private static bool askForPasswordAndCompareToHashedPassword(string sebFileHashedAdminPassword, bool forEditing) { if (sebFileHashedAdminPassword.Length == 0) { return(true); } int num1 = 5; string passwordRequestText = SEBUIStrings.enterAdminPasswordRequired; string input; bool flag; do { --num1; input = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.loadingSettings + (string.IsNullOrEmpty(SEBClientInfo.LoadingSettingsFileName) ? "" : ": " + SEBClientInfo.LoadingSettingsFileName), passwordRequestText); if (input == null) { return(false); } flag = string.Compare(input.Length != 0 ? SEBProtectionController.ComputePasswordHash(input) : "", sebFileHashedAdminPassword, StringComparison.OrdinalIgnoreCase) == 0; passwordRequestText = SEBUIStrings.enterAdminPasswordRequiredAgain; }while ((input == null || !flag) && num1 > 0); if (flag) { return(flag); } int num2 = (int)SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedWrongAdminPwd, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); return(false); }
/// ---------------------------------------------------------------------------------------- /// <summary> /// Encrypt preferences using a password /// </summary> /// ---------------------------------------------------------------------------------------- // Encrypt preferences using a password public static byte[] EncryptDataUsingPassword(byte[] data, string password, bool passwordIsHash, SEBSettings.sebConfigPurposes configPurpose) { string prefixString; // Check if .seb file should start exam or configure client if (configPurpose == SEBSettings.sebConfigPurposes.sebConfigPurposeStartingExam) { // prefix string for starting exam: normal password will be prompted prefixString = PASSWORD_MODE; } else { // prefix string for configuring client: configuring password will either be hashed admin pw on client // or if no admin pw on client set: empty pw prefixString = PASSWORD_CONFIGURING_CLIENT_MODE; if (!String.IsNullOrEmpty(password) && !passwordIsHash) { //empty password means no admin pw on clients and should not be hashed //or we got already a hashed admin pw as settings pw, then we don't hash again password = SEBProtectionController.ComputePasswordHash(password); } } byte[] encryptedData = SEBProtectionController.EncryptDataWithPassword(data, password); // Create byte array large enough to hold prefix and data byte[] encryptedSebData = new byte[encryptedData.Length + PREFIX_LENGTH]; Buffer.BlockCopy(Encoding.UTF8.GetBytes(prefixString), 0, encryptedSebData, 0, PREFIX_LENGTH); Buffer.BlockCopy(encryptedData, 0, encryptedSebData, PREFIX_LENGTH, encryptedData.Length); return(encryptedSebData); }
public static byte[] EncryptDataUsingIdentity(byte[] data, X509Certificate2 certificateRef) { byte[] hashFromCertificate = SEBProtectionController.GetPublicKeyHashFromCertificate(certificateRef); byte[] numArray1 = SEBProtectionController.EncryptDataWithCertificate(data, certificateRef); byte[] numArray2 = new byte[numArray1.Length + 4 + hashFromCertificate.Length]; Buffer.BlockCopy((Array)Encoding.UTF8.GetBytes("pkhs"), 0, (Array)numArray2, 0, 4); Buffer.BlockCopy((Array)hashFromCertificate, 0, (Array)numArray2, 4, hashFromCertificate.Length); Buffer.BlockCopy((Array)numArray1, 0, (Array)numArray2, 4 + hashFromCertificate.Length, numArray1.Length); return(numArray2); }
private static byte[] DecryptDataWithPublicKeyHashPrefix(byte[] sebData, bool forEditing, ref X509Certificate2 sebFileCertificateRef) { X509Certificate2 certificateFromStore = SEBProtectionController.GetCertificateFromStore(SEBConfigFileManager.GetPrefixDataFromData(ref sebData, 20)); if (certificateFromStore == null) { int num = (int)SEBMessageBox.Show(SEBUIStrings.errorDecryptingSettings, SEBUIStrings.certificateNotFoundInStore, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); return((byte[])null); } if (forEditing) { sebFileCertificateRef = certificateFromStore; } sebData = SEBProtectionController.DecryptDataWithCertificate(sebData, certificateFromStore); return(sebData); }
/// ---------------------------------------------------------------------------------------- /// <summary> /// Ask user to enter password and compare it to the passed (hashed) password string /// Returns true if correct password was entered /// </summary> /// ---------------------------------------------------------------------------------------- private static bool askForPasswordAndCompareToHashedPassword(string sebFileHashedAdminPassword, bool forEditing) { // Check if there wasn't a hashed password (= empty password) if (sebFileHashedAdminPassword.Length == 0) { return(true); } // We have to ask for the SEB administrator password used in the settings // and allow opening settings only if the user enters the right one // Allow up to 5 attempts for entering admin password int i = 5; string password = null; string hashedPassword; string enterPasswordString = SEBUIStrings.enterAdminPasswordRequired; bool passwordsMatch; do { i--; // Prompt for password password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.loadingSettings + (String.IsNullOrEmpty(SEBClientInfo.LoadingSettingsFileName) ? "" : ": " + SEBClientInfo.LoadingSettingsFileName), enterPasswordString); // If cancel was pressed, abort if (password == null) { return(false); } if (password.Length == 0) { hashedPassword = ""; } else { hashedPassword = SEBProtectionController.ComputePasswordHash(password); } passwordsMatch = (String.Compare(hashedPassword, sebFileHashedAdminPassword, StringComparison.OrdinalIgnoreCase) == 0); // in case we get an error we allow the user to try it again enterPasswordString = SEBUIStrings.enterAdminPasswordRequiredAgain; } while ((password == null || !passwordsMatch) && i > 0); if (!passwordsMatch) { //wrong password entered in 5th try: stop reading .seb file SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedWrongAdminPwd, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); return(false); } // Right password entered return(passwordsMatch); }
/// ---------------------------------------------------------------------------------------- /// <summary> /// Encrypt preferences using a certificate /// </summary> /// ---------------------------------------------------------------------------------------- public static byte[] EncryptDataUsingIdentity(byte[] data, X509Certificate2 certificateRef) { //get public key hash from selected identity's certificate byte[] publicKeyHash = SEBProtectionController.GetPublicKeyHashFromCertificate(certificateRef); //encrypt data using public key byte[] encryptedData = SEBProtectionController.EncryptDataWithCertificate(data, certificateRef); // Create byte array large enough to hold prefix, public key hash and encrypted data byte[] encryptedSebData = new byte[encryptedData.Length + PREFIX_LENGTH + publicKeyHash.Length]; // Copy prefix indicating data has been encrypted with a public key identified by hash into out data string prefixString = PUBLIC_KEY_HASH_MODE; Buffer.BlockCopy(Encoding.UTF8.GetBytes(prefixString), 0, encryptedSebData, 0, PREFIX_LENGTH); // Copy public key hash to out data Buffer.BlockCopy(publicKeyHash, 0, encryptedSebData, PREFIX_LENGTH, publicKeyHash.Length); // Copy encrypted data to out data Buffer.BlockCopy(encryptedData, 0, encryptedSebData, PREFIX_LENGTH + publicKeyHash.Length, encryptedData.Length); return encryptedSebData; }
/// ---------------------------------------------------------------------------------------- /// <summary> /// Helper method which fetches the public key hash from a byte array, /// retrieves the according cryptographic identity from the certificate store /// and returns the decrypted bytes /// </summary> /// ---------------------------------------------------------------------------------------- private static byte[] DecryptDataWithPublicKeyHashPrefix(byte[] sebData, bool forEditing, ref X509Certificate2 sebFileCertificateRef) { // Get 20 bytes public key hash prefix // and remaining data with the prefix stripped byte[] publicKeyHash = GetPrefixDataFromData(ref sebData, PUBLIC_KEY_HASH_LENGTH); X509Certificate2 certificateRef = SEBProtectionController.GetCertificateFromStore(publicKeyHash); if (certificateRef == null) { SEBMessageBox.Show(SEBUIStrings.errorDecryptingSettings, SEBUIStrings.certificateNotFoundInStore, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); return null; } // If these settings are being decrypted for editing, we will return the decryption certificate reference // in the variable which was passed as reference when calling this method if (forEditing) sebFileCertificateRef = certificateRef; sebData = SEBProtectionController.DecryptDataWithCertificate(sebData, certificateRef); return sebData; }
