zervo/seb-win-refactoring
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SEBWIN-510: Made lazy initialization of BEK thread-safe.

Browse source
This commit is contained in:
Damian Büchel 2022-07-20 20:38:13 +02:00
parent d82d62f35f
commit 20ff39493d
1 changed files with 33 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
SafeExamBrowser.Configuration/Cryptography/KeyGenerator.cs
View file

@ -19,6 +19,8 @@ namespace SafeExamBrowser.Configuration.Cryptography
{ {
public class KeyGenerator : IKeyGenerator public class KeyGenerator : IKeyGenerator
{ {
private readonly object @lock = new object();
private readonly SHA256Managed algorithm; private readonly SHA256Managed algorithm;
private readonly AppConfig appConfig; private readonly AppConfig appConfig;
private readonly IIntegrityModule integrityModule; private readonly IIntegrityModule integrityModule;
@ -59,32 +61,40 @@ namespace SafeExamBrowser.Configuration.Cryptography
var configurationKey = settings.Browser.ConfigurationKey; var configurationKey = settings.Browser.ConfigurationKey;
var salt = settings.Browser.BrowserExamKeySalt; var salt = settings.Browser.BrowserExamKeySalt;
if (configurationKey == default) lock (@lock)
{ {
configurationKey = ""; if (browserExamKey == default)
logger.Warn("The current configuration does not contain a value for the configuration key!");
}
if (salt == default || salt.Length == 0)
{
salt = new byte[0];
logger.Warn("The current configuration does not contain a salt value for the browser exam key!");
}
if (integrityModule.TryCalculateBrowserExamKey(configurationKey, ToString(salt), out browserExamKey))
{
logger.Debug("Successfully calculated BEK using integrity module.");
}
else
{
logger.Warn("Failed to calculate BEK using integrity module! Falling back to simplified calculation...");
using (var algorithm = new HMACSHA256(salt))
{ {
var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(appConfig.CodeSignatureHash + appConfig.ProgramBuildVersion + configurationKey)); logger.Debug("Initializing browser exam key...");
var key = ToString(hash);
browserExamKey = key; if (configurationKey == default)
{
configurationKey = "";
logger.Warn("The current configuration does not contain a value for the configuration key!");
}
if (salt == default || salt.Length == 0)
{
salt = new byte[0];
logger.Warn("The current configuration does not contain a salt value for the browser exam key!");
}
if (integrityModule.TryCalculateBrowserExamKey(configurationKey, ToString(salt), out browserExamKey))
{
logger.Debug("Successfully calculated BEK using integrity module.");
}
else
{
logger.Warn("Failed to calculate BEK using integrity module! Falling back to simplified calculation...");
using (var algorithm = new HMACSHA256(salt))
{
var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(appConfig.CodeSignatureHash + appConfig.ProgramBuildVersion + configurationKey));
var key = ToString(hash);
browserExamKey = key;
}
}
} }
} }