000 bytes. Either by doing it the way SecureString does it and using Marshal.AllocHGlobal(). Or much easier by pinning the array, GCHandle.Alloc().
as of .Net 2.0 use the ProtectedData.Protect Method, looks like setting the scope to DataProtectionScope.CurrentUser should give the same desired effect as secure string
example usage taken from here
http://msdn.microsoft.com/en-us/library/system.security.cryptography.protecteddata.protect.aspx
using System;
using System.Security.Cryptography;
public class DataProtectionSample
{
// Create byte array for additional entropy when using Protect method.
static byte [] s_aditionalEntropy = { 9, 8, 7, 6, 5 };
public static void Main()
{
// Create a simple byte array containing data to be encrypted.
byte [] secret = { 0, 1, 2, 3, 4, 1, 2, 3, 4 };
//Encrypt the data.
byte [] encryptedSecret = Protect( secret );
Console.WriteLine("The encrypted byte array is:");
PrintValues(encryptedSecret);
// Decrypt the data and store in a byte array.
byte [] originalData = Unprotect( encryptedSecret );
Console.WriteLine("{0}The original data is:", Environment.NewLine);
PrintValues(originalData);
}
public static byte [] Protect( byte [] data )
{
try
{
// Encrypt the data using DataProtectionScope.CurrentUser. The result can be decrypted
// only by the same current user.
return ProtectedData.Protect( data, s_aditionalEntropy, DataProtectionScope.CurrentUser );
}
catch (CryptographicException e)
{
Console.WriteLine("Data was not encrypted. An error occurred.");
Console.WriteLine(e.ToString());
return null;
}
}
public static byte [] Unprotect( byte [] data )
{
try
{
//Decrypt the data using DataProtectionScope.CurrentUser.
return ProtectedData.Unprotect( data, s_aditionalEntropy, DataProtectionScope.CurrentUser );
}
catch (CryptographicException e)
{
Console.WriteLine("Data was not decrypted. An error occurred.");
Console.WriteLine(e.ToString());
return null;
}
}
public static void PrintValues( Byte[] myArr )
{
foreach ( Byte i in myArr )
{
Console.Write( "\t{0}", i );
}
Console.WriteLine();
}
}
A combination of RtlZeroMemory and VirtualLock can do what you want. VirtualLock if you want to keep the data from swapping to disk and RtlZeroMemory to ensure the memory gets zeroed (I tried to use RtlSecureZeroMemory but that doesn't seem to exist in kernel.dll) The class below will store a array of any of the built in types securely. I broke the solution up into two classes to separate out the type-agnostic code.
The first class just allocates and holds an array. It does a runtime check that the template type is a built in type. Unfortunately, I couldn't figure a way to do that at compile time.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
/// <summary>
/// Manage an array that holds sensitive information.
/// </summary>
/// <typeparam name="T">
/// The type of the array. Limited to built in types.
/// </typeparam>
public sealed class SecureArray<T> : SecureArray
{
private readonly T[] buf;
/// <summary>
/// Initialize a new instance of the <see cref="SecureArray{T}"/> class.
/// </summary>
/// <param name="size">
/// The number of elements in the secure array.
/// </param>
/// <param name="noswap">
/// Set to true to do a Win32 VirtualLock on the allocated buffer to
/// keep it from swapping to disk.
/// </param>
public SecureArray(int size, bool noswap = true)
{
this.buf = new T[size];
this.Init(this.buf, ElementSize(this.buf) * size, noswap);
}
/// <summary>
/// Gets the secure array.
/// </summary>
public T[] Buffer => this.buf;
/// <summary>
/// Gets or sets elements in the secure array.
/// </summary>
/// <param name="i">
/// The index of the element.
/// </param>
/// <returns>
/// The element.
/// </returns>
public T this[int i]
{
get
{
return this.buf[i];
}
set
{
this.buf[i] = value;
}
}
}
The next class does the real work. It tells the garbage collector to pin the array in memory. It then locks it so it doesn't swap. Upon disposal, it zeros the array and unlocks it and then tells the garbage collector to unpin it.
