From b6fcbeaa7f8f7729d625ba808f4bce7432b05072 Mon Sep 17 00:00:00 2001 From: Billy O'Neal Date: Tue, 27 Aug 2024 12:34:26 -0700 Subject: [PATCH] Avoid ConvertTo-SecureString -AsPlainText -Force (#40658) --- .../azure-pipelines/windows/create-image.ps1 | 25 ++++--------------- 1 file changed, 5 insertions(+), 20 deletions(-) diff --git a/scripts/azure-pipelines/windows/create-image.ps1 b/scripts/azure-pipelines/windows/create-image.ps1 index 18474c7831..4585d1829e 100644 --- a/scripts/azure-pipelines/windows/create-image.ps1 +++ b/scripts/azure-pipelines/windows/create-image.ps1 @@ -44,30 +44,14 @@ The length of the returned password. #> function New-Password { Param ([int] $Length = 32) - - # This 64-character alphabet generates 6 bits of entropy per character. - # The power-of-2 alphabet size allows us to select a character by masking a random Byte with bitwise-AND. $alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-" - $mask = 63 if ($alphabet.Length -ne 64) { throw 'Bad alphabet length' } - [Byte[]]$randomData = [Byte[]]::new($Length) - $rng = $null - try { - $rng = [System.Security.Cryptography.RandomNumberGenerator]::Create() - $rng.GetBytes($randomData) - } - finally { - if ($null -ne $rng) { - $rng.Dispose() - } - } - - $result = '' + $result = New-Object SecureString for ($idx = 0; $idx -lt $Length; $idx++) { - $result += $alphabet[$randomData[$idx] -band $mask] + $result.AppendChar($alphabet[[System.Security.Cryptography.RandomNumberGenerator]::GetInt32($alphabet.Length)]) } return $result @@ -109,8 +93,7 @@ function Wait-Shutdown { $AdminPW = New-Password -$AdminPWSecure = ConvertTo-SecureString $AdminPW -AsPlainText -Force -$Credential = New-Object System.Management.Automation.PSCredential ("AdminUser", $AdminPWSecure) +$Credential = New-Object System.Management.Automation.PSCredential ("AdminUser", $AdminPW) $VirtualNetwork = Get-AzVirtualNetwork -ResourceGroupName 'vcpkg-image-minting' -Name 'vcpkg-image-mintingNetwork' @@ -299,3 +282,5 @@ Remove-AzNetworkInterface -ResourceGroupName 'vcpkg-image-minting' -Name $NicNam Write-Progress -Activity $ProgressActivity -Completed Write-Host "Generated Image: $GalleryImageVersion" Write-Host 'Finished!' + +$AdminPW.Dispose()