Add storing credentials to connect quickly

Author: jet2jet

Common/SUString.cpp

@@ -88,6 +88,7 @@ static void __stdcall EmptyBufferX(PVOID pBufferX, size_t nSize, BYTE nSeed)
 	n = nSize;
 	while (n--)
 		*(--pbx) = (char) (BYTE)((DWORD) (rand() * n / RAND_MAX) - nSeed + n);
+	SecureZeroMemory(pBufferX, nSize);
 }
 
 _SecureStringW::_SecureStringW(void)

EasySFTP/EasySFTP.rc

@@ -5,19 +5,41 @@
 
 COptionDialog::COptionDialog()
 	: CMyDialog(IDD_OPTION)
+	, m_pRoot(nullptr)
 {
 }
 
+COptionDialog::~COptionDialog()
+{
+	if (m_pRoot)
+		m_pRoot->Release();
+}
+
 LRESULT COptionDialog::WindowProc(UINT message, WPARAM wParam, LPARAM lParam)
 {
 	HANDLE_COMMAND(IDOK, OnOK);
+	HANDLE_COMMAND(IDC_CLEAR_ALL_CREDENTIALS, OnClearAllCredentials);
 	HANDLE_COMMAND(IDC_REGISTER, OnRegister);
 	HANDLE_COMMAND(IDC_REGISTER_SYSTEM, OnRegister);
 	return CMyDialog::WindowProc(message, wParam, lParam);
 }
 
 bool COptionDialog::OnInitDialog(HWND hWndFocus)
 {
+	if (!m_pRoot)
+	{
+		if (FAILED(theApp.m_pEasySFTPRoot->QueryInterface(IID_IEasySFTPRoot2, reinterpret_cast<void**>(&m_pRoot))))
+			m_pRoot = nullptr;
+	}
+	bool bAnyCredentials = false;
+	if (m_pRoot)
+	{
+		VARIANT_BOOL b = VARIANT_FALSE;
+		m_pRoot->HasCredentials(&b);
+		bAnyCredentials = b != VARIANT_FALSE;
+	}
+	EnableDlgItem(m_hWnd, IDC_CLEAR_ALL_CREDENTIALS, bAnyCredentials);
+
 	CMyStringW strRegister;
 	if (!theApp.m_bEmulatingRegistry)
 	{
@@ -31,6 +53,24 @@ bool COptionDialog::OnInitDialog(HWND hWndFocus)
 	return false;
 }
 
+LRESULT COptionDialog::OnClearAllCredentials(WPARAM wParam, LPARAM lParam)
+{
+	if (!m_pRoot)
+		return 0;
+
+	if (::MyMessageBoxW(m_hWnd, MAKEINTRESOURCEW(IDS_CLEAR_CREDENTIALS_CONFIRM), NULL,
+		MB_ICONEXCLAMATION | MB_YESNO) != IDYES)
+		return 0;
+	m_pRoot->ClearAllCredentials();
+	::MyMessageBoxW(m_hWnd, MAKEINTRESOURCEW(IDS_CLEAR_CREDENTIALS_COMPLETE), NULL, MB_ICONINFORMATION);
+
+	VARIANT_BOOL b = VARIANT_FALSE;
+	m_pRoot->HasCredentials(&b);
+	EnableDlgItem(m_hWnd, IDC_CLEAR_ALL_CREDENTIALS, b);
+
+	return 0;
+}
+
 LRESULT COptionDialog::OnRegister(WPARAM wParam, LPARAM lParam)
 {
 	if (::MyMessageBoxW(m_hWnd, MAKEINTRESOURCEW(IDS_RESTART_APP), NULL,

EasySFTP/Option.cpp

@@ -5,10 +5,15 @@ class COptionDialog : public CMyDialog
 {
 public:
 	COptionDialog();
+	virtual ~COptionDialog();
 
 protected:
 	virtual LRESULT WindowProc(UINT message, WPARAM wParam, LPARAM lParam);
 	virtual bool OnInitDialog(HWND hWndFocus);
+	LRESULT OnClearAllCredentials(WPARAM wParam, LPARAM lParam);
 	LRESULT OnRegister(WPARAM wParam, LPARAM lParam);
 	LRESULT OnOK(WPARAM wParam, LPARAM lParam);
+
+private:
+	IEasySFTPRoot2* m_pRoot;
 };

EasySFTP/Option.h

@@ -31,6 +31,8 @@
 #define IDS_LEFT_TO_RIGHT               127
 #define IDR_MAINFRAME                   128
 #define IDS_RIGHT_TO_LEFT               128
+#define IDS_CLEAR_CREDENTIALS_CONFIRM   129
+#define IDS_CLEAR_CREDENTIALS_COMPLETE  130
 #define IDB_TOOLBAR                     134
 #define IDD_OPTION                      134
 #define IDR_POPUP                       135
@@ -78,6 +80,7 @@
 #define IDC_LEFT_PATH                   1060
 #define IDC_RIGHT_PATH                  1061
 #define IDC_DIRECTION_LABEL             1062
+#define IDC_CLEAR_ALL_CREDENTIALS       1063
 #define IDS_UNKNOWN_HOST                10001
 #define IDS_FAILED_TO_CONNECT           10002
 #define IDS_DIRCHANGE_FAILED            11001
@@ -151,7 +154,7 @@
 #define _APS_NO_MFC                     1
 #define _APS_NEXT_RESOURCE_VALUE        147
 #define _APS_NEXT_COMMAND_VALUE         32874
-#define _APS_NEXT_CONTROL_VALUE         1063
+#define _APS_NEXT_CONTROL_VALUE         1064
 #define _APS_NEXT_SYMED_VALUE           117
 #endif
 #endif

EasySFTP/resource.h

@@ -27,14 +27,21 @@ CAuthSession::~CAuthSession()
 }
 
 CAuthentication::CAuthentication()
-	: CDispatchImplT(theApp.GetTypeInfo(IID_IEasySFTPAuthentication))
+	: CDispatchImplT(theApp.GetTypeInfo(IID_IEasySFTPAuthentication2))
 	, m_Mode(EasySFTPAuthenticationMode::None)
-	, m_pSession(NULL)
+	, m_pPrivateKeyData(nullptr)
+	, m_nPrivateKeyData(0)
+	, m_pSession(nullptr)
 {
 }
 
 CAuthentication::~CAuthentication()
 {
+	if (m_pPrivateKeyData != nullptr)
+	{
+		_SecureStringW::SecureEmptyBuffer(m_pPrivateKeyData, m_nPrivateKeyData);
+		free(m_pPrivateKeyData);
+	}
 	if (m_pSession != NULL)
 	{
 		auto* p = static_cast<CAuthSession*>(m_pSession);
@@ -49,11 +56,12 @@ STDMETHODIMP CAuthentication::QueryInterface(REFIID riid, void** ppv)
 		return E_POINTER;
 	*ppv = NULL;
 	if (!IsEqualIID(riid, IID_IUnknown) && !IsEqualIID(riid, IID_IDispatch) &&
-		!IsEqualIID(riid, IID_IEasySFTPAuthentication))
+		!IsEqualIID(riid, IID_IEasySFTPAuthentication) &&
+		!IsEqualIID(riid, IID_IEasySFTPAuthentication2))
 	{
 		return E_NOINTERFACE;
 	}
-	*ppv = static_cast<IEasySFTPAuthentication*>(this);
+	*ppv = static_cast<IEasySFTPAuthentication2*>(this);
 	AddRef();
 	return S_OK;
 }
@@ -92,17 +100,17 @@ STDMETHODIMP CAuthentication::put_Password(BSTR p)
 	return S_OK;
 }
 
-STDMETHODIMP CAuthentication::get_PublicKeyFileName(BSTR* p)
+STDMETHODIMP CAuthentication::get_PrivateKeyFileName(BSTR* p)
 {
 	if (!p)
 		return E_POINTER;
-	*p = MyStringToBSTR(m_strPublicKeyFileName);
+	*p = MyStringToBSTR(m_strPrivateKeyFileName);
 	return *p ? S_OK : E_OUTOFMEMORY;
 }
 
-STDMETHODIMP CAuthentication::put_PublicKeyFileName(BSTR p)
+STDMETHODIMP CAuthentication::put_PrivateKeyFileName(BSTR p)
 {
-	MyBSTRToString(p, m_strPublicKeyFileName);
+	MyBSTRToString(p, m_strPrivateKeyFileName);
 	return S_OK;
 }
 
@@ -136,7 +144,39 @@ STDMETHODIMP CAuthentication::put_AuthSession(LONG_PTR session)
 	return S_OK;
 }
 