/// <summary>
/// Base class of all <see cref="SecureArray{T}"/> classes.
/// </summary>
public class SecureArray : IDisposable
{
/// <summary>
/// Cannot find a way to do a compile-time verification that the
/// array element type is one of these so this dictionary gets
/// used to do it at runtime.
/// </summary>
private static readonly Dictionary<Type, int> TypeSizes =
new Dictionary<Type, int>
{
{ typeof(sbyte), sizeof(sbyte) },
{ typeof(byte), sizeof(byte) },
{ typeof(short), sizeof(short) },
{ typeof(ushort), sizeof(ushort) },
{ typeof(int), sizeof(int) },
{ typeof(uint), sizeof(uint) },
{ typeof(long), sizeof(long) },
{ typeof(ulong), sizeof(ulong) },
{ typeof(char), sizeof(char) },
{ typeof(float), sizeof(float) },
{ typeof(double), sizeof(double) },
{ typeof(decimal), sizeof(decimal) },
{ typeof(bool), sizeof(bool) }
};
private GCHandle handle;
private uint byteCount;
private bool virtualLocked;
/// <summary>
/// Initialize a new instance of the <see cref="SecureArray"/> class.
/// </summary>
/// <remarks>
/// You cannot create a <see cref="SecureArray"/> directly, you must
/// derive from this class like <see cref="SecureArray{T}"/> does.
/// </remarks>
protected SecureArray()
{
}
/// <summary>
/// Gets the size of the buffer element. Will throw a
/// <see cref="NotSupportedException"/> if the element type is not
/// a built in type.
/// </summary>
/// <typeparam name="T">
/// The array element type to return the size of.
/// </typeparam>
/// <param name="buffer">
/// The array.
/// </param>
/// <returns></returns>
public static int BuiltInTypeElementSize<T>(T[] buffer)
{
int elementSize;
if (!TypeSizes.TryGetValue(typeof(T), out elementSize))
{
throw new NotSupportedException(
$"Type {typeof(T).Name} not a built in type. "
+ $"Valid types: {string.Join(", ", TypeSizes.Keys.Select(t => t.Name))}");
}
return elementSize;
}
/// <summary>
/// Zero the given buffer in a way that will not be optimized away.
/// </summary>
/// <typeparam name="T">
/// The type of the elements in the buffer.
/// </typeparam>
/// <param name="buffer">
/// The buffer to zero.
/// </param>
public static void Zero<T>(T[] buffer)
where T : struct
{
var bufHandle = GCHandle.Alloc(buffer, GCHandleType.Pinned);
try
{
IntPtr bufPtr = bufHandle.AddrOfPinnedObject();
UIntPtr cnt = new UIntPtr(
(uint)buffer.Length * (uint)BuiltInTypeElementSize(buffer));
RtlZeroMemory(bufPtr, cnt);
}
finally
{
bufHandle.Free();
}
}
/// <inheritdoc/>
public void Dispose()
{
IntPtr bufPtr = this.handle.AddrOfPinnedObject();
UIntPtr cnt = new UIntPtr(this.byteCount);
RtlZeroMemory(bufPtr, cnt);
if (this.virtualLocked)
{
VirtualUnlock(bufPtr, cnt);
}
this.handle.Free();
}
/// <summary>
/// Call this with the array to secure and the number of bytes in that
/// array. The buffer will be zeroed and the handle freed when the
/// instance is disposed.
/// </summary>
/// <param name="buf">
/// The array to secure.
/// </param>
/// <param name="sizeInBytes">
/// The number of bytes in the buffer in the pinned object.
/// </param>
/// <param name="noswap">
/// True to lock the memory so it doesn't swap.
