diff --git a/SafeExamBrowser.Browser/Handlers/ResourceHandler.cs b/SafeExamBrowser.Browser/Handlers/ResourceHandler.cs
index 8d457bac..d2a5ae6b 100644
--- a/SafeExamBrowser.Browser/Handlers/ResourceHandler.cs
+++ b/SafeExamBrowser.Browser/Handlers/ResourceHandler.cs
@@ -130,12 +130,15 @@ namespace SafeExamBrowser.Browser.Handlers
private string ComputeBrowserExamKey()
{
- var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(settings.ExamKeySalt + appConfig.CodeSignatureHash + appConfig.ProgramBuildVersion + settings.ConfigurationKey));
- var key = BitConverter.ToString(hash).ToLower().Replace("-", string.Empty);
+ using (var algorithm = new HMACSHA256(settings.ExamKeySalt))
+ {
+ var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(appConfig.CodeSignatureHash + appConfig.ProgramBuildVersion + settings.ConfigurationKey));
+ var key = BitConverter.ToString(hash).ToLower().Replace("-", string.Empty);
- browserExamKey = key;
+ browserExamKey = key;
- return browserExamKey;
+ return browserExamKey;
+ }
}
private bool IsMailtoUrl(string url)
diff --git a/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/BrowserDataMapper.cs b/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/BrowserDataMapper.cs
index 0681b1e6..7208a1d0 100644
--- a/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/BrowserDataMapper.cs
+++ b/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/BrowserDataMapper.cs
@@ -6,7 +6,6 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
-using System;
using System.Collections.Generic;
using SafeExamBrowser.Settings;
using SafeExamBrowser.Settings.Browser;
@@ -281,7 +280,7 @@ namespace SafeExamBrowser.Configuration.ConfigurationData.DataMapping
{
if (value is byte[] salt)
{
- settings.Browser.ExamKeySalt = BitConverter.ToString(salt).ToLower().Replace("-", string.Empty);
+ settings.Browser.ExamKeySalt = salt;
}
}
diff --git a/SafeExamBrowser.Settings/Browser/BrowserSettings.cs b/SafeExamBrowser.Settings/Browser/BrowserSettings.cs
index c79b2e09..9b247e87 100644
--- a/SafeExamBrowser.Settings/Browser/BrowserSettings.cs
+++ b/SafeExamBrowser.Settings/Browser/BrowserSettings.cs
@@ -94,7 +94,7 @@ namespace SafeExamBrowser.Settings.Browser
///
/// The salt value for the calculation of the exam key which is used for integrity checks with server applications (see also ).
///
- public string ExamKeySalt { get; set; }
+ public byte[] ExamKeySalt { get; set; }
///
/// The settings to be used for the browser request filter.
diff --git a/SebWindowsConfig/Utilities/SEBProtectionController.cs b/SebWindowsConfig/Utilities/SEBProtectionController.cs
index 6ac06ed3..4f60f7ea 100644
--- a/SebWindowsConfig/Utilities/SEBProtectionController.cs
+++ b/SebWindowsConfig/Utilities/SEBProtectionController.cs
@@ -574,14 +574,14 @@ namespace SebWindowsConfig.Utilities
{
var executable = Assembly.GetExecutingAssembly();
var certificate = executable.Modules.First().GetSignerCertificate();
- var salt = BitConverter.ToString((byte[])SEBSettings.settingsCurrent[SEBSettings.KeyExamKeySalt]).ToLower().Replace("-", string.Empty);
+ var salt = (byte[]) SEBSettings.settingsCurrent[SEBSettings.KeyExamKeySalt];
var signature = certificate?.GetCertHashString();
var version = FileVersionInfo.GetVersionInfo(executable.Location).FileVersion;
var configurationKey = ComputeConfigurationKey();
- using (var algorithm = new SHA256Managed())
+ using (var algorithm = new HMACSHA256(salt))
{
- var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(salt + signature + version + configurationKey));
+ var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(signature + version + configurationKey));
var key = BitConverter.ToString(hash).ToLower().Replace("-", string.Empty);
return key;