/// ----------------------------------------------------------------------------------------
/// <summary>
/// Encrypt preferences using a password
/// </summary>
/// ----------------------------------------------------------------------------------------
// Encrypt preferences using a password
public static byte[] EncryptDataUsingPassword(byte[] data, string password, bool passwordIsHash, SEBSettings.sebConfigPurposes configPurpose)
{
string prefixString;
// Check if .seb file should start exam or configure client
if (configPurpose == SEBSettings.sebConfigPurposes.sebConfigPurposeStartingExam)
{
// prefix string for starting exam: normal password will be prompted
prefixString = PASSWORD_MODE;
}
else
{
// prefix string for configuring client: configuring password will either be hashed admin pw on client
// or if no admin pw on client set: empty pw
prefixString = PASSWORD_CONFIGURING_CLIENT_MODE;
if (!String.IsNullOrEmpty(password) && !passwordIsHash)
{
//empty password means no admin pw on clients and should not be hashed
//or we got already a hashed admin pw as settings pw, then we don't hash again
password = SEBProtectionController.ComputePasswordHash(password);
}
}
byte[] encryptedData = SEBProtectionController.EncryptDataWithPassword(data, password);
// Create byte array large enough to hold prefix and data
byte[] encryptedSebData = new byte[encryptedData.Length + PREFIX_LENGTH];
Buffer.BlockCopy(Encoding.UTF8.GetBytes(prefixString), 0, encryptedSebData, 0, PREFIX_LENGTH);
Buffer.BlockCopy(encryptedData, 0, encryptedSebData, PREFIX_LENGTH, encryptedData.Length);
return(encryptedSebData);
}
private static bool askForPasswordAndCompareToHashedPassword(string sebFileHashedAdminPassword, bool forEditing)
{
if (sebFileHashedAdminPassword.Length == 0)
{
return(true);
}
int num1 = 5;
string passwordRequestText = SEBUIStrings.enterAdminPasswordRequired;
string input;
bool flag;
do
{
--num1;
input = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.loadingSettings + (string.IsNullOrEmpty(SEBClientInfo.LoadingSettingsFileName) ? "" : ": " + SEBClientInfo.LoadingSettingsFileName), passwordRequestText);
if (input == null)
{
return(false);
}
flag = string.Compare(input.Length != 0 ? SEBProtectionController.ComputePasswordHash(input) : "", sebFileHashedAdminPassword, StringComparison.OrdinalIgnoreCase) == 0;
passwordRequestText = SEBUIStrings.enterAdminPasswordRequiredAgain;
}while ((input == null || !flag) && num1 > 0);
if (flag)
{
return(flag);
}
int num2 = (int)SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedWrongAdminPwd, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing);
return(false);
}
/// ----------------------------------------------------------------------------------------
/// <summary>
/// Ask user to enter password and compare it to the passed (hashed) password string
/// Returns true if correct password was entered
/// </summary>
/// ----------------------------------------------------------------------------------------
private static bool askForPasswordAndCompareToHashedPassword(string sebFileHashedAdminPassword, bool forEditing)
{
// Check if there wasn't a hashed password (= empty password)
if (sebFileHashedAdminPassword.Length == 0)
{
return(true);
}
// We have to ask for the SEB administrator password used in the settings
// and allow opening settings only if the user enters the right one
// Allow up to 5 attempts for entering admin password
int i = 5;
string password = null;
string hashedPassword;
string enterPasswordString = SEBUIStrings.enterAdminPasswordRequired;
bool passwordsMatch;
do
{
i--;
// Prompt for password
password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.loadingSettings + (String.IsNullOrEmpty(SEBClientInfo.LoadingSettingsFileName) ? "" : ": " + SEBClientInfo.LoadingSettingsFileName), enterPasswordString);
// If cancel was pressed, abort
if (password == null)
{
return(false);
}
if (password.Length == 0)
{
hashedPassword = "";