/// </param>
protected void Init<T>(T[] buf, int sizeInBytes, bool noswap)
{
this.handle = GCHandle.Alloc(buf, GCHandleType.Pinned);
this.byteCount = (uint)sizeInBytes;
IntPtr bufPtr = this.handle.AddrOfPinnedObject();
UIntPtr cnt = new UIntPtr(this.byteCount);
if (noswap)
{
VirtualLock(bufPtr, cnt);
this.virtualLocked = true;
}
}
[DllImport("kernel32.dll")]
private static extern void RtlZeroMemory(IntPtr ptr, UIntPtr cnt);
[DllImport("kernel32.dll")]
static extern bool VirtualLock(IntPtr lpAddress, UIntPtr dwSize);
[DllImport("kernel32.dll")]
static extern bool VirtualUnlock(IntPtr lpAddress, UIntPtr dwSize);
}
To use the class, simply do something like this:
using (var secret = new SecureArray<byte>(secretLength))
{
DoSomethingSecret(secret.Buffer);
}
Now, this class does two things you shouldn't do lightly, first of all, it pins the memory. This can reduce performance because the garbage collector now must work around that memory it cannot move. Second, it can lock pages in memory that the operating system may wish to swap out. This short-changes other processes on your system because now they cannot get access to that RAM.
To minimize the detrimental effects of SecureArray<T>, don't use it a lot and use it only for short amounts of time. If you want to keep the data around for longer, then you need to encrypt it. For that, your best bet is the ProtectedData class. Unfortunately, that puts your sensitive data into a non-secure byte array. The best you can do from there is do a quick copy into a SecureArray<byte>.Buffer and then a SecureArray.Zero on the sensitive byte array.
There is no "best" way to do this - you need to identify the threat you are trying to protect against in order to decide what to do or indeed if anything needs to be done.
One point to note is that, unlike a string which is immutable, you can zero out the bytes in a byte array after you've finished with them, so you won't have the same set of problems that SecureString is designed to solve.
Encrypting data could be appropriate for some set of problems, but then you will need to identify how to protect the key from unauthorized access.
I find it difficult to imagine a situation where encrypting a byte array in this way would be useful. More details of exactly what you're trying to do would help.
You could use SecureString to store the byte array.
SecureString testString = new SecureString();
// Assign the character array to the secure string.
foreach (byte b in bytes)
testString.AppendChar((char)b);
then you just reverse the process to get the bytes back out.
This isn't the only way, you can always use a MemoryBuffer and and something out of System.Security.Cryptography. But this is the only thing specifically designed to be secure in this way. All others you would have to create with the System.Security.Cryptography, which is probably the best way for you to go.
One option:
You could store the bytes in a memory stream, encrypted using any of the providers in the System.Security.Cryptography namespace.
I'm looking at taking a set of objects, let's say there's 3 objects alive at the moment, which all implement a common interface, and then wrap those objects inside a fourth object, also implementing the same interface.
The fourth object's implementations of methods and properties would simply call the relevant bits on those 3 underlying objects. I know that there will be cases here where it won't make sense to do that, but this is for a service multicast architecture so there's already a good set of limitations in place.
My question is where to start. The generation of that fourth object should be done in memory, at runtime, so I'm thinking Reflection.Emit, unfortunately I don't have enough experience with that to even know where to begin.
Do I have to construct an in-memory assembly? It sure looks that way, but I'd just like a quick pointer to where I should start.
Basically I'm looking at taking an interface, and a list of object instances all implementing that interface, and constructing a new object, also implementing that interface, which should "multicast" all method calls and property access to all the underlying objects, at least as much as possible. There will be heaps of problems with exceptions and such but I'll tackle those bits when I get to them.
This is for a service-oriented architecture, where I would like to have existing code that takes, as an example, a logger-service, to now access multiple logger services, without having to change the code that uses the services. Instead, I'd like to runtime-generate a logger-service-wrapper that internally simply calls the relevant methods on multiple underlying objects.
This is for .NET 3.5 and C#.
I'll post my own implementation here, if anyone's interested.
This is heavily influenced and copied from Marc's answer, which I accepted.
The code can be used to wrap a set of objects, all implementing a common interface, inside a new object, also implementing said interface. When methods and properties on the returned object is accessed, the corresponding methods and properties on the underlying objects are accessed in the same way.