-AuthReturnType CAuthentication::SSHAuthenticate(IEasySFTPAuthentication* pAuth, LIBSSH2_SESSION* pSession, LPCSTR lpszService, char** ppAuthList)
+STDMETHODIMP CAuthentication::SetPrivateKeyBinary(const void* buffer, long length)
+{
+	if (length < 0)
+		return E_INVALIDARG;
+	if (length != 0 && !buffer)
+		return E_POINTER;
+	if (m_pPrivateKeyData != nullptr)
+	{
+		_SecureStringW::SecureEmptyBuffer(m_pPrivateKeyData, m_nPrivateKeyData);
+		free(m_pPrivateKeyData);
+		m_pPrivateKeyData = nullptr;
+	}
+	m_nPrivateKeyData = length;
+	if (length > 0)
+	{
+		m_pPrivateKeyData = malloc(static_cast<size_t>(length));
+		if (!m_pPrivateKeyData)
+			return E_OUTOFMEMORY;
+		memcpy(m_pPrivateKeyData, buffer, static_cast<size_t>(length));
+	}
+	return S_OK;
+}
+
+STDMETHODIMP CAuthentication::GetPrivateKeyBinary(const void** buffer, long* pLength)
+{
+	if (!buffer || !pLength)
+		return E_POINTER;
+	*buffer = m_pPrivateKeyData;
+	*pLength = m_nPrivateKeyData;
+	return m_nPrivateKeyData > 0 ? S_OK : S_FALSE;
+}
+
+AuthReturnType CAuthentication::SSHAuthenticate(IEasySFTPAuthentication2* pAuth, LIBSSH2_SESSION* pSession, LPCSTR lpszService, char** ppAuthList)
 {
 	EasySFTPAuthenticationMode mode;
 	if (FAILED(pAuth->get_Type(&mode)))
@@ -213,34 +253,66 @@ AuthReturnType CAuthentication::SSHAuthenticate(IEasySFTPAuthentication* pAuth,
 			return AuthReturnType::Success;
 		}
 		break;
-		case EasySFTPAuthenticationMode::PublicKey:
+		case EasySFTPAuthenticationMode::PrivateKey:
 		{
-			if (FAILED(pAuth->get_PublicKeyFileName(&bstr)))
-				return AuthReturnType::Error;
-			CMyStringW strPublicKeyFileName;
-			MyBSTRToString(bstr, strPublicKeyFileName);
-			::SysFreeString(bstr);
-			auto* lpszPKeyFileName = reinterpret_cast<LPCSTR>(strPublicKeyFileName.AllocUTF8String());
-			if (FAILED(pAuth->get_Password(&bstr)))
-				return AuthReturnType::Error;
-			CMyStringW str;
-			MyBSTRToString(bstr, str);
-			_SecureStringW::SecureEmptyBStr(bstr);
-			::SysFreeString(bstr);
-			size_t nPasswordLen = 0;
-			auto* lpszPassword = reinterpret_cast<LPSTR>(str.AllocUTF8StringC(&nPasswordLen));
-			_SecureStringW::SecureEmptyString(str);
-			if (!lpszPassword)
+			const void* pKeyBuffer = nullptr;
+			long nKeyLength = 0;
+			auto hr = pAuth->GetPrivateKeyBinary(&pKeyBuffer, &nKeyLength);
+			if (FAILED(hr))
 				return AuthReturnType::Error;
+			if (hr == S_OK && nKeyLength > 0 && pKeyBuffer != nullptr)
+			{
+				if (FAILED(pAuth->get_Password(&bstr)))
+					return AuthReturnType::Error;
+				CMyStringW str;
+				MyBSTRToString(bstr, str);
+				_SecureStringW::SecureEmptyBStr(bstr);
+				::SysFreeString(bstr);
+				size_t nPasswordLen = 0;
+				auto* lpszPassword = reinterpret_cast<LPSTR>(str.AllocUTF8StringC(&nPasswordLen));
+				_SecureStringW::SecureEmptyString(str);
+				if (!lpszPassword)
+					return AuthReturnType::Error;
+
+				auto ret = libssh2_userauth_publickey_frommemory(pSession, pUser, static_cast<UINT>(nUserLen), NULL, 0,
+					static_cast<const char*>(pKeyBuffer), static_cast<size_t>(nKeyLength), lpszPassword);
+				_SecureStringW::SecureEmptyBuffer(lpszPassword, sizeof(char) * nPasswordLen);
+				free(lpszPassword);
+				if (ret == LIBSSH2_ERROR_EAGAIN)
+					return AuthReturnType::Again;
 