}
else
{
hashedPassword = SEBProtectionController.ComputePasswordHash(password);
}
passwordsMatch = (String.Compare(hashedPassword, sebFileHashedAdminPassword, StringComparison.OrdinalIgnoreCase) == 0);
// in case we get an error we allow the user to try it again
enterPasswordString = SEBUIStrings.enterAdminPasswordRequiredAgain;
} while ((password == null || !passwordsMatch) && i > 0);
if (!passwordsMatch)
{
//wrong password entered in 5th try: stop reading .seb file
SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedWrongAdminPwd, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing);
return(false);
}
// Right password entered
return(passwordsMatch);
}
protected override void OnClick(EventArgs e)
{
string restartExamTitle = (String)SEBClientInfo.getSebSetting(SEBSettings.KeyRestartExamText)[SEBSettings.KeyRestartExamText];
// If there was no individual restart exam text set, we use the default text (which is localized)
if (String.IsNullOrEmpty(restartExamTitle))
{
restartExamTitle = SEBUIStrings.restartExamDefaultTitle;
}
string quitPassword = (String)SEBClientInfo.getSebSetting(SEBSettings.KeyHashedQuitPassword)[SEBSettings.KeyHashedQuitPassword];
if ((Boolean)SEBClientInfo.getSebSetting(SEBSettings.KeyRestartExamPasswordProtected)[SEBSettings.KeyRestartExamPasswordProtected] && !String.IsNullOrWhiteSpace(quitPassword))
{
var password = SebPasswordDialogForm.ShowPasswordDialogForm(restartExamTitle, SEBUIStrings.restartExamEnterPassword);
//cancel button has been clicked
if (password == null)
{
return;
}
var hashedPassword = SEBProtectionController.ComputePasswordHash(password);
if (String.IsNullOrWhiteSpace(password) ||
String.Compare(quitPassword, hashedPassword, StringComparison.OrdinalIgnoreCase) != 0)
{
SEBMessageBox.Show(restartExamTitle, SEBUIStrings.wrongQuitRestartPasswordText, MessageBoxIcon.Error, MessageBoxButtons.OK);
return;
}
else
{
SEBXULRunnerWebSocketServer.SendRestartExam();
return;
}
}
if (SEBMessageBox.Show(restartExamTitle, SEBUIStrings.restartExamConfirm, MessageBoxIcon.Question, MessageBoxButtons.YesNo) == DialogResult.Yes)
{
SEBXULRunnerWebSocketServer.SendRestartExam();
}
}
private void btnOk_Click(object sender, EventArgs e)
{
string userQuitPassword = this.txtQuitPassword.Text;
string hPassword = SEBProtectionController.ComputePasswordHash(userQuitPassword);
string settingsPasswordHash = (string)SEBClientInfo.getSebSetting(SEBSettings.KeyHashedQuitPassword)[SEBSettings.KeyHashedQuitPassword];
int quit = String.Compare(settingsPasswordHash, hPassword, StringComparison.OrdinalIgnoreCase);
if (quit != 0)
{
this.Hide();
SEBMessageBox.Show(SEBUIStrings.quittingFailed, SEBUIStrings.quittingFailedReason, MessageBoxIcon.Error, MessageBoxButtons.OK);
this.txtQuitPassword.Text = "";
this.Visible = false;
}
else
{
this.Visible = false;
SEBClientInfo.SebWindowsClientForm.ExitApplication();
}
}
public static byte[] EncryptDataUsingPassword(byte[] data, string password, bool passwordIsHash, SEBSettings.sebConfigPurposes configPurpose)
{
string s;
if (configPurpose == SEBSettings.sebConfigPurposes.sebConfigPurposeStartingExam)
{
s = "pswd";
}
else
{
s = "pwcc";
if (!string.IsNullOrEmpty(password) && !passwordIsHash)
{
password = SEBProtectionController.ComputePasswordHash(password);
}
}
byte[] numArray1 = SEBProtectionController.EncryptDataWithPassword(data, password);
byte[] numArray2 = new byte[numArray1.Length + 4];
Buffer.BlockCopy((Array)Encoding.UTF8.GetBytes(s), 0, (Array)numArray2, 0, 4);
Buffer.BlockCopy((Array)numArray1, 0, (Array)numArray2, 4, numArray1.Length);
return(numArray2);
}
private void ShowPasswordDialog(string processName, string quitPassword)
{
var password = SebPasswordDialogForm.ShowPasswordDialogForm(SEBUIStrings.prohibitedProcessDetectedTitle, SEBUIStrings.prohibitedProcessDetectedQuitPassword + processName);
//cancel button has been clicked
if (password == null)
{
ShowPasswordDialog(processName, quitPassword);
}