Here there be dragons: This is for a specific usage. There's potential for odd problems with this, in particular since the code does not ensure that all underlying objects are given the exact same objects as the callee is passing (or rather, it does not prohibit one of the underlying objects from messing with the arguments), and for methods that returns a value, only the last return value will be returned. As for out/ref arguments, I haven't even tested how that works, but it probably doesn't. You have been warned.
#region Using
using System;
using System.Linq;
using System.Diagnostics;
using System.Reflection;
using System.Reflection.Emit;
using LVK.Collections;
#endregion
namespace LVK.IoC
{
/// <summary>
/// This class implements a service wrapper that can wrap multiple services into a single multicast
/// service, that will in turn dispatch all method calls down into all the underlying services.
/// </summary>
/// <remarks>
/// This code is heavily influenced and copied from Marc Gravell's implementation which he
/// posted on Stack Overflow here: http://stackoverflow.com/questions/847809
/// </remarks>
public static class MulticastService
{
/// <summary>
/// Wrap the specified services in a single multicast service object.
/// </summary>
/// <typeparam name="TService">
/// The type of service to implement a multicast service for.
/// </typeparam>
/// <param name="services">
/// The underlying service objects to multicast all method calls to.
/// </param>
/// <returns>
/// The multicast service instance.
/// </returns>
/// <exception cref="ArgumentNullException">
/// <para><paramref name="services"/> is <c>null</c>.</para>
/// <para>- or -</para>
/// <para><paramref name="services"/> contains a <c>null</c> reference.</para>
/// </exception>
/// <exception cref="ArgumentException">
/// <para><typeparamref name="TService"/> is not an interface type.</para>
/// </exception>
public static TService Wrap<TService>(params TService[] services)
where TService: class
{
return (TService)Wrap(typeof(TService), (Object[])services);
}
/// <summary>
/// Wrap the specified services in a single multicast service object.
/// </summary>
/// <param name="serviceInterfaceType">
/// The <see cref="Type"/> object for the service interface to implement a multicast service for.
/// </param>
/// <param name="services">
/// The underlying service objects to multicast all method calls to.
/// </param>
/// <returns>
/// The multicast service instance.
/// </returns>
/// <exception cref="ArgumentNullException">
/// <para><paramref name="serviceInterfaceType"/> is <c>null</c>.</para>
/// <para>- or -</para>
/// <para><paramref name="services"/> is <c>null</c>.</para>
/// <para>- or -</para>
/// <para><paramref name="services"/> contains a <c>null</c> reference.</para>
/// </exception>
/// <exception cref="ArgumentException">
/// <para><typeparamref name="TService"/> is not an interface type.</para>
/// </exception>
/// <exception cref="InvalidOperationException">
/// <para>One or more of the service objects in <paramref name="services"/> does not implement
/// the <paramref name="serviceInterfaceType"/> interface.</para>
/// </exception>
public static Object Wrap(Type serviceInterfaceType, params Object[] services)
{
#region Parameter Validation
if (Object.ReferenceEquals(null, serviceInterfaceType))
throw new ArgumentNullException("serviceInterfaceType");
if (!serviceInterfaceType.IsInterface)
throw new ArgumentException("serviceInterfaceType");
if (Object.ReferenceEquals(null, services) || services.Length == 0)
throw new ArgumentNullException("services");
foreach (var service in services)
{
if (Object.ReferenceEquals(null, service))
throw new ArgumentNullException("services");
if (!serviceInterfaceType.IsAssignableFrom(service.GetType()))
throw new InvalidOperationException("One of the specified services does not implement the specified service interface");
}
#endregion
if (services.Length == 1)
return services[0];
