Bug 1557: Use SecureString to provide private key passphrase in .NET assembly

https://winscp.net/tracker/1557

Source commit: 46c307a18e6e81e266fa2e891a8fcde3bc6ccd38

dotnet/Session.cs

@@ -1594,7 +1594,7 @@ namespace WinSCP
 
                 List<string> logSwitches = new List<string>(switches);
 
-                if (!string.IsNullOrEmpty(sessionOptions.PrivateKeyPassphrase) && !scanFingerprint)
+                if ((sessionOptions.SecurePrivateKeyPassphrase != null) && !scanFingerprint)
                 {
                     if (string.IsNullOrEmpty(sessionOptions.SshPrivateKeyPath) && string.IsNullOrEmpty(sessionOptions.TlsClientCertificatePath))
                     {

dotnet/SessionOptions.cs

@@ -55,7 +55,8 @@ namespace WinSCP
         public SecureString SecureNewPassword { get { return _secureNewPassword; } set { _secureNewPassword = value; } }
         public TimeSpan Timeout { get { return _timeout; } set { SetTimeout(value); } }
         public int TimeoutInMilliseconds { get { return Tools.TimeSpanToMilliseconds(Timeout); } set { Timeout = Tools.MillisecondsToTimeSpan(value); } }
-        public string PrivateKeyPassphrase { get; set; }
+        public string PrivateKeyPassphrase { get { return GetPassword(_securePrivateKeyPassphrase); } set { SetPassword(ref _securePrivateKeyPassphrase, value); } }
+        public SecureString SecurePrivateKeyPassphrase { get { return _securePrivateKeyPassphrase; } set { _securePrivateKeyPassphrase = value; } }
 
         // SSH
         public string SshHostKeyFingerprint { get { return _sshHostKeyFingerprint; } set { SetSshHostKeyFingerprint(value); } }
@@ -407,6 +408,7 @@ namespace WinSCP
 
         private SecureString _securePassword;
         private SecureString _secureNewPassword;
+        private SecureString _securePrivateKeyPassphrase;
         private string _sshHostKeyFingerprint;
         private string _tlsHostCertificateFingerprint;
         private TimeSpan _timeout;