protected override void OnClick(EventArgs e) { string restartExamTitle = (String)SEBClientInfo.getSebSetting(SEBSettings.KeyRestartExamText)[SEBSettings.KeyRestartExamText]; // If there was no individual restart exam text set, we use the default text (which is localized) if (String.IsNullOrEmpty(restartExamTitle)) { restartExamTitle = SEBUIStrings.restartExamDefaultTitle; } string quitPassword = (String)SEBClientInfo.getSebSetting(SEBSettings.KeyHashedQuitPassword)[SEBSettings.KeyHashedQuitPassword]; if ((Boolean)SEBClientInfo.getSebSetting(SEBSettings.KeyRestartExamPasswordProtected)[SEBSettings.KeyRestartExamPasswordProtected] && !String.IsNullOrWhiteSpace(quitPassword)) { var password = SebPasswordDialogForm.ShowPasswordDialogForm(restartExamTitle, SEBUIStrings.restartExamEnterPassword); //cancel button has been clicked if (password == null) { return; } var hashedPassword = SEBProtectionController.ComputePasswordHash(password); if (String.IsNullOrWhiteSpace(password) || String.Compare(quitPassword, hashedPassword, StringComparison.OrdinalIgnoreCase) != 0) { SEBMessageBox.Show(restartExamTitle, SEBUIStrings.wrongQuitRestartPasswordText, MessageBoxIcon.Error, MessageBoxButtons.OK); return; } else { SEBXULRunnerWebSocketServer.SendRestartExam(); return; } } if (SEBMessageBox.Show(restartExamTitle, SEBUIStrings.restartExamConfirm, MessageBoxIcon.Question, MessageBoxButtons.YesNo) == DialogResult.Yes) { SEBXULRunnerWebSocketServer.SendRestartExam(); } }
private void btnOk_Click(object sender, EventArgs e) { string userQuitPassword = this.txtQuitPassword.Text; string hPassword = SEBProtectionController.ComputePasswordHash(userQuitPassword); string settingsPasswordHash = (string)SEBClientInfo.getSebSetting(SEBSettings.KeyHashedQuitPassword)[SEBSettings.KeyHashedQuitPassword]; int quit = String.Compare(settingsPasswordHash, hPassword, StringComparison.OrdinalIgnoreCase); if (quit != 0) { this.Hide(); SEBMessageBox.Show(SEBUIStrings.quittingFailed, SEBUIStrings.quittingFailedReason, MessageBoxIcon.Error, MessageBoxButtons.OK); this.txtQuitPassword.Text = ""; this.Visible = false; } else { this.Visible = false; SEBClientInfo.SebWindowsClientForm.ExitApplication(); } }
private void ShowPasswordDialog(string processName, string quitPassword) { var password = SebPasswordDialogForm.ShowPasswordDialogForm(SEBUIStrings.prohibitedProcessDetectedTitle, SEBUIStrings.prohibitedProcessDetectedQuitPassword + processName); //cancel button has been clicked if (password == null) { ShowPasswordDialog(processName, quitPassword); } var hashedPassword = SEBProtectionController.ComputePasswordHash(password); if (String.IsNullOrWhiteSpace(password) || String.Compare(quitPassword, hashedPassword, StringComparison.OrdinalIgnoreCase) != 0) { return; } else { ShowPasswordDialog(processName, quitPassword); } }
public static byte[] EncryptDataUsingPassword(byte[] data, string password, bool passwordIsHash, SEBSettings.sebConfigPurposes configPurpose) { string s; if (configPurpose == SEBSettings.sebConfigPurposes.sebConfigPurposeStartingExam) { s = "pswd"; } else { s = "pwcc"; if (!string.IsNullOrEmpty(password) && !passwordIsHash) { password = SEBProtectionController.ComputePasswordHash(password); } } byte[] numArray1 = SEBProtectionController.EncryptDataWithPassword(data, password); byte[] numArray2 = new byte[numArray1.Length + 4]; Buffer.BlockCopy((Array)Encoding.UTF8.GetBytes(s), 0, (Array)numArray2, 0, 4); Buffer.BlockCopy((Array)numArray1, 0, (Array)numArray2, 4, numArray1.Length); return(numArray2); }
protected override void OnClick(EventArgs e) { string examDefaultTitle = (string)SEBClientInfo.getSebSetting("restartExamText")["restartExamText"]; if (string.IsNullOrEmpty(examDefaultTitle)) { examDefaultTitle = SEBUIStrings.restartExamDefaultTitle; } string strA = (string)SEBClientInfo.getSebSetting("hashedQuitPassword")["hashedQuitPassword"]; if ((bool)SEBClientInfo.getSebSetting("restartExamPasswordProtected")["restartExamPasswordProtected"] && !string.IsNullOrWhiteSpace(strA)) { string input = SebPasswordDialogForm.ShowPasswordDialogForm(examDefaultTitle, SEBUIStrings.restartExamEnterPassword); if (input == null) { return; } string passwordHash = SEBProtectionController.ComputePasswordHash(input); if (string.IsNullOrWhiteSpace(input) || string.Compare(strA, passwordHash, StringComparison.OrdinalIgnoreCase) != 0) { int num = (int)SEBMessageBox.Show(examDefaultTitle, SEBUIStrings.wrongQuitRestartPasswordText, MessageBoxIcon.Hand, MessageBoxButtons.OK, false); } else { SEBXULRunnerWebSocketServer.SendRestartExam(); } } else { if (SEBMessageBox.Show(examDefaultTitle, SEBUIStrings.restartExamConfirm, MessageBoxIcon.Question, MessageBoxButtons.YesNo, false) != DialogResult.Yes) { return; } SEBXULRunnerWebSocketServer.SendRestartExam(); } }
public static bool StoreDecryptedSEBSettings(byte[] sebData) { string sebFilePassword = (string)null; bool passwordIsHash = false; X509Certificate2 sebFileCertificateRef = (X509Certificate2)null; Dictionary <string, object> settingsDict = SEBConfigFileManager.DecryptSEBSettings(sebData, false, ref sebFilePassword, ref passwordIsHash, ref sebFileCertificateRef); if (settingsDict == null) { return(false); } Logger.AddInformation("Reconfiguring", (object)null, (Exception)null, (string)null); SEBClientInfo.SebWindowsClientForm.closeSebClient = false; Logger.AddInformation("Attempting to CloseSEBForm for reconfiguration", (object)null, (Exception)null, (string)null); SEBClientInfo.SebWindowsClientForm.CloseSEBForm(); Logger.AddInformation("Succesfully CloseSEBForm for reconfiguration", (object)null, (Exception)null, (string)null); SEBClientInfo.SebWindowsClientForm.closeSebClient = true; SEBClientInfo.CreateNewDesktopOldValue = (bool)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, "createNewDesktop"); if ((int)settingsDict["sebConfigPurpose"] == 0) { Logger.AddInformation("Reconfiguring to start an exam", (object)null, (Exception)null, (string)null); Logger.AddInformation("Attempting to StoreSebClientSettings", (object)null, (Exception)null, (string)null); SEBSettings.StoreSebClientSettings(settingsDict); Logger.AddInformation("Successfully StoreSebClientSettings", (object)null, (Exception)null, (string)null); SEBClientInfo.examMode = true; SEBClientInfo.InitializeLogger(); if (SEBClientInfo.CreateNewDesktopOldValue != (bool)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, "createNewDesktop")) { if (!SEBClientInfo.CreateNewDesktopOldValue) { int num1 = (int)SEBMessageBox.Show(SEBUIStrings.settingsRequireNewDesktop, SEBUIStrings.settingsRequireNewDesktopReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, false); } else { int num2 = (int)SEBMessageBox.Show(SEBUIStrings.settingsRequireNotNewDesktop, SEBUIStrings.settingsRequireNotNewDesktopReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, false); } SEBClientInfo.SebWindowsClientForm.ExitApplication(true); } Logger.AddInformation("Attemting to InitSEBDesktop for reconfiguration", (object)null, (Exception)null, (string)null); if (!SebWindowsClientMain.InitSEBDesktop()) { return(false); } Logger.AddInformation("Sucessfully InitSEBDesktop for reconfiguration", (object)null, (Exception)null, (string)null); Logger.AddInformation("Attempting to OpenSEBForm for reconfiguration", (object)null, (Exception)null, (string)null); int num = SEBClientInfo.SebWindowsClientForm.OpenSEBForm() ? 1 : 0; Logger.AddInformation("Successfully OpenSEBForm for reconfiguration", (object)null, (Exception)null, (string)null); return(num != 0); } Logger.AddInformation("Reconfiguring to configure a client", (object)null, (Exception)null, (string)null); List <object> objectList = (List <object>)settingsDict["embeddedCertificates"]; for (int index = objectList.Count - 1; index >= 0; --index) { Dictionary <string, object> dictionary = (Dictionary <string, object>)objectList[index]; if ((int)dictionary["type"] == 1) { SEBProtectionController.StoreCertificateIntoStore((byte[])dictionary["certificateData"]); } objectList.RemoveAt(index); } SEBSettings.StoreSebClientSettings(settingsDict); SEBClientInfo.InitializeLogger(); SEBSettings.WriteSebConfigurationFile(SEBClientInfo.SebClientSettingsAppDataFile, "", false, (X509Certificate2)null, SEBSettings.sebConfigPurposes.sebConfigPurposeConfiguringClient, false); if (!SebWindowsClientMain.InitSEBDesktop() || !SEBClientInfo.SebWindowsClientForm.OpenSEBForm()) { return(false); } if (SEBClientInfo.CreateNewDesktopOldValue != (bool)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, "createNewDesktop")) { int num = (int)SEBMessageBox.Show(SEBUIStrings.sebReconfiguredRestartNeeded, SEBUIStrings.sebReconfiguredRestartNeededReason, MessageBoxIcon.Exclamation, MessageBoxButtons.OK, false); SEBClientInfo.SebWindowsClientForm.ExitApplication(true); } if (SEBMessageBox.Show(SEBUIStrings.sebReconfigured, SEBUIStrings.sebReconfiguredQuestion, MessageBoxIcon.Question, MessageBoxButtons.YesNo, false) == DialogResult.No) { SEBClientInfo.SebWindowsClientForm.ExitApplication(true); } return(true); }
// ******************************************************* // Initialise the GUI widgets of this configuration editor // ******************************************************* private void InitialiseGUIWidgets() { // At program start, the local client settings configuration file is loaded currentDireSebConfigFile = SEBClientInfo.SebClientSettingsAppDataDirectory; currentFileSebConfigFile = SEBClientInfo.SEB_CLIENT_CONFIG; StringBuilder sebClientSettingsAppDataBuilder = new StringBuilder(currentDireSebConfigFile).Append(currentFileSebConfigFile); currentPathSebConfigFile = sebClientSettingsAppDataBuilder.ToString(); openFileDialogSebConfigFile.InitialDirectory = Environment.CurrentDirectory; saveFileDialogSebConfigFile.InitialDirectory = Environment.CurrentDirectory; //folderBrowserDialogDownloadDirectoryWin.RootFolder = Environment.SpecialFolder.DesktopDirectory; //folderBrowserDialogLogDirectoryWin .RootFolder = Environment.SpecialFolder.MyDocuments; // Assign the fixed entries to the ListBoxes and ComboBoxes listBoxExitKey1.Items.AddRange(StringFunctionKey); listBoxExitKey2.Items.AddRange(StringFunctionKey); listBoxExitKey3.Items.AddRange(StringFunctionKey); // Assing the list of cryptographic identities/certificates to the ComboBox ArrayList certificateNames = new ArrayList(); certificateReferences = SEBProtectionController.GetCertificatesAndNames(ref certificateNames); comboBoxCryptoIdentity.Items.Add("None"); comboBoxCryptoIdentity.Items.AddRange(certificateNames.ToArray()); comboBoxChooseIdentityToEmbed.Items.AddRange(certificateNames.ToArray()); comboBoxChooseIdentityToEmbed.Text = SEBUIStrings.ChooseEmbeddedCert; ArrayList certificateSSLNames = new ArrayList(); certificateSSLReferences = SEBProtectionController.GetSSLCertificatesAndNames(ref certificateSSLNames); comboBoxChooseSSLClientCertificate.Items.AddRange(certificateSSLNames.ToArray()); comboBoxChooseSSLClientCertificate.Text = SEBUIStrings.ChooseEmbeddedCert; // At program start, no file has yet been opened, so revert is not possible buttonRevertToLastOpened.Enabled = false; comboBoxMainBrowserWindowWidth.Items.AddRange(StringWindowWidth); comboBoxMainBrowserWindowHeight.Items.AddRange(StringWindowHeight); listBoxMainBrowserWindowPositioning.Items.AddRange(StringWindowPositioning); comboBoxNewBrowserWindowWidth.Items.AddRange(StringWindowWidth); comboBoxNewBrowserWindowHeight.Items.AddRange(StringWindowHeight); listBoxNewBrowserWindowPositioning.Items.AddRange(StringWindowPositioning); comboBoxTaskBarHeight.Items.AddRange(StringTaskBarHeight); listBoxOpenLinksHTML.Items.AddRange(StringPolicyLinkOpening); listBoxOpenLinksJava.Items.AddRange(StringPolicyLinkOpening); listBoxChooseFileToUploadPolicy.Items.AddRange(StringPolicyFileUpload); listBoxSebServicePolicy.Items.AddRange(StringPolicySebService); // Initialise the DataGridViews: // Set "AllowUserToAddRows" to false, to avoid an initial empty first row // Set "RowHeadersVisible" to false, to avoid an initial empty first column // Set "FullRowSelect" to true , to select whole row when clicking on a cell dataGridViewPermittedProcesses.Enabled = false; dataGridViewPermittedProcesses.ReadOnly = false; dataGridViewPermittedProcesses.AllowUserToAddRows = false; dataGridViewPermittedProcesses.RowHeadersVisible = false; dataGridViewPermittedProcesses.MultiSelect = false; dataGridViewPermittedProcesses.SelectionMode = DataGridViewSelectionMode.FullRowSelect; dataGridViewPermittedProcessArguments.Enabled = false; dataGridViewPermittedProcessArguments.ReadOnly = false; dataGridViewPermittedProcessArguments.AllowUserToAddRows = false; dataGridViewPermittedProcessArguments.RowHeadersVisible = false; dataGridViewPermittedProcessArguments.MultiSelect = false; dataGridViewPermittedProcessArguments.SelectionMode = DataGridViewSelectionMode.FullRowSelect; dataGridViewProhibitedProcesses.Enabled = false; dataGridViewProhibitedProcesses.ReadOnly = false; dataGridViewProhibitedProcesses.AllowUserToAddRows = false; dataGridViewProhibitedProcesses.RowHeadersVisible = false; dataGridViewProhibitedProcesses.MultiSelect = false; dataGridViewProhibitedProcesses.SelectionMode = DataGridViewSelectionMode.FullRowSelect; dataGridViewEmbeddedCertificates.Enabled = false; dataGridViewEmbeddedCertificates.ReadOnly = false; dataGridViewEmbeddedCertificates.AllowUserToAddRows = false; dataGridViewEmbeddedCertificates.RowHeadersVisible = false; dataGridViewEmbeddedCertificates.MultiSelect = false; dataGridViewEmbeddedCertificates.SelectionMode = DataGridViewSelectionMode.FullRowSelect; dataGridViewProxyProtocols.Enabled = false; dataGridViewProxyProtocols.ReadOnly = false; dataGridViewProxyProtocols.AllowUserToAddRows = false; dataGridViewProxyProtocols.RowHeadersVisible = false; dataGridViewProxyProtocols.MultiSelect = false; dataGridViewProxyProtocols.SelectionMode = DataGridViewSelectionMode.FullRowSelect; dataGridViewPermittedProcesses.Columns[IntColumnProcessActive].ValueType = typeof(Boolean); dataGridViewPermittedProcesses.Columns[IntColumnProcessOS].ValueType = typeof(String); dataGridViewPermittedProcesses.Columns[IntColumnProcessExecutable].ValueType = typeof(String); dataGridViewPermittedProcesses.Columns[IntColumnProcessTitle].ValueType = typeof(String); dataGridViewPermittedProcessArguments.Columns[IntColumnProcessActive].ValueType = typeof(Boolean); dataGridViewPermittedProcessArguments.Columns[IntColumnProcessArgument].ValueType = typeof(String); dataGridViewProhibitedProcesses.Columns[IntColumnProcessActive].ValueType = typeof(Boolean); dataGridViewProhibitedProcesses.Columns[IntColumnProcessOS].ValueType = typeof(String); dataGridViewProhibitedProcesses.Columns[IntColumnProcessExecutable].ValueType = typeof(String); dataGridViewProhibitedProcesses.Columns[IntColumnProcessDescription].ValueType = typeof(String); dataGridViewEmbeddedCertificates.Columns[IntColumnCertificateType].ValueType = typeof(String); dataGridViewEmbeddedCertificates.Columns[IntColumnCertificateName].ValueType = typeof(String); dataGridViewProxyProtocols.Columns[IntColumnProxyProtocolEnable].ValueType = typeof(Boolean); dataGridViewProxyProtocols.Columns[IntColumnProxyProtocolType].ValueType = typeof(String); dataGridViewProxyProtocols.Columns[IntColumnProxyProtocolEnable].ReadOnly = false; dataGridViewProxyProtocols.Columns[IntColumnProxyProtocolType].ReadOnly = true; // Assign the column names to the DataGridViews /* * dataGridViewPermittedProcesses.Columns.Add(StringColumnActive , StringColumnActive); * dataGridViewPermittedProcesses.Columns.Add(StringColumnOS , StringColumnOS); * dataGridViewPermittedProcesses.Columns.Add(StringColumnExecutable, StringColumnExecutable); * dataGridViewPermittedProcesses.Columns.Add(StringColumnTitle , StringColumnTitle); * * dataGridViewPermittedProcessArguments.Columns.Add(StringColumnActive , StringColumnActive); * dataGridViewPermittedProcessArguments.Columns.Add(StringColumnArgument, StringColumnArgument); * * dataGridViewProhibitedProcesses.Columns.Add(StringColumnActive , StringColumnActive); * dataGridViewProhibitedProcesses.Columns.Add(StringColumnOS , StringColumnOS); * dataGridViewProhibitedProcesses.Columns.Add(StringColumnExecutable , StringColumnExecutable); * dataGridViewProhibitedProcesses.Columns.Add(StringColumnDescription, StringColumnDescription); * * dataGridViewURLFilterRules.Columns.Add(StringColumnURLFilterRuleShow , StringColumnURLFilterRuleShow); * dataGridViewURLFilterRules.Columns.Add(StringColumnURLFilterRuleActive , StringColumnURLFilterRuleActive); * dataGridViewURLFilterRules.Columns.Add(StringColumnURLFilterRuleRegex , StringColumnURLFilterRuleRegex); * dataGridViewURLFilterRules.Columns.Add(StringColumnURLFilterRuleExpression, StringColumnURLFilterRuleExpression); * dataGridViewURLFilterRules.Columns.Add(StringColumnURLFilterRuleAction , StringColumnURLFilterRuleAction); * * dataGridViewEmbeddedCertificates.Columns.Add(StringColumnCertificateType, StringColumnCertificateType); * dataGridViewEmbeddedCertificates.Columns.Add(StringColumnCertificateName, StringColumnCertificateName); * * dataGridViewProxyProtocols.Columns.Add(StringColumnProxyProtocolEnable, StringColumnProxyProtocolEnable); * dataGridViewProxyProtocols.Columns.Add(StringColumnProxyProtocolType , StringColumnProxyProtocolType); * * dataGridViewBypassedProxies.Columns.Add(StringColumnDomainHostPort, StringColumnDomainHostPort); */ groupBoxPermittedProcess.Enabled = false; groupBoxProhibitedProcess.Enabled = false; listBoxPermittedProcessOS.Items.AddRange(StringOS); listBoxProhibitedProcessOS.Items.AddRange(StringOS); // Help data structures for table access to URL Filter Rules urlFilterTableRow = -1; urlFilterTableRowIsTitle = false; urlFilterTableRuleIndex.Clear(); urlFilterTableActionIndex.Clear(); urlFilterTableIsTitleRow.Clear(); urlFilterTableStartRow.Clear(); urlFilterTableEndRow.Clear(); urlFilterTableShowRule.Clear(); urlFilterTableCellIsDisabled.Clear(); // Auto-resize the columns and cells //dataGridViewPermittedProcesses .AutoResizeColumns(); //dataGridViewProhibitedProcesses .AutoResizeColumns(); //dataGridViewURLFilterRules .AutoResizeColumns(); //dataGridViewEmbeddedCertificates.AutoResizeColumns(); //dataGridViewProxyProtocols .AutoResizeColumns(); //dataGridViewBypassedProxies .AutoResizeColumns(); //dataGridViewPermittedProcesses .AutoResizeColumns(DataGridViewAutoSizeColumnsMode.AllCells); //dataGridViewProhibitedProcesses .AutoResizeColumns(DataGridViewAutoSizeColumnsMode.AllCells); //dataGridViewURLFilterRules .AutoResizeColumns(DataGridViewAutoSizeColumnsMode.AllCells); //dataGridViewEmbeddedCertificates.AutoResizeColumns(DataGridViewAutoSizeColumnsMode.AllCells); //dataGridViewProxyProtocols .AutoResizeColumns(DataGridViewAutoSizeColumnsMode.AllCells); //dataGridViewBypassedProxies .AutoResizeColumns(DataGridViewAutoSizeColumnsMode.AllCells); }
/// ---------------------------------------------------------------------------------------- /// <summary> /// Decrypt, parse and use new SEB settings /// </summary> /// ---------------------------------------------------------------------------------------- public static bool StoreDecryptedSEBSettings(byte[] sebData) { DictObj sebPreferencesDict; string sebFilePassword = null; bool passwordIsHash = false; X509Certificate2 sebFileCertificateRef = null; sebPreferencesDict = DecryptSEBSettings(sebData, false, ref sebFilePassword, ref passwordIsHash, ref sebFileCertificateRef); if (sebPreferencesDict == null) { return(false); //Decryption didn't work, we abort } Logger.AddInformation("Reconfiguring"); // Reset SEB, close third party applications SEBClientInfo.SebWindowsClientForm.closeSebClient = false; Logger.AddInformation("Attempting to CloseSEBForm for reconfiguration"); SEBClientInfo.SebWindowsClientForm.CloseSEBForm(); Logger.AddInformation("Succesfully CloseSEBForm for reconfiguration"); SEBClientInfo.SebWindowsClientForm.closeSebClient = true; //SEBClientInfo.SebWindowsClientForm.Close(); //SEBClientInfo.SebWindowsClientForm.Dispose(); // We need to check if setting for createNewDesktop changed SEBClientInfo.CreateNewDesktopOldValue = (bool)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, SEBSettings.KeyCreateNewDesktop); if ((int)sebPreferencesDict[SEBSettings.KeySebConfigPurpose] == (int)SEBSettings.sebConfigPurposes.sebConfigPurposeStartingExam) { /// /// If these SEB settings are ment to start an exam /// Logger.AddInformation("Reconfiguring to start an exam"); /// If these SEB settings are ment to start an exam // Store decrypted settings Logger.AddInformation("Attempting to StoreSebClientSettings"); SEBSettings.StoreSebClientSettings(sebPreferencesDict); Logger.AddInformation("Successfully StoreSebClientSettings"); // Set the flag that SEB is running in exam mode now SEBClientInfo.examMode = true; //Re-initialize logger SEBClientInfo.InitializeLogger(); // Check if SEB is running on the standard desktop and the new settings demand to run in new desktop (createNewDesktop = true) // or the other way around! if (SEBClientInfo.CreateNewDesktopOldValue != (bool)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, SEBSettings.KeyCreateNewDesktop)) { // If it did, SEB needs to quit and be restarted manually for the new setting to take effekt if (SEBClientInfo.CreateNewDesktopOldValue == false) { SEBMessageBox.Show(SEBUIStrings.settingsRequireNewDesktop, SEBUIStrings.settingsRequireNewDesktopReason, MessageBoxIcon.Error, MessageBoxButtons.OK); } else { SEBMessageBox.Show(SEBUIStrings.settingsRequireNotNewDesktop, SEBUIStrings.settingsRequireNotNewDesktopReason, MessageBoxIcon.Error, MessageBoxButtons.OK); } //SEBClientInfo.SebWindowsClientForm.closeSebClient = true; SEBClientInfo.SebWindowsClientForm.ExitApplication(); } // Re-Initialize SEB according to the new settings Logger.AddInformation("Attemting to InitSEBDesktop for reconfiguration"); if (!SebWindowsClientMain.InitSEBDesktop()) { return(false); } Logger.AddInformation("Sucessfully InitSEBDesktop for reconfiguration"); // Re-open the main form //SEBClientInfo.SebWindowsClientForm = new SebWindowsClientForm(); //SebWindowsClientMain.singleInstanceController.SetMainForm(SEBClientInfo.SebWindowsClientForm); //return if initializing SEB with openend preferences was successful Logger.AddInformation("Attempting to OpenSEBForm for reconfiguration"); var ret = SEBClientInfo.SebWindowsClientForm.OpenSEBForm(); Logger.AddInformation("Successfully OpenSEBForm for reconfiguration"); return(ret); } else { /// /// If these SEB settings are ment to configure a client /// Logger.AddInformation("Reconfiguring to configure a client"); /// If these SEB settings are ment to configure a client // Check if we have embedded identities and import them into the Windows Certifcate Store ListObj embeddedCertificates = (ListObj)sebPreferencesDict[SEBSettings.KeyEmbeddedCertificates]; for (int i = embeddedCertificates.Count - 1; i >= 0; i--) { // Get the Embedded Certificate DictObj embeddedCertificate = (DictObj)embeddedCertificates[i]; // Is it an identity? if ((int)embeddedCertificate[SEBSettings.KeyType] == 1) { // Store the identity into the Windows Certificate Store SEBProtectionController.StoreCertificateIntoStore((byte[])embeddedCertificate[SEBSettings.KeyCertificateData]); } // Remove the identity from settings, as it should be only stored in the Certificate Store and not in the locally stored settings file embeddedCertificates.RemoveAt(i); } // Store decrypted settings SEBSettings.StoreSebClientSettings(sebPreferencesDict); //Re-initialize logger SEBClientInfo.InitializeLogger(); // Write new settings to the localapp directory SEBSettings.WriteSebConfigurationFile(SEBClientInfo.SebClientSettingsAppDataFile, "", false, null, SEBSettings.sebConfigPurposes.sebConfigPurposeConfiguringClient); // Re-Initialize SEB desktop according to the new settings if (!SebWindowsClientMain.InitSEBDesktop()) { return(false); } if (SEBClientInfo.SebWindowsClientForm.OpenSEBForm()) { // Activate SebWindowsClient so the message box gets focus //SEBClientInfo.SebWindowsClientForm.Activate(); // Check if setting for createNewDesktop changed if (SEBClientInfo.CreateNewDesktopOldValue != (bool)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, SEBSettings.KeyCreateNewDesktop)) { // If it did, SEB needs to quit and be restarted manually for the new setting to take effekt SEBMessageBox.Show(SEBUIStrings.sebReconfiguredRestartNeeded, SEBUIStrings.sebReconfiguredRestartNeededReason, MessageBoxIcon.Warning, MessageBoxButtons.OK); //SEBClientInfo.SebWindowsClientForm.closeSebClient = true; SEBClientInfo.SebWindowsClientForm.ExitApplication(); } if (SEBMessageBox.Show(SEBUIStrings.sebReconfigured, SEBUIStrings.sebReconfiguredQuestion, MessageBoxIcon.Question, MessageBoxButtons.YesNo) == DialogResult.No) { //SEBClientInfo.SebWindowsClientForm.closeSebClient = true; SEBClientInfo.SebWindowsClientForm.ExitApplication(); } return(true); //reading preferences was successful } else { return(false); } } }
/// <summary> /// JSON Serialization of Settings Dictionary /// </summary> public static string XULRunnerConfigDictionarySerialize(Dictionary <string, object> xulRunnerSettings) { // Add current Browser Exam Key if ((bool)xulRunnerSettings[SEBSettings.KeySendBrowserExamKey]) { string browserExamKey = SEBProtectionController.ComputeBrowserExamKey(); xulRunnerSettings[SEBSettings.KeyBrowserExamKey] = browserExamKey; xulRunnerSettings[SEBSettings.KeyBrowserURLSalt] = true; } // Eventually update setting if ((Boolean)SEBSettings.settingsCurrent[SEBSettings.KeyRestartExamUseStartURL] == true) { xulRunnerSettings[SEBSettings.KeyRestartExamURL] = xulRunnerSettings[SEBSettings.KeyStartURL]; } // Check if URL filter is enabled and send according keys to XULRunner seb only if it is if ((bool)xulRunnerSettings[SEBSettings.KeyURLFilterEnable] == false) { xulRunnerSettings[SEBSettings.KeyUrlFilterBlacklist] = ""; xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist] = ""; } else { // URL filter is enabled: Set trusted content flag to same value (what actually doesn't make sense, but it's implemented wrong in seb winctrl.jsm) xulRunnerSettings[SEBSettings.KeyUrlFilterTrustedContent] = (bool)xulRunnerSettings[SEBSettings.KeyURLFilterEnableContentFilter]; //add the starturl to the whitelist if not yet added if (!xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist].ToString().Contains(xulRunnerSettings[SEBSettings.KeyStartURL].ToString())) { if (!String.IsNullOrWhiteSpace(xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist].ToString())) { xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist] += @";"; } } xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist] += xulRunnerSettings[SEBSettings.KeyStartURL].ToString(); //Add the socket address if content filter is enabled if ((bool)xulRunnerSettings[SEBSettings.KeyURLFilterEnableContentFilter] == true) { if (!String.IsNullOrWhiteSpace(xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist].ToString())) { xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist] += @";"; } //Add the Socket address with http protocoll instead of ws protocoll for the injected iframe xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist] += String.Format("http://{0}", SEBXULRunnerWebSocketServer.ServerAddress.Substring(5)); } } // Add websocket sever address to XULRunner seb settings xulRunnerSettings[SEBSettings.KeyBrowserMessagingSocket] = SEBXULRunnerWebSocketServer.ServerAddress; Logger.AddInformation("Socket: " + xulRunnerSettings[SEBSettings.KeyBrowserMessagingSocket].ToString(), null, null); // Expand environment variables in paths which XULRunner seb is processing string downloadDirectoryWin = (string)xulRunnerSettings[SEBSettings.KeyDownloadDirectoryWin]; downloadDirectoryWin = Environment.ExpandEnvironmentVariables(downloadDirectoryWin); //downloadDirectoryWin = downloadDirectoryWin.Replace(@"\", @"\\"); xulRunnerSettings[SEBSettings.KeyDownloadDirectoryWin] = downloadDirectoryWin; // Add proper browser user agent string to XULRunner seb settings if ((bool)xulRunnerSettings[SEBSettings.KeyTouchOptimized] == true) { // Switch off XULRunner seb reload warning xulRunnerSettings[SEBSettings.KeyShowReloadWarning] = false; // Set correct task bar height according to display dpi xulRunnerSettings[SEBSettings.KeyTaskBarHeight] = (int)Math.Round((int)xulRunnerSettings[SEBSettings.KeyTaskBarHeight] * 1.7); if ((int)xulRunnerSettings[SEBSettings.KeyBrowserUserAgentTouchMode] == 0) { xulRunnerSettings[SEBSettings.KeyBrowserUserAgent] = SEBClientInfo.BROWSER_USERAGENT_TOUCH; } else if ((int)xulRunnerSettings[SEBSettings.KeyBrowserUserAgentTouchMode] == 1) { xulRunnerSettings[SEBSettings.KeyBrowserUserAgent] = SEBClientInfo.BROWSER_USERAGENT_TOUCH_IPAD; } else if ((int)xulRunnerSettings[SEBSettings.KeyBrowserUserAgentTouchMode] == 2) { xulRunnerSettings[SEBSettings.KeyBrowserUserAgent] = xulRunnerSettings[SEBSettings.KeyBrowserUserAgentTouchModeCustom]; } } else { if ((int)xulRunnerSettings[SEBSettings.KeyBrowserUserAgentDesktopMode] == 0) { xulRunnerSettings[SEBSettings.KeyBrowserUserAgent] = SEBClientInfo.BROWSER_USERAGENT_DESKTOP; } else { xulRunnerSettings[SEBSettings.KeyBrowserUserAgent] = xulRunnerSettings[SEBSettings.KeyBrowserUserAgentDesktopModeCustom]; } } xulRunnerSettings[SEBSettings.KeyBrowserUserAgent] += " " + SEBClientInfo.BROWSER_USERAGENT_SEB + " " + Application.ProductVersion; // Set onscreen keyboard settings flag when touch optimized is enabled xulRunnerSettings[SEBSettings.KeyBrowserScreenKeyboard] = (bool)xulRunnerSettings[SEBSettings.KeyTouchOptimized]; // Serialise JavaScriptSerializer serializer = new JavaScriptSerializer(); string jsonSettings = serializer.Serialize(xulRunnerSettings); // Convert to Base64 String byte[] bytesJson = Encoding.UTF8.GetBytes(jsonSettings); string base64Json = Convert.ToBase64String(bytesJson); //// remove the two chars "==" from the end of the string //string base64Json = base64String.Substring(0, base64String.Length - 2); return(base64Json); }
/// ---------------------------------------------------------------------------------------- /// <summary> /// Helper method which decrypts the byte array using an empty password, /// or the administrator password currently set in SEB /// or asks for the password used for encrypting this SEB file /// for configuring the client /// </summary> /// ---------------------------------------------------------------------------------------- private static DictObj DecryptDataWithPasswordForConfiguringClient(byte[] sebData, bool forEditing, ref string sebFilePassword, ref bool passwordIsHash) { passwordIsHash = false; string password; // First try to decrypt with the current admin password // get admin password hash string hashedAdminPassword = (string)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, SEBSettings.KeyHashedAdminPassword); if (hashedAdminPassword == null) { hashedAdminPassword = ""; } // We use always uppercase letters in the base16 hashed admin password used for encrypting hashedAdminPassword = hashedAdminPassword.ToUpper(); DictObj sebPreferencesDict = null; byte[] decryptedSebData = SEBProtectionController.DecryptDataWithPassword(sebData, hashedAdminPassword); if (decryptedSebData == null) { // If decryption with admin password didn't work, try it with an empty password decryptedSebData = SEBProtectionController.DecryptDataWithPassword(sebData, ""); if (decryptedSebData == null) { // If decryption with empty and admin password didn't work, ask for the password the .seb file was encrypted with // Allow up to 5 attempts for entering decoding password int i = 5; password = null; string enterPasswordString = SEBUIStrings.enterEncryptionPassword; do { i--; // Prompt for password password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, enterPasswordString); // If cancel was pressed, abort if (password == null) { return(null); } string hashedPassword = SEBProtectionController.ComputePasswordHash(password); // we try to decrypt with the hashed password decryptedSebData = SEBProtectionController.DecryptDataWithPassword(sebData, hashedPassword); // in case we get an error we allow the user to try it again enterPasswordString = SEBUIStrings.enterEncryptionPasswordAgain; } while (decryptedSebData == null && i > 0); if (decryptedSebData == null) { //wrong password entered in 5th try: stop reading .seb file SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongPassword, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); return(null); } else { // Decrypting with entered password worked: We save it for returning it later if (forEditing) { sebFilePassword = password; } } } } else { //decrypting with hashedAdminPassword worked: we save it for returning as decryption password sebFilePassword = hashedAdminPassword; // identify that password as hash passwordIsHash = true; } /// Decryption worked // Ungzip the .seb (according to specification >= v14) decrypted serialized XML plist data decryptedSebData = GZipByte.Decompress(decryptedSebData); // Check if the openend reconfiguring seb file has the same admin password inside like the current one try { sebPreferencesDict = (DictObj)Plist.readPlist(decryptedSebData); } catch (Exception readPlistException) { // Error when deserializing the decrypted configuration data // We abort reading the new settings here SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedReason, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); Console.WriteLine(readPlistException.Message); return(null); } // Get the admin password set in these settings string sebFileHashedAdminPassword = (string)SEBSettings.valueForDictionaryKey(sebPreferencesDict, SEBSettings.KeyHashedAdminPassword); if (sebFileHashedAdminPassword == null) { sebFileHashedAdminPassword = ""; } // Has the SEB config file the same admin password inside as the current settings have? if (String.Compare(hashedAdminPassword, sebFileHashedAdminPassword, StringComparison.OrdinalIgnoreCase) != 0) { //No: The admin password inside the .seb file wasn't the same as the current one if (forEditing) { // If the file is openend for editing (and not to reconfigure SEB) // we have to ask the user for the admin password inside the file if (!askForPasswordAndCompareToHashedPassword(sebFileHashedAdminPassword, forEditing)) { // If the user didn't enter the right password we abort return(null); } } else { // The file was actually opened for reconfiguring the SEB client: // we have to ask for the current admin password and // allow reconfiguring only if the user enters the right one // We don't check this for the case the current admin password was used to encrypt the new settings // In this case there can be a new admin pw defined in the new settings and users don't need to enter the old one if (passwordIsHash == false && hashedAdminPassword.Length > 0) { // Allow up to 5 attempts for entering current admin password int i = 5; password = null; string hashedPassword; string enterPasswordString = SEBUIStrings.enterCurrentAdminPwdForReconfiguring; bool passwordsMatch; do { i--; // Prompt for password password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, enterPasswordString); // If cancel was pressed, abort if (password == null) { return(null); } if (password.Length == 0) { hashedPassword = ""; } else { hashedPassword = SEBProtectionController.ComputePasswordHash(password); } passwordsMatch = (String.Compare(hashedPassword, hashedAdminPassword, StringComparison.OrdinalIgnoreCase) == 0); // in case we get an error we allow the user to try it again enterPasswordString = SEBUIStrings.enterCurrentAdminPwdForReconfiguringAgain; } while (!passwordsMatch && i > 0); if (!passwordsMatch) { //wrong password entered in 5th try: stop reading .seb file SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongCurrentAdminPwd, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); return(null); } } } } // We need to set the right value for the key sebConfigPurpose to know later where to store the new settings sebPreferencesDict[SEBSettings.KeySebConfigPurpose] = (int)SEBSettings.sebConfigPurposes.sebConfigPurposeConfiguringClient; // Reading preferences was successful! return(sebPreferencesDict); }
/// ---------------------------------------------------------------------------------------- /// <summary> /// Decrypt and deserialize SEB settings /// When forEditing = true, then the decrypting password the user entered and/or /// certificate reference found in the .seb file is returned /// </summary> /// ---------------------------------------------------------------------------------------- public static DictObj DecryptSEBSettings(byte[] sebData, bool forEditing, ref string sebFilePassword, ref bool passwordIsHash, ref X509Certificate2 sebFileCertificateRef) { // Ungzip the .seb (according to specification >= v14) source data byte[] unzippedSebData = GZipByte.Decompress(sebData); // if unzipped data is not null, then unzipping worked, we use unzipped data // if unzipped data is null, then the source data may be an uncompressed .seb file, we proceed with it if (unzippedSebData != null) { sebData = unzippedSebData; } string prefixString; // save the data including the first 4 bytes for the case that it's acutally an unencrypted XML plist byte[] sebDataUnencrypted = sebData.Clone() as byte[]; // Get 4-char prefix prefixString = GetPrefixStringFromData(ref sebData); //// Check prefix identifying encryption modes // Prefix = pkhs ("Public Key Hash") ? if (prefixString.CompareTo(PUBLIC_KEY_HASH_MODE) == 0) { // Decrypt with cryptographic identity/private key sebData = DecryptDataWithPublicKeyHashPrefix(sebData, forEditing, ref sebFileCertificateRef); if (sebData == null) { return(null); } // Get 4-char prefix again // and remaining data without prefix, which is either plain or still encoded with password prefixString = GetPrefixStringFromData(ref sebData); } // Prefix = pswd ("Password") ? if (prefixString.CompareTo(PASSWORD_MODE) == 0) { // Decrypt with password // if the user enters the right one byte[] sebDataDecrypted = null; string password; // Allow up to 5 attempts for entering decoding password string enterPasswordString = SEBUIStrings.enterPassword; int i = 5; do { i--; // Prompt for password password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.loadingSettings, enterPasswordString); if (password == null) { return(null); } //error = nil; sebDataDecrypted = SEBProtectionController.DecryptDataWithPassword(sebData, password); enterPasswordString = SEBUIStrings.enterPasswordAgain; // in case we get an error we allow the user to try it again } while ((sebDataDecrypted == null) && i > 0); if (sebDataDecrypted == null) { //wrong password entered in 5th try: stop reading .seb file SEBMessageBox.Show(SEBUIStrings.decryptingSettingsFailed, SEBUIStrings.decryptingSettingsFailedReason, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); return(null); } sebData = sebDataDecrypted; // If these settings are being decrypted for editing, we return the decryption password if (forEditing) { sebFilePassword = password; } } else { // Prefix = pwcc ("Password Configuring Client") ? if (prefixString.CompareTo(PASSWORD_CONFIGURING_CLIENT_MODE) == 0) { // Decrypt with password and configure local client settings // and quit afterwards, returning if reading the .seb file was successfull DictObj sebSettings = DecryptDataWithPasswordForConfiguringClient(sebData, forEditing, ref sebFilePassword, ref passwordIsHash); return(sebSettings); } else { // Prefix = plnd ("Plain Data") ? if (prefixString.CompareTo(PLAIN_DATA_MODE) != 0) { // No valid 4-char prefix was found in the .seb file // Check if .seb file is unencrypted if (prefixString.CompareTo(UNENCRYPTED_MODE) == 0) { // .seb file seems to be an unencrypted XML plist // get the original data including the first 4 bytes sebData = sebDataUnencrypted; } else { // No valid prefix and no unencrypted file with valid header // cancel reading .seb file SEBMessageBox.Show(SEBUIStrings.settingsNotUsable, SEBUIStrings.settingsNotUsableReason, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); return(null); } } } } // If we don't deal with an unencrypted seb file // ungzip the .seb (according to specification >= v14) decrypted serialized XML plist data if (prefixString.CompareTo(UNENCRYPTED_MODE) != 0) { sebData = GZipByte.Decompress(sebData); } // Get preferences dictionary from decrypted data DictObj sebPreferencesDict = GetPreferencesDictFromConfigData(sebData, forEditing); // If we didn't get a preferences dict back, we abort reading settings if (sebPreferencesDict == null) { return(null); } // We need to set the right value for the key sebConfigPurpose to know later where to store the new settings sebPreferencesDict[SEBSettings.KeySebConfigPurpose] = (int)SEBSettings.sebConfigPurposes.sebConfigPurposeStartingExam; // Reading preferences was successful! return(sebPreferencesDict); }
/// <summary> /// JSON Serialization of Settings Dictionary /// </summary> public static string XULRunnerConfigDictionarySerialize(Dictionary <string, object> xulRunnerSettings) { // Add current Browser Exam Key if ((bool)xulRunnerSettings[SEBSettings.KeySendBrowserExamKey]) { string browserExamKey = SEBProtectionController.ComputeBrowserExamKey(); xulRunnerSettings[SEBSettings.KeyBrowserExamKey] = browserExamKey; xulRunnerSettings[SEBSettings.KeyBrowserURLSalt] = true; } //If necessary replace the starturl with the path to the startResource xulRunnerSettings[SEBSettings.KeyStartURL] = GetStartupPathOrUrl(); // Eventually update setting if ((Boolean)SEBSettings.settingsCurrent[SEBSettings.KeyRestartExamUseStartURL] == true) { xulRunnerSettings[SEBSettings.KeyRestartExamURL] = xulRunnerSettings[SEBSettings.KeyStartURL]; } // Check if URL filter is enabled and send according keys to XULRunner seb only if it is if ((bool)xulRunnerSettings[SEBSettings.KeyURLFilterEnable] == false) { xulRunnerSettings[SEBSettings.KeyUrlFilterBlacklist] = ""; xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist] = ""; } else { //Add the socket address if (!String.IsNullOrWhiteSpace(xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist].ToString())) { xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist] += @";"; } //Add the Socket address with http protocoll instead of ws protocoll for the injected iframe xulRunnerSettings[SEBSettings.KeyUrlFilterWhitelist] += String.Format("http://{0}", SEBXULRunnerWebSocketServer.ServerAddress.Substring(5)); } // Add websocket sever address to XULRunner seb settings xulRunnerSettings[SEBSettings.KeyBrowserMessagingSocket] = SEBXULRunnerWebSocketServer.ServerAddress; xulRunnerSettings[SEBSettings.KeyBrowserMessagingSocketEnabled] = true; Logger.AddInformation("Socket: " + xulRunnerSettings[SEBSettings.KeyBrowserMessagingSocket].ToString(), null, null); // Expand environment variables in paths which XULRunner seb is processing string downloadDirectoryWin = (string)xulRunnerSettings[SEBSettings.KeyDownloadDirectoryWin]; downloadDirectoryWin = Environment.ExpandEnvironmentVariables(downloadDirectoryWin); //downloadDirectoryWin = downloadDirectoryWin.Replace(@"\", @"\\"); xulRunnerSettings[SEBSettings.KeyDownloadDirectoryWin] = downloadDirectoryWin; if ((bool)xulRunnerSettings[SEBSettings.KeyTouchOptimized] == true) { // Switch off XULRunner seb reload warnings xulRunnerSettings[SEBSettings.KeyShowReloadWarning] = false; xulRunnerSettings[SEBSettings.KeyNewBrowserWindowShowReloadWarning] = false; // Set correct taskbar height according to display dpi xulRunnerSettings[SEBSettings.KeyTaskBarHeight] = (int)Math.Round((int)xulRunnerSettings[SEBSettings.KeyTaskBarHeight] * 1.7); } // Add proper browser user agent string to XULRunner seb settings xulRunnerSettings[SEBSettings.KeyBrowserUserAgent] = SEBClientInfo.BROWSER_USERAGENT_SEB + "/" + Application.ProductVersion + (String.IsNullOrEmpty((String)xulRunnerSettings[SEBSettings.KeyBrowserUserAgent]) ? "" : " " + xulRunnerSettings[SEBSettings.KeyBrowserUserAgent]); //Logger.AddInformation("Useragent String generated in SEBXulRunnerSettings: " + SEBClientInfo.BROWSER_USERAGENT_SEB + "/" + Application.ProductVersion + // (String.IsNullOrEmpty((String)xulRunnerSettings[SEBSettings.KeyBrowserUserAgent]) ? "" : " " + xulRunnerSettings[SEBSettings.KeyBrowserUserAgent])); // Set onscreen keyboard settings flag when touch optimized is enabled xulRunnerSettings[SEBSettings.KeyBrowserScreenKeyboard] = (bool)xulRunnerSettings[SEBSettings.KeyTouchOptimized]; //Remove all AdditionalResourceData from settings RecursivelyRemoveAdditionalResourceData((ListObj)xulRunnerSettings[SEBSettings.KeyAdditionalResources]); // The additional dictionary data is being extracted by the .NET-part, the browser only expects a path to the respective folder xulRunnerSettings.Remove(SEBSettings.KeyAdditionalDictionaries); xulRunnerSettings.Remove(SEBSettings.KeyPermittedProcesses); xulRunnerSettings.Remove(SEBSettings.KeyProhibitedProcesses); xulRunnerSettings.Remove(SEBSettings.KeyURLFilterRules); // The installed operating system culture for correct website localization xulRunnerSettings.Add("browserLanguage", System.Globalization.CultureInfo.CurrentCulture.Name); // Serialise JavaScriptSerializer serializer = new JavaScriptSerializer(); string jsonSettings = serializer.Serialize(xulRunnerSettings); // Convert to Base64 String byte[] bytesJson = Encoding.UTF8.GetBytes(jsonSettings); string base64Json = Convert.ToBase64String(bytesJson); //// remove the two chars "==" from the end of the string //string base64Json = base64String.Substring(0, base64String.Length - 2); return(base64Json); }
private void btnOk_Click(object sender, EventArgs e) { if (string.Compare((string)SEBClientInfo.getSebSetting("hashedQuitPassword")["hashedQuitPassword"], SEBProtectionController.ComputePasswordHash(this.txtQuitPassword.Text), StringComparison.OrdinalIgnoreCase) != 0) { this.Hide(); int num = (int)SEBMessageBox.Show(SEBUIStrings.quittingFailed, SEBUIStrings.quittingFailedReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, false); this.txtQuitPassword.Text = ""; this.Visible = false; } else { this.Visible = false; SEBClientInfo.SebWindowsClientForm.ExitApplication(true); } }
public static string XULRunnerConfigDictionarySerialize(Dictionary <string, object> xulRunnerSettings) { if ((bool)xulRunnerSettings["sendBrowserExamKey"]) { string browserExamKey = SEBProtectionController.ComputeBrowserExamKey(); xulRunnerSettings["browserExamKey"] = (object)browserExamKey; xulRunnerSettings["browserURLSalt"] = (object)true; } xulRunnerSettings["startURL"] = (object)SEBXulRunnerSettings.ResolveResourceUrl((string)xulRunnerSettings["startURL"]); SEBXulRunnerSettings.OverwriteSystemProxySettings(xulRunnerSettings); if ((bool)SEBSettings.settingsCurrent["restartExamUseStartURL"]) { xulRunnerSettings["restartExamURL"] = xulRunnerSettings["startURL"]; } if (!(bool)xulRunnerSettings["URLFilterEnable"]) { xulRunnerSettings["blacklistURLFilter"] = (object)""; xulRunnerSettings["whitelistURLFilter"] = (object)""; } else { xulRunnerSettings["urlFilterTrustedContent"] = (object)(bool)xulRunnerSettings["URLFilterEnableContentFilter"]; if (!xulRunnerSettings["whitelistURLFilter"].ToString().Contains(xulRunnerSettings["startURL"].ToString()) && !string.IsNullOrWhiteSpace(xulRunnerSettings["whitelistURLFilter"].ToString())) { Dictionary <string, object> dictionary = xulRunnerSettings; dictionary["whitelistURLFilter"] = (object)(dictionary["whitelistURLFilter"].ToString() + ";"); } Dictionary <string, object> dictionary1 = xulRunnerSettings; dictionary1["whitelistURLFilter"] = (object)(dictionary1["whitelistURLFilter"].ToString() + xulRunnerSettings["startURL"].ToString()); if ((bool)xulRunnerSettings["URLFilterEnableContentFilter"]) { if (!string.IsNullOrWhiteSpace(xulRunnerSettings["whitelistURLFilter"].ToString())) { Dictionary <string, object> dictionary2 = xulRunnerSettings; dictionary2["whitelistURLFilter"] = (object)(dictionary2["whitelistURLFilter"].ToString() + ";"); } Dictionary <string, object> dictionary3 = xulRunnerSettings; dictionary3["whitelistURLFilter"] = (object)(dictionary3["whitelistURLFilter"].ToString() + string.Format("http://{0}", (object)SEBXULRunnerWebSocketServer.ServerAddress.Substring(5))); } } xulRunnerSettings["browserMessagingSocket"] = (object)SEBXULRunnerWebSocketServer.ServerAddress; Logger.AddInformation("Socket: " + xulRunnerSettings["browserMessagingSocket"].ToString(), (object)null, (Exception)null, (string)null); string str = Environment.ExpandEnvironmentVariables((string)xulRunnerSettings["downloadDirectoryWin"]); xulRunnerSettings["downloadDirectoryWin"] = (object)str; if ((bool)xulRunnerSettings["touchOptimized"]) { xulRunnerSettings["showReloadWarning"] = (object)false; xulRunnerSettings["taskBarHeight"] = (object)(int)Math.Round((double)(int)xulRunnerSettings["taskBarHeight"] * 1.7); if ((int)xulRunnerSettings["browserUserAgentWinTouchMode"] == 0) { xulRunnerSettings["browserUserAgent"] = (object)"Mozilla/5.0 (Windows NT 6.3; rv:41.0; Touch) Gecko/20100101 Firefox/41"; } else if ((int)xulRunnerSettings["browserUserAgentWinTouchMode"] == 1) { xulRunnerSettings["browserUserAgent"] = (object)"Mozilla/5.0 (iPad; CPU OS 9_0_2 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13A452 Safari/601.1"; } else if ((int)xulRunnerSettings["browserUserAgentWinTouchMode"] == 2) { xulRunnerSettings["browserUserAgent"] = xulRunnerSettings["browserUserAgentWinTouchModeCustom"]; } } else if ((int)xulRunnerSettings["browserUserAgentWinDesktopMode"] == 0) { OperatingSystem osVersion = Environment.OSVersion; xulRunnerSettings["browserUserAgent"] = (object)string.Format("Mozilla/5.0 (Windows NT {0}.{1}; rv:41.0) Gecko/20100101 Firefox/41", (object)osVersion.Version.Major, (object)osVersion.Version.Minor); } else { xulRunnerSettings["browserUserAgent"] = xulRunnerSettings["browserUserAgentWinDesktopModeCustom"]; } Dictionary <string, object> dictionary4 = xulRunnerSettings; dictionary4["browserUserAgent"] = (object)(dictionary4["browserUserAgent"].ToString() + " SEB " + Application.ProductVersion); xulRunnerSettings["browserScreenKeyboard"] = (object)(bool)xulRunnerSettings["touchOptimized"]; return(Convert.ToBase64String(Encoding.UTF8.GetBytes(new JavaScriptSerializer().Serialize((object)xulRunnerSettings)))); }
private static Dictionary <string, object> DecryptDataWithPasswordForConfiguringClient(byte[] sebData, bool forEditing, ref string sebFilePassword, ref bool passwordIsHash) { passwordIsHash = false; string upper = ((string)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, "hashedAdminPassword") ?? "").ToUpper(); byte[] input1 = SEBProtectionController.DecryptDataWithPassword(sebData, upper); string str1; if (input1 == null) { input1 = SEBProtectionController.DecryptDataWithPassword(sebData, ""); if (input1 == null) { int num1 = 5; str1 = (string)null; string passwordRequestText = SEBUIStrings.enterEncryptionPassword; string input2; do { --num1; input2 = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, passwordRequestText); if (input2 == null) { return((Dictionary <string, object>)null); } string passwordHash = SEBProtectionController.ComputePasswordHash(input2); input1 = SEBProtectionController.DecryptDataWithPassword(sebData, passwordHash); passwordRequestText = SEBUIStrings.enterEncryptionPasswordAgain; }while (input1 == null && num1 > 0); if (input1 == null) { int num2 = (int)SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongPassword, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); return((Dictionary <string, object>)null); } if (forEditing) { sebFilePassword = input2; } } } else { sebFilePassword = upper; passwordIsHash = true; } byte[] data = GZipByte.Decompress(input1); Dictionary <string, object> dictionary; try { dictionary = (Dictionary <string, object>)Plist.readPlist(data); } catch (Exception ex) { int num = (int)SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); Console.WriteLine(ex.Message); return((Dictionary <string, object>)null); } string str2 = (string)SEBSettings.valueForDictionaryKey(dictionary, "hashedAdminPassword") ?? ""; if (string.Compare(upper, str2, StringComparison.OrdinalIgnoreCase) != 0) { if (forEditing) { if (!SEBConfigFileManager.askForPasswordAndCompareToHashedPassword(str2, forEditing)) { return((Dictionary <string, object>)null); } } else if (!passwordIsHash && upper.Length > 0) { int num1 = 5; str1 = (string)null; string passwordRequestText = SEBUIStrings.enterCurrentAdminPwdForReconfiguring; bool flag; do { --num1; string input2 = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, passwordRequestText); if (input2 == null) { return((Dictionary <string, object>)null); } flag = string.Compare(input2.Length != 0 ? SEBProtectionController.ComputePasswordHash(input2) : "", upper, StringComparison.OrdinalIgnoreCase) == 0; passwordRequestText = SEBUIStrings.enterCurrentAdminPwdForReconfiguringAgain; }while (!flag && num1 > 0); if (!flag) { int num2 = (int)SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongCurrentAdminPwd, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); return((Dictionary <string, object>)null); } } } dictionary["sebConfigPurpose"] = (object)1; return(dictionary); }
public static Dictionary <string, object> DecryptSEBSettings(byte[] sebData, bool forEditing, ref string sebFilePassword, ref bool passwordIsHash, ref X509Certificate2 sebFileCertificateRef) { byte[] numArray1 = GZipByte.Decompress(sebData); if (numArray1 != null) { sebData = numArray1; } byte[] numArray2 = sebData.Clone() as byte[]; string prefixStringFromData = SEBConfigFileManager.GetPrefixStringFromData(ref sebData); if (prefixStringFromData.CompareTo("pkhs") == 0) { sebData = SEBConfigFileManager.DecryptDataWithPublicKeyHashPrefix(sebData, forEditing, ref sebFileCertificateRef); if (sebData == null) { return((Dictionary <string, object>)null); } prefixStringFromData = SEBConfigFileManager.GetPrefixStringFromData(ref sebData); } if (prefixStringFromData.CompareTo("pswd") == 0) { string passwordRequestText = SEBUIStrings.enterPassword; int num1 = 5; string passphrase; byte[] numArray3; do { --num1; passphrase = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.loadingSettings, passwordRequestText); if (passphrase == null) { return((Dictionary <string, object>)null); } numArray3 = SEBProtectionController.DecryptDataWithPassword(sebData, passphrase); passwordRequestText = SEBUIStrings.enterPasswordAgain; }while (numArray3 == null && num1 > 0); if (numArray3 == null) { int num2 = (int)SEBMessageBox.Show(SEBUIStrings.decryptingSettingsFailed, SEBUIStrings.decryptingSettingsFailedReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); return((Dictionary <string, object>)null); } sebData = numArray3; if (forEditing) { sebFilePassword = passphrase; } } else { if (prefixStringFromData.CompareTo("pwcc") == 0) { return(SEBConfigFileManager.DecryptDataWithPasswordForConfiguringClient(sebData, forEditing, ref sebFilePassword, ref passwordIsHash)); } if (prefixStringFromData.CompareTo("plnd") != 0) { if (prefixStringFromData.CompareTo("<?xm") == 0) { sebData = numArray2; } else { int num = (int)SEBMessageBox.Show(SEBUIStrings.settingsNotUsable, SEBUIStrings.settingsNotUsableReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); return((Dictionary <string, object>)null); } } } if (prefixStringFromData.CompareTo("<?xm") != 0) { sebData = GZipByte.Decompress(sebData); } Dictionary <string, object> dictFromConfigData = SEBConfigFileManager.GetPreferencesDictFromConfigData(sebData, forEditing); if (dictFromConfigData == null) { return((Dictionary <string, object>)null); } dictFromConfigData["sebConfigPurpose"] = (object)0; return(dictFromConfigData); }