-			auto ret = libssh2_userauth_publickey_fromfile_ex(pSession, pUser, static_cast<UINT>(nUserLen), NULL, lpszPKeyFileName, lpszPassword);
-			_SecureStringW::SecureEmptyBuffer(lpszPassword, sizeof(char) * nPasswordLen);
-			free(lpszPassword);
-			if (ret == LIBSSH2_ERROR_EAGAIN)
-				return AuthReturnType::Again;
+				if (ret != 0)
+					return AuthReturnType::Error;
+			}
+			else
+			{
+				if (FAILED(pAuth->get_PrivateKeyFileName(&bstr)))
+					return AuthReturnType::Error;
+				CMyStringW strPrivateKeyFileName;
+				MyBSTRToString(bstr, strPrivateKeyFileName);
+				::SysFreeString(bstr);
+				auto* lpszPKeyFileName = reinterpret_cast<LPCSTR>(strPrivateKeyFileName.AllocUTF8String());
+				if (FAILED(pAuth->get_Password(&bstr)))
+					return AuthReturnType::Error;
+				CMyStringW str;
+				MyBSTRToString(bstr, str);
+				_SecureStringW::SecureEmptyBStr(bstr);
+				::SysFreeString(bstr);
+				size_t nPasswordLen = 0;
+				auto* lpszPassword = reinterpret_cast<LPSTR>(str.AllocUTF8StringC(&nPasswordLen));
+				_SecureStringW::SecureEmptyString(str);
+				if (!lpszPassword)
+					return AuthReturnType::Error;
+
+				auto ret = libssh2_userauth_publickey_fromfile_ex(pSession, pUser, static_cast<UINT>(nUserLen), NULL, lpszPKeyFileName, lpszPassword);
+				_SecureStringW::SecureEmptyBuffer(lpszPassword, sizeof(char) * nPasswordLen);
+				free(lpszPassword);
+				if (ret == LIBSSH2_ERROR_EAGAIN)
+					return AuthReturnType::Again;
 
-			if (ret != 0)
-				return AuthReturnType::Error;
+				if (ret != 0)
+					return AuthReturnType::Error;
+			}
 			return AuthReturnType::Success;
 		}
 		break;

ShellDLL/Auth.cpp

@@ -41,7 +41,7 @@ struct CAuthSession
 	~CAuthSession();
 };
 
-class CAuthentication : public CDispatchImplT<IEasySFTPAuthentication>
+class CAuthentication : public CDispatchImplT<IEasySFTPAuthentication2>
 {
 public:
 	CAuthentication();
@@ -55,14 +55,17 @@ class CAuthentication : public CDispatchImplT<IEasySFTPAuthentication>
 	STDMETHOD(put_UserName)(BSTR Name) override;
 	STDMETHOD(get_Password)(BSTR* pRet) override;
 	STDMETHOD(put_Password)(BSTR Password) override;
-	STDMETHOD(get_PublicKeyFileName)(BSTR* pRet) override;
-	STDMETHOD(put_PublicKeyFileName)(BSTR FileName) override;
+	STDMETHOD(get_PrivateKeyFileName)(BSTR* pRet) override;
+	STDMETHOD(put_PrivateKeyFileName)(BSTR FileName) override;
 	STDMETHOD(get_Type)(EasySFTPAuthenticationMode* pMode) override;
 	STDMETHOD(put_Type)(EasySFTPAuthenticationMode mode) override;
 	STDMETHOD(get_AuthSession)(LONG_PTR* pOut) override;
 	STDMETHOD(put_AuthSession)(LONG_PTR session) override;
 
-	static AuthReturnType SSHAuthenticate(IEasySFTPAuthentication* pAuth, LIBSSH2_SESSION* pSession, LPCSTR lpszService, char** ppAuthList = NULL);
+	STDMETHOD(SetPrivateKeyBinary)(const void* buffer, long length) override;
+	STDMETHOD(GetPrivateKeyBinary)(const void** buffer, long* pLength) override;
+
+	static AuthReturnType SSHAuthenticate(IEasySFTPAuthentication2* pAuth, LIBSSH2_SESSION* pSession, LPCSTR lpszService, char** ppAuthList = NULL);
 	static bool CanRetry(IEasySFTPAuthentication* pAuth);
 
 private:
@@ -72,6 +75,8 @@ class CAuthentication : public CDispatchImplT<IEasySFTPAuthentication>
 	EasySFTPAuthenticationMode m_Mode;
 	CMyStringW m_strUserName;
 	_SecureStringW m_strPassword;
-	CMyStringW m_strPublicKeyFileName;
+	CMyStringW m_strPrivateKeyFileName;
+	void* m_pPrivateKeyData;
+	long m_nPrivateKeyData;
 	void* m_pSession;
 };