enh(Net): clear out stored credentials

Net/include/Poco/Net/NameValueCollection.h

@@ -109,9 +109,18 @@ public:
 	void erase(const std::string& name);
 		/// Removes all name-value pairs with the given name.
 
+	void secureErase(const std::string& name);
+		/// Securely erases all name-value pairs with the given name
+		/// by first overwriting the value with zeroes before
+		/// removing it.
+
 	void clear();
 		/// Removes all name-value pairs and their values.
 
+	void secureClear();
+		/// Removes all name-value pairs and their values. 
+		/// Additionally, all values are also overwritten with zeroes.
+
 private:
 	HeaderMap _map;
 };

Net/src/HTTPBasicCredentials.cpp

@@ -66,13 +66,14 @@ HTTPBasicCredentials::HTTPBasicCredentials(const std::string& authInfo)
 
 HTTPBasicCredentials::~HTTPBasicCredentials()
 {
+	clear();
 }
 
 
 void HTTPBasicCredentials::clear()
 {
-	_username.clear();
+	Poco::secureClear(_username);
-	_password.clear();
+	Poco::secureClear(_password);
 }
 
 

Net/src/HTTPDigestCredentials.cpp

@@ -25,8 +25,8 @@
 #include "Poco/Net/HTTPResponse.h"
 #include "Poco/NumberFormatter.h"
 #include "Poco/StringTokenizer.h"
+#include "Poco/String.h"
 
-#include <iostream>
 
 namespace
 {
@@ -108,13 +108,17 @@ const std::string HTTPDigestCredentials::NC_PARAM("nc");
 int HTTPDigestCredentials::_nonceCounter(0);
 Poco::FastMutex HTTPDigestCredentials::_nonceMutex;
 
-class HTTPDigestCredentials::DigestEngineProvider {
+
+class HTTPDigestCredentials::DigestEngineProvider 
+{
 public:
-	DigestEngineProvider(std::string algorithm): _algorithm(algorithm) {
+	DigestEngineProvider(std::string algorithm): _algorithm(algorithm) 
+	{
 		_isSessionAlgorithm = _algorithm.find("sess") != std::string::npos;
 	}
 
-	DigestEngine& engine() {
+	DigestEngine& engine() 
+	{
 		if (icompare(_algorithm, SHA_ALGORITHM) == 0 || icompare(_algorithm, SHA_SESS_ALGORITHM) == 0)
 		{
 			return _sha1Engine;
@@ -122,21 +126,26 @@ public:
 		if (icompare(_algorithm, SHA_256_ALGORITHM) == 0 || icompare(_algorithm, SHA_256_SESS_ALGORITHM) == 0)
 		{
 			return _sha256Engine;
-		} else if (icompare(_algorithm, SHA_512_256_ALGORITHM) == 0 || icompare(_algorithm, SHA_512_256_SESS_ALGORITHM) == 0)
+		} 
+		else if (icompare(_algorithm, SHA_512_256_ALGORITHM) == 0 || icompare(_algorithm, SHA_512_256_SESS_ALGORITHM) == 0)
 		{
 			return _sha512_256Engine;
-		} else if (icompare(_algorithm, SHA_512_ALGORITHM) == 0 || icompare(_algorithm, SHA_512_SESS_ALGORITHM) == 0)
+		} 
+		else if (icompare(_algorithm, SHA_512_ALGORITHM) == 0 || icompare(_algorithm, SHA_512_SESS_ALGORITHM) == 0)
 		{
 			return _sha512;
 		}
-		else {
+		else 
+		{
 			return _md5Engine;
 		}
 	}
 
-	bool isSessionAlgorithm() {
+	bool isSessionAlgorithm() 
+	{
 		return _isSessionAlgorithm;
 	}
+
 private:
 	std::string _algorithm;
 	SHA1Engine _sha1Engine;
@@ -147,6 +156,7 @@ private:
 	bool _isSessionAlgorithm;
 };
 
+
 HTTPDigestCredentials::HTTPDigestCredentials()
 {
 }
@@ -161,6 +171,7 @@ HTTPDigestCredentials::HTTPDigestCredentials(const std::string& username, const
 
 HTTPDigestCredentials::~HTTPDigestCredentials()
 {
+	clear();
 }
 
 
@@ -185,8 +196,8 @@ void HTTPDigestCredentials::setPassword(const std::string& password)
 
 void HTTPDigestCredentials::clear()
 {
-	_username.clear();
+	Poco::secureClear(_username);
-	_password.clear();
+	Poco::secureClear(_password);
 }
 
 
@@ -404,6 +415,7 @@ int HTTPDigestCredentials::updateNonceCounter(const std::string& nonce)
 	return iter->second;
 }
 
+
 bool HTTPDigestCredentials::isAlgorithmSupported(const std::string& algorithm) const
 {
 	bool isAlgorithmSupported = std::find_if(std::begin(SUPPORTED_ALGORITHMS),
@@ -416,4 +428,5 @@ bool HTTPDigestCredentials::isAlgorithmSupported(const std::string& algorithm) c
 	return isAlgorithmSupported;
 }
 
+
 } } // namespace Poco::Net

Net/src/HTTPNTLMCredentials.cpp

@@ -21,6 +21,7 @@
 #include "Poco/DateTime.h"
 #include "Poco/NumberFormatter.h"
 #include "Poco/Exception.h"
+#include "Poco/String.h"
 
 
 namespace Poco {
@@ -44,6 +45,7 @@ HTTPNTLMCredentials::HTTPNTLMCredentials(const std::string& username, const std:
 
 HTTPNTLMCredentials::~HTTPNTLMCredentials()
 {
+	clear();
 }
 
 
@@ -54,8 +56,8 @@ void HTTPNTLMCredentials::reset()
 
 void HTTPNTLMCredentials::clear()
 {
-	_username.clear();
+	Poco::secureClear(_username);
-	_password.clear();
+	Poco::secureClear(_password);
 	_host.clear();
 }
 

Net/src/HTTPRequest.cpp

@@ -84,6 +84,8 @@ HTTPRequest::HTTPRequest(const HTTPRequest& other):
 
 HTTPRequest::~HTTPRequest()
 {
+	secureErase(AUTHORIZATION);
+	secureErase(PROXY_AUTHORIZATION);
 }
 
 
@@ -194,7 +196,7 @@ void HTTPRequest::setCredentials(const std::string& scheme, const std::string& a
 
 void HTTPRequest::removeCredentials()
 {
-	erase(AUTHORIZATION);
+	secureErase(AUTHORIZATION);
 }
 
 
@@ -218,7 +220,7 @@ void HTTPRequest::setProxyCredentials(const std::string& scheme, const std::stri
 
 void HTTPRequest::removeProxyCredentials()
 {
-	erase(PROXY_AUTHORIZATION);
+	secureErase(PROXY_AUTHORIZATION);
 }
 
 

Net/src/NameValueCollection.cpp

@@ -157,10 +157,34 @@ void NameValueCollection::erase(const std::string& name)
 }
 
 
+void NameValueCollection::secureErase(const std::string& name)
+{
+	Iterator it = _map.find(name);
+	while (it != _map.end())
+	{
+		Poco::secureClear(it->second);
+		_map.erase(it);
+		it = _map.find(name);
+	}
+}
+
+
 void NameValueCollection::clear()
 {
 	_map.clear();
 }
 
 
+void NameValueCollection::secureClear()
+{
+	Iterator it = _map.begin();
+	while (it != _map.end())
+	{
+		Poco::secureClear(it->second);
+		++it;
+	}
+	_map.clear();
+}
+
+
 } } // namespace Poco::Net