AssemblyName assemblyName = new AssemblyName(String.Format("tmp_{0}", serviceInterfaceType.FullName));
String moduleName = String.Format("{0}.dll", assemblyName.Name);
String ns = serviceInterfaceType.Namespace;
if (!String.IsNullOrEmpty(ns))
ns += ".";
var assembly = AppDomain.CurrentDomain.DefineDynamicAssembly(assemblyName,
AssemblyBuilderAccess.RunAndSave);
var module = assembly.DefineDynamicModule(moduleName, false);
var type = module.DefineType(String.Format("{0}Multicast_{1}", ns, serviceInterfaceType.Name),
TypeAttributes.Class |
TypeAttributes.AnsiClass |
TypeAttributes.Sealed |
TypeAttributes.NotPublic);
type.AddInterfaceImplementation(serviceInterfaceType);
var ar = Array.CreateInstance(serviceInterfaceType, services.Length);
for (Int32 index = 0; index < services.Length; index++)
ar.SetValue(services[index], index);
// Define _Service0..N-1 private service fields
FieldBuilder[] fields = new FieldBuilder[services.Length];
var cab = new CustomAttributeBuilder(
typeof(DebuggerBrowsableAttribute).GetConstructor(new Type[] { typeof(DebuggerBrowsableState) }),
new Object[] { DebuggerBrowsableState.Never });
for (Int32 index = 0; index < services.Length; index++)
{
fields[index] = type.DefineField(String.Format("_Service{0}", index),
serviceInterfaceType, FieldAttributes.Private);
// Ensure the field don't show up in the debugger tooltips
fields[index].SetCustomAttribute(cab);
}
// Define a simple constructor that takes all our services as arguments
var ctor = type.DefineConstructor(MethodAttributes.Public,
CallingConventions.HasThis,
Sequences.Repeat(serviceInterfaceType, services.Length).ToArray());
var generator = ctor.GetILGenerator();
// Store each service into its own fields
for (Int32 index = 0; index < services.Length; index++)
{
generator.Emit(OpCodes.Ldarg_0);
switch (index)
{
case 0:
generator.Emit(OpCodes.Ldarg_1);
break;
case 1:
generator.Emit(OpCodes.Ldarg_2);
break;
case 2:
generator.Emit(OpCodes.Ldarg_3);
break;
default:
generator.Emit(OpCodes.Ldarg, index + 1);
break;
}
generator.Emit(OpCodes.Stfld, fields[index]);
}
generator.Emit(OpCodes.Ret);
// Implement all the methods of the interface
foreach (var method in serviceInterfaceType.GetMethods())
{
var args = method.GetParameters();
var methodImpl = type.DefineMethod(method.Name,
MethodAttributes.Private | MethodAttributes.Virtual,
method.ReturnType, (from arg in args select arg.ParameterType).ToArray());
type.DefineMethodOverride(methodImpl, method);
// Generate code to simply call down into each service object
// Any return values are discarded, except the last one, which is returned
generator = methodImpl.GetILGenerator();
for (Int32 index = 0; index < services.Length; index++)
{
generator.Emit(OpCodes.Ldarg_0);
generator.Emit(OpCodes.Ldfld, fields[index]);
for (Int32 paramIndex = 0; paramIndex < args.Length; paramIndex++)
{
switch (paramIndex)
{
case 0:
generator.Emit(OpCodes.Ldarg_1);
break;
case 1:
generator.Emit(OpCodes.Ldarg_2);
break;
case 2:
generator.Emit(OpCodes.Ldarg_3);
break;
default:
generator.Emit((paramIndex < 255)
? OpCodes.Ldarg_S
: OpCodes.Ldarg,
paramIndex + 1);
break;
}
}
generator.Emit(OpCodes.Callvirt, method);
if (method.ReturnType != typeof(void) && index < services.Length - 1)
generator.Emit(OpCodes.Pop); // discard N-1 return values
}
generator.Emit(OpCodes.Ret);
}
return Activator.CreateInstance(type.CreateType(), services);
}
}
}
(I'm justifying an answer here by adding extra context/info)
Yes, at the moment Reflection.Emit is the only way to solve this.
In .NET 4.0, the Expression class has been extended to support both loops and statement blocks, so for single method usage, a compiled Expression would be a good idea. But even this won't support multi-method interfaces (just single-method delegates).
Fortunately, I've done this previously; see How can I write a generic container class that implements a given interface in C#?
Did you really need to create the assembly at runtime?
Probably you don't need it.
c# give you Action<T>, the is operator and lambda/delegates...