From 20ff39493d59a0298d140578d7ec43834bd86120 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Damian=20B=C3=BCchel?= Date: Wed, 20 Jul 2022 20:38:13 +0200 Subject: [PATCH] SEBWIN-510: Made lazy initialization of BEK thread-safe. --- .../Cryptography/KeyGenerator.cs | 56 +++++++++++-------- 1 file changed, 33 insertions(+), 23 deletions(-) diff --git a/SafeExamBrowser.Configuration/Cryptography/KeyGenerator.cs b/SafeExamBrowser.Configuration/Cryptography/KeyGenerator.cs index 3a91f787..34b4053c 100644 --- a/SafeExamBrowser.Configuration/Cryptography/KeyGenerator.cs +++ b/SafeExamBrowser.Configuration/Cryptography/KeyGenerator.cs @@ -19,6 +19,8 @@ namespace SafeExamBrowser.Configuration.Cryptography { public class KeyGenerator : IKeyGenerator { + private readonly object @lock = new object(); + private readonly SHA256Managed algorithm; private readonly AppConfig appConfig; private readonly IIntegrityModule integrityModule; @@ -59,32 +61,40 @@ namespace SafeExamBrowser.Configuration.Cryptography var configurationKey = settings.Browser.ConfigurationKey; var salt = settings.Browser.BrowserExamKeySalt; - if (configurationKey == default) + lock (@lock) { - configurationKey = ""; - logger.Warn("The current configuration does not contain a value for the configuration key!"); - } - - if (salt == default || salt.Length == 0) - { - salt = new byte[0]; - logger.Warn("The current configuration does not contain a salt value for the browser exam key!"); - } - - if (integrityModule.TryCalculateBrowserExamKey(configurationKey, ToString(salt), out browserExamKey)) - { - logger.Debug("Successfully calculated BEK using integrity module."); - } - else - { - logger.Warn("Failed to calculate BEK using integrity module! Falling back to simplified calculation..."); - - using (var algorithm = new HMACSHA256(salt)) + if (browserExamKey == default) { - var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(appConfig.CodeSignatureHash + appConfig.ProgramBuildVersion + configurationKey)); - var key = ToString(hash); + logger.Debug("Initializing browser exam key..."); - browserExamKey = key; + if (configurationKey == default) + { + configurationKey = ""; + logger.Warn("The current configuration does not contain a value for the configuration key!"); + } + + if (salt == default || salt.Length == 0) + { + salt = new byte[0]; + logger.Warn("The current configuration does not contain a salt value for the browser exam key!"); + } + + if (integrityModule.TryCalculateBrowserExamKey(configurationKey, ToString(salt), out browserExamKey)) + { + logger.Debug("Successfully calculated BEK using integrity module."); + } + else + { + logger.Warn("Failed to calculate BEK using integrity module! Falling back to simplified calculation..."); + + using (var algorithm = new HMACSHA256(salt)) + { + var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(appConfig.CodeSignatureHash + appConfig.ProgramBuildVersion + configurationKey)); + var key = ToString(hash); + + browserExamKey = key; + } + } } }