zervo/seb-win-refactoring
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SEBWIN-898, SEBWIN-893, #883: Patch of version 3.6.0 which fixes concurrency issue with CK and BEK hash calculation.

Browse source
This commit is contained in:
Damian Büchel 2024-06-13 16:34:04 +02:00
parent 40d2b6acf0
commit a977fd3ee6
2 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
SafeExamBrowser.Configuration/Cryptography/KeyGenerator.cs
View file

@ -9,6 +9,7 @@
using System;
using System.Security.Cryptography;
using System.Text;
using System.Threading;
using SafeExamBrowser.Configuration.Contracts;
using SafeExamBrowser.Configuration.Contracts.Cryptography;
using SafeExamBrowser.Configuration.Contracts.Integrity;
@ -20,7 +21,7 @@ namespace SafeExamBrowser.Configuration.Cryptography
{
private readonly object @lock = new object();
private readonly SHA256Managed algorithm;
private readonly ThreadLocal<SHA256Managed> algorithm;
private readonly AppConfig appConfig;
private readonly IIntegrityModule integrityModule;
private readonly ILogger logger;
@ -29,7 +30,7 @@ namespace SafeExamBrowser.Configuration.Cryptography
public KeyGenerator(AppConfig appConfig, IIntegrityModule integrityModule, ILogger logger)
{
this.algorithm = new SHA256Managed();
this.algorithm = new ThreadLocal<SHA256Managed>(() => new SHA256Managed());
this.appConfig = appConfig;
this.integrityModule = integrityModule;
this.logger = logger;
@ -52,7 +53,7 @@ namespace SafeExamBrowser.Configuration.Cryptography
public string CalculateBrowserExamKeyHash(string configurationKey, byte[] salt, string url)
{
var urlWithoutFragment = url.Split('#')[0];
var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(urlWithoutFragment + (browserExamKey ?? ComputeBrowserExamKey(configurationKey, salt))));
var hash = algorithm.Value.ComputeHash(Encoding.UTF8.GetBytes(urlWithoutFragment + (browserExamKey ?? ComputeBrowserExamKey(configurationKey, salt))));
var key = ToString(hash);
return key;
@ -61,7 +62,7 @@ namespace SafeExamBrowser.Configuration.Cryptography
public string CalculateConfigurationKeyHash(string configurationKey, string url)
{
var urlWithoutFragment = url.Split('#')[0];
var hash = algorithm.ComputeHash(Encoding.UTF8.GetBytes(urlWithoutFragment + configurationKey));
var hash = algorithm.Value.ComputeHash(Encoding.UTF8.GetBytes(urlWithoutFragment + configurationKey));
var key = ToString(hash);
return key;

4
appveyor-release.yml
View file

@ -1,4 +1,4 @@
version: '3.6.0.{build}'
version: '3.6.1.{build}'
image: Windows
configuration: Release
platform:
@ -12,7 +12,7 @@ assembly_info:
file: AssemblyInfo.*
assembly_version: '{version}'
assembly_file_version: '{version}'
assembly_informational_version: '3.6.0 ($(platform))'
assembly_informational_version: '3.6.1 ($(platform))'
install:
- appveyor DownloadFile "https://dist.nuget.org/win-x86-commandline/latest/nuget.exe"
build_script: