/// ---------------------------------------------------------------------------------------- /// <summary> /// Encrypt preferences using a password /// </summary> /// ---------------------------------------------------------------------------------------- // Encrypt preferences using a password public static byte[] EncryptDataUsingPassword(byte[] data, string password, bool passwordIsHash, SEBSettings.sebConfigPurposes configPurpose) { string prefixString; // Check if .seb file should start exam or configure client if (configPurpose == SEBSettings.sebConfigPurposes.sebConfigPurposeStartingExam) { // prefix string for starting exam: normal password will be prompted prefixString = PASSWORD_MODE; } else { // prefix string for configuring client: configuring password will either be hashed admin pw on client // or if no admin pw on client set: empty pw prefixString = PASSWORD_CONFIGURING_CLIENT_MODE; if (!String.IsNullOrEmpty(password) && !passwordIsHash) { //empty password means no admin pw on clients and should not be hashed //or we got already a hashed admin pw as settings pw, then we don't hash again password = SEBProtectionController.ComputePasswordHash(password); } } byte[] encryptedData = SEBProtectionController.EncryptDataWithPassword(data, password); // Create byte array large enough to hold prefix and data byte[] encryptedSebData = new byte[encryptedData.Length + PREFIX_LENGTH]; Buffer.BlockCopy(Encoding.UTF8.GetBytes(prefixString), 0, encryptedSebData, 0, PREFIX_LENGTH); Buffer.BlockCopy(encryptedData, 0, encryptedSebData, PREFIX_LENGTH, encryptedData.Length); return(encryptedSebData); }
private static bool askForPasswordAndCompareToHashedPassword(string sebFileHashedAdminPassword, bool forEditing) { if (sebFileHashedAdminPassword.Length == 0) { return(true); } int num1 = 5; string passwordRequestText = SEBUIStrings.enterAdminPasswordRequired; string input; bool flag; do { --num1; input = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.loadingSettings + (string.IsNullOrEmpty(SEBClientInfo.LoadingSettingsFileName) ? "" : ": " + SEBClientInfo.LoadingSettingsFileName), passwordRequestText); if (input == null) { return(false); } flag = string.Compare(input.Length != 0 ? SEBProtectionController.ComputePasswordHash(input) : "", sebFileHashedAdminPassword, StringComparison.OrdinalIgnoreCase) == 0; passwordRequestText = SEBUIStrings.enterAdminPasswordRequiredAgain; }while ((input == null || !flag) && num1 > 0); if (flag) { return(flag); } int num2 = (int)SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedWrongAdminPwd, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); return(false); }
/// ---------------------------------------------------------------------------------------- /// <summary> /// Ask user to enter password and compare it to the passed (hashed) password string /// Returns true if correct password was entered /// </summary> /// ---------------------------------------------------------------------------------------- private static bool askForPasswordAndCompareToHashedPassword(string sebFileHashedAdminPassword, bool forEditing) { // Check if there wasn't a hashed password (= empty password) if (sebFileHashedAdminPassword.Length == 0) { return(true); } // We have to ask for the SEB administrator password used in the settings // and allow opening settings only if the user enters the right one // Allow up to 5 attempts for entering admin password int i = 5; string password = null; string hashedPassword; string enterPasswordString = SEBUIStrings.enterAdminPasswordRequired; bool passwordsMatch; do { i--; // Prompt for password password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.loadingSettings + (String.IsNullOrEmpty(SEBClientInfo.LoadingSettingsFileName) ? "" : ": " + SEBClientInfo.LoadingSettingsFileName), enterPasswordString); // If cancel was pressed, abort if (password == null) { return(false); } if (password.Length == 0) { hashedPassword = ""; } else { hashedPassword = SEBProtectionController.ComputePasswordHash(password); } passwordsMatch = (String.Compare(hashedPassword, sebFileHashedAdminPassword, StringComparison.OrdinalIgnoreCase) == 0); // in case we get an error we allow the user to try it again enterPasswordString = SEBUIStrings.enterAdminPasswordRequiredAgain; } while ((password == null || !passwordsMatch) && i > 0); if (!passwordsMatch) { //wrong password entered in 5th try: stop reading .seb file SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedWrongAdminPwd, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); return(false); } // Right password entered return(passwordsMatch); }
protected override void OnClick(EventArgs e) { string restartExamTitle = (String)SEBClientInfo.getSebSetting(SEBSettings.KeyRestartExamText)[SEBSettings.KeyRestartExamText]; // If there was no individual restart exam text set, we use the default text (which is localized) if (String.IsNullOrEmpty(restartExamTitle)) { restartExamTitle = SEBUIStrings.restartExamDefaultTitle; } string quitPassword = (String)SEBClientInfo.getSebSetting(SEBSettings.KeyHashedQuitPassword)[SEBSettings.KeyHashedQuitPassword]; if ((Boolean)SEBClientInfo.getSebSetting(SEBSettings.KeyRestartExamPasswordProtected)[SEBSettings.KeyRestartExamPasswordProtected] && !String.IsNullOrWhiteSpace(quitPassword)) { var password = SebPasswordDialogForm.ShowPasswordDialogForm(restartExamTitle, SEBUIStrings.restartExamEnterPassword); //cancel button has been clicked if (password == null) { return; } var hashedPassword = SEBProtectionController.ComputePasswordHash(password); if (String.IsNullOrWhiteSpace(password) || String.Compare(quitPassword, hashedPassword, StringComparison.OrdinalIgnoreCase) != 0) { SEBMessageBox.Show(restartExamTitle, SEBUIStrings.wrongQuitRestartPasswordText, MessageBoxIcon.Error, MessageBoxButtons.OK); return; } else { SEBXULRunnerWebSocketServer.SendRestartExam(); return; } } if (SEBMessageBox.Show(restartExamTitle, SEBUIStrings.restartExamConfirm, MessageBoxIcon.Question, MessageBoxButtons.YesNo) == DialogResult.Yes) { SEBXULRunnerWebSocketServer.SendRestartExam(); } }
private void btnOk_Click(object sender, EventArgs e) { string userQuitPassword = this.txtQuitPassword.Text; string hPassword = SEBProtectionController.ComputePasswordHash(userQuitPassword); string settingsPasswordHash = (string)SEBClientInfo.getSebSetting(SEBSettings.KeyHashedQuitPassword)[SEBSettings.KeyHashedQuitPassword]; int quit = String.Compare(settingsPasswordHash, hPassword, StringComparison.OrdinalIgnoreCase); if (quit != 0) { this.Hide(); SEBMessageBox.Show(SEBUIStrings.quittingFailed, SEBUIStrings.quittingFailedReason, MessageBoxIcon.Error, MessageBoxButtons.OK); this.txtQuitPassword.Text = ""; this.Visible = false; } else { this.Visible = false; SEBClientInfo.SebWindowsClientForm.ExitApplication(); } }
public static byte[] EncryptDataUsingPassword(byte[] data, string password, bool passwordIsHash, SEBSettings.sebConfigPurposes configPurpose) { string s; if (configPurpose == SEBSettings.sebConfigPurposes.sebConfigPurposeStartingExam) { s = "pswd"; } else { s = "pwcc"; if (!string.IsNullOrEmpty(password) && !passwordIsHash) { password = SEBProtectionController.ComputePasswordHash(password); } } byte[] numArray1 = SEBProtectionController.EncryptDataWithPassword(data, password); byte[] numArray2 = new byte[numArray1.Length + 4]; Buffer.BlockCopy((Array)Encoding.UTF8.GetBytes(s), 0, (Array)numArray2, 0, 4); Buffer.BlockCopy((Array)numArray1, 0, (Array)numArray2, 4, numArray1.Length); return(numArray2); }
private void ShowPasswordDialog(string processName, string quitPassword) { var password = SebPasswordDialogForm.ShowPasswordDialogForm(SEBUIStrings.prohibitedProcessDetectedTitle, SEBUIStrings.prohibitedProcessDetectedQuitPassword + processName); //cancel button has been clicked if (password == null) { ShowPasswordDialog(processName, quitPassword); } var hashedPassword = SEBProtectionController.ComputePasswordHash(password); if (String.IsNullOrWhiteSpace(password) || String.Compare(quitPassword, hashedPassword, StringComparison.OrdinalIgnoreCase) != 0) { return; } else { ShowPasswordDialog(processName, quitPassword); } }
protected override void OnClick(EventArgs e) { string examDefaultTitle = (string)SEBClientInfo.getSebSetting("restartExamText")["restartExamText"]; if (string.IsNullOrEmpty(examDefaultTitle)) { examDefaultTitle = SEBUIStrings.restartExamDefaultTitle; } string strA = (string)SEBClientInfo.getSebSetting("hashedQuitPassword")["hashedQuitPassword"]; if ((bool)SEBClientInfo.getSebSetting("restartExamPasswordProtected")["restartExamPasswordProtected"] && !string.IsNullOrWhiteSpace(strA)) { string input = SebPasswordDialogForm.ShowPasswordDialogForm(examDefaultTitle, SEBUIStrings.restartExamEnterPassword); if (input == null) { return; } string passwordHash = SEBProtectionController.ComputePasswordHash(input); if (string.IsNullOrWhiteSpace(input) || string.Compare(strA, passwordHash, StringComparison.OrdinalIgnoreCase) != 0) { int num = (int)SEBMessageBox.Show(examDefaultTitle, SEBUIStrings.wrongQuitRestartPasswordText, MessageBoxIcon.Hand, MessageBoxButtons.OK, false); } else { SEBXULRunnerWebSocketServer.SendRestartExam(); } } else { if (SEBMessageBox.Show(examDefaultTitle, SEBUIStrings.restartExamConfirm, MessageBoxIcon.Question, MessageBoxButtons.YesNo, false) != DialogResult.Yes) { return; } SEBXULRunnerWebSocketServer.SendRestartExam(); } }
/// ---------------------------------------------------------------------------------------- /// <summary> /// Helper method which decrypts the byte array using an empty password, /// or the administrator password currently set in SEB /// or asks for the password used for encrypting this SEB file /// for configuring the client /// </summary> /// ---------------------------------------------------------------------------------------- private static DictObj DecryptDataWithPasswordForConfiguringClient(byte[] sebData, bool forEditing, ref string sebFilePassword, ref bool passwordIsHash) { passwordIsHash = false; string password; // First try to decrypt with the current admin password // get admin password hash string hashedAdminPassword = (string)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, SEBSettings.KeyHashedAdminPassword); if (hashedAdminPassword == null) { hashedAdminPassword = ""; } // We use always uppercase letters in the base16 hashed admin password used for encrypting hashedAdminPassword = hashedAdminPassword.ToUpper(); DictObj sebPreferencesDict = null; byte[] decryptedSebData = SEBProtectionController.DecryptDataWithPassword(sebData, hashedAdminPassword); if (decryptedSebData == null) { // If decryption with admin password didn't work, try it with an empty password decryptedSebData = SEBProtectionController.DecryptDataWithPassword(sebData, ""); if (decryptedSebData == null) { // If decryption with empty and admin password didn't work, ask for the password the .seb file was encrypted with // Allow up to 5 attempts for entering decoding password int i = 5; password = null; string enterPasswordString = SEBUIStrings.enterEncryptionPassword; do { i--; // Prompt for password password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, enterPasswordString); // If cancel was pressed, abort if (password == null) { return(null); } string hashedPassword = SEBProtectionController.ComputePasswordHash(password); // we try to decrypt with the hashed password decryptedSebData = SEBProtectionController.DecryptDataWithPassword(sebData, hashedPassword); // in case we get an error we allow the user to try it again enterPasswordString = SEBUIStrings.enterEncryptionPasswordAgain; } while (decryptedSebData == null && i > 0); if (decryptedSebData == null) { //wrong password entered in 5th try: stop reading .seb file SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongPassword, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); return(null); } else { // Decrypting with entered password worked: We save it for returning it later if (forEditing) { sebFilePassword = password; } } } } else { //decrypting with hashedAdminPassword worked: we save it for returning as decryption password sebFilePassword = hashedAdminPassword; // identify that password as hash passwordIsHash = true; } /// Decryption worked // Ungzip the .seb (according to specification >= v14) decrypted serialized XML plist data decryptedSebData = GZipByte.Decompress(decryptedSebData); // Check if the openend reconfiguring seb file has the same admin password inside like the current one try { sebPreferencesDict = (DictObj)Plist.readPlist(decryptedSebData); } catch (Exception readPlistException) { // Error when deserializing the decrypted configuration data // We abort reading the new settings here SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedReason, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); Console.WriteLine(readPlistException.Message); return(null); } // Get the admin password set in these settings string sebFileHashedAdminPassword = (string)SEBSettings.valueForDictionaryKey(sebPreferencesDict, SEBSettings.KeyHashedAdminPassword); if (sebFileHashedAdminPassword == null) { sebFileHashedAdminPassword = ""; } // Has the SEB config file the same admin password inside as the current settings have? if (String.Compare(hashedAdminPassword, sebFileHashedAdminPassword, StringComparison.OrdinalIgnoreCase) != 0) { //No: The admin password inside the .seb file wasn't the same as the current one if (forEditing) { // If the file is openend for editing (and not to reconfigure SEB) // we have to ask the user for the admin password inside the file if (!askForPasswordAndCompareToHashedPassword(sebFileHashedAdminPassword, forEditing)) { // If the user didn't enter the right password we abort return(null); } } else { // The file was actually opened for reconfiguring the SEB client: // we have to ask for the current admin password and // allow reconfiguring only if the user enters the right one // We don't check this for the case the current admin password was used to encrypt the new settings // In this case there can be a new admin pw defined in the new settings and users don't need to enter the old one if (passwordIsHash == false && hashedAdminPassword.Length > 0) { // Allow up to 5 attempts for entering current admin password int i = 5; password = null; string hashedPassword; string enterPasswordString = SEBUIStrings.enterCurrentAdminPwdForReconfiguring; bool passwordsMatch; do { i--; // Prompt for password password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, enterPasswordString); // If cancel was pressed, abort if (password == null) { return(null); } if (password.Length == 0) { hashedPassword = ""; } else { hashedPassword = SEBProtectionController.ComputePasswordHash(password); } passwordsMatch = (String.Compare(hashedPassword, hashedAdminPassword, StringComparison.OrdinalIgnoreCase) == 0); // in case we get an error we allow the user to try it again enterPasswordString = SEBUIStrings.enterCurrentAdminPwdForReconfiguringAgain; } while (!passwordsMatch && i > 0); if (!passwordsMatch) { //wrong password entered in 5th try: stop reading .seb file SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongCurrentAdminPwd, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing); return(null); } } } } // We need to set the right value for the key sebConfigPurpose to know later where to store the new settings sebPreferencesDict[SEBSettings.KeySebConfigPurpose] = (int)SEBSettings.sebConfigPurposes.sebConfigPurposeConfiguringClient; // Reading preferences was successful! return(sebPreferencesDict); }
private static Dictionary <string, object> DecryptDataWithPasswordForConfiguringClient(byte[] sebData, bool forEditing, ref string sebFilePassword, ref bool passwordIsHash) { passwordIsHash = false; string upper = ((string)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, "hashedAdminPassword") ?? "").ToUpper(); byte[] input1 = SEBProtectionController.DecryptDataWithPassword(sebData, upper); string str1; if (input1 == null) { input1 = SEBProtectionController.DecryptDataWithPassword(sebData, ""); if (input1 == null) { int num1 = 5; str1 = (string)null; string passwordRequestText = SEBUIStrings.enterEncryptionPassword; string input2; do { --num1; input2 = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, passwordRequestText); if (input2 == null) { return((Dictionary <string, object>)null); } string passwordHash = SEBProtectionController.ComputePasswordHash(input2); input1 = SEBProtectionController.DecryptDataWithPassword(sebData, passwordHash); passwordRequestText = SEBUIStrings.enterEncryptionPasswordAgain; }while (input1 == null && num1 > 0); if (input1 == null) { int num2 = (int)SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongPassword, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); return((Dictionary <string, object>)null); } if (forEditing) { sebFilePassword = input2; } } } else { sebFilePassword = upper; passwordIsHash = true; } byte[] data = GZipByte.Decompress(input1); Dictionary <string, object> dictionary; try { dictionary = (Dictionary <string, object>)Plist.readPlist(data); } catch (Exception ex) { int num = (int)SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); Console.WriteLine(ex.Message); return((Dictionary <string, object>)null); } string str2 = (string)SEBSettings.valueForDictionaryKey(dictionary, "hashedAdminPassword") ?? ""; if (string.Compare(upper, str2, StringComparison.OrdinalIgnoreCase) != 0) { if (forEditing) { if (!SEBConfigFileManager.askForPasswordAndCompareToHashedPassword(str2, forEditing)) { return((Dictionary <string, object>)null); } } else if (!passwordIsHash && upper.Length > 0) { int num1 = 5; str1 = (string)null; string passwordRequestText = SEBUIStrings.enterCurrentAdminPwdForReconfiguring; bool flag; do { --num1; string input2 = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, passwordRequestText); if (input2 == null) { return((Dictionary <string, object>)null); } flag = string.Compare(input2.Length != 0 ? SEBProtectionController.ComputePasswordHash(input2) : "", upper, StringComparison.OrdinalIgnoreCase) == 0; passwordRequestText = SEBUIStrings.enterCurrentAdminPwdForReconfiguringAgain; }while (!flag && num1 > 0); if (!flag) { int num2 = (int)SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongCurrentAdminPwd, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing); return((Dictionary <string, object>)null); } } } dictionary["sebConfigPurpose"] = (object)1; return(dictionary); }
private void btnOk_Click(object sender, EventArgs e) { if (string.Compare((string)SEBClientInfo.getSebSetting("hashedQuitPassword")["hashedQuitPassword"], SEBProtectionController.ComputePasswordHash(this.txtQuitPassword.Text), StringComparison.OrdinalIgnoreCase) != 0) { this.Hide(); int num = (int)SEBMessageBox.Show(SEBUIStrings.quittingFailed, SEBUIStrings.quittingFailedReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, false); this.txtQuitPassword.Text = ""; this.Visible = false; } else { this.Visible = false; SEBClientInfo.SebWindowsClientForm.ExitApplication(true); } }