var hashedPassword = SEBProtectionController.ComputePasswordHash(password);
if (String.IsNullOrWhiteSpace(password) ||
String.Compare(quitPassword, hashedPassword, StringComparison.OrdinalIgnoreCase) != 0)
{
return;
}
else
{
ShowPasswordDialog(processName, quitPassword);
}
}
protected override void OnClick(EventArgs e)
{
string examDefaultTitle = (string)SEBClientInfo.getSebSetting("restartExamText")["restartExamText"];
if (string.IsNullOrEmpty(examDefaultTitle))
{
examDefaultTitle = SEBUIStrings.restartExamDefaultTitle;
}
string strA = (string)SEBClientInfo.getSebSetting("hashedQuitPassword")["hashedQuitPassword"];
if ((bool)SEBClientInfo.getSebSetting("restartExamPasswordProtected")["restartExamPasswordProtected"] && !string.IsNullOrWhiteSpace(strA))
{
string input = SebPasswordDialogForm.ShowPasswordDialogForm(examDefaultTitle, SEBUIStrings.restartExamEnterPassword);
if (input == null)
{
return;
}
string passwordHash = SEBProtectionController.ComputePasswordHash(input);
if (string.IsNullOrWhiteSpace(input) || string.Compare(strA, passwordHash, StringComparison.OrdinalIgnoreCase) != 0)
{
int num = (int)SEBMessageBox.Show(examDefaultTitle, SEBUIStrings.wrongQuitRestartPasswordText, MessageBoxIcon.Hand, MessageBoxButtons.OK, false);
}
else
{
SEBXULRunnerWebSocketServer.SendRestartExam();
}
}
else
{
if (SEBMessageBox.Show(examDefaultTitle, SEBUIStrings.restartExamConfirm, MessageBoxIcon.Question, MessageBoxButtons.YesNo, false) != DialogResult.Yes)
{
return;
}
SEBXULRunnerWebSocketServer.SendRestartExam();
}
}
/// ----------------------------------------------------------------------------------------
/// <summary>
/// Helper method which decrypts the byte array using an empty password,
/// or the administrator password currently set in SEB
/// or asks for the password used for encrypting this SEB file
/// for configuring the client
/// </summary>
/// ----------------------------------------------------------------------------------------
private static DictObj DecryptDataWithPasswordForConfiguringClient(byte[] sebData, bool forEditing, ref string sebFilePassword, ref bool passwordIsHash)
{
passwordIsHash = false;
string password;
// First try to decrypt with the current admin password
// get admin password hash
string hashedAdminPassword = (string)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, SEBSettings.KeyHashedAdminPassword);
if (hashedAdminPassword == null)
{
hashedAdminPassword = "";
}
// We use always uppercase letters in the base16 hashed admin password used for encrypting
hashedAdminPassword = hashedAdminPassword.ToUpper();
DictObj sebPreferencesDict = null;
byte[] decryptedSebData = SEBProtectionController.DecryptDataWithPassword(sebData, hashedAdminPassword);
if (decryptedSebData == null)
{
// If decryption with admin password didn't work, try it with an empty password
decryptedSebData = SEBProtectionController.DecryptDataWithPassword(sebData, "");
if (decryptedSebData == null)
{
// If decryption with empty and admin password didn't work, ask for the password the .seb file was encrypted with
// Allow up to 5 attempts for entering decoding password
int i = 5;
password = null;
string enterPasswordString = SEBUIStrings.enterEncryptionPassword;
do
{
i--;
// Prompt for password
password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, enterPasswordString);
// If cancel was pressed, abort
if (password == null)
{
return(null);
}
string hashedPassword = SEBProtectionController.ComputePasswordHash(password);
// we try to decrypt with the hashed password
decryptedSebData = SEBProtectionController.DecryptDataWithPassword(sebData, hashedPassword);
// in case we get an error we allow the user to try it again
enterPasswordString = SEBUIStrings.enterEncryptionPasswordAgain;
} while (decryptedSebData == null && i > 0);
if (decryptedSebData == null)
{
//wrong password entered in 5th try: stop reading .seb file
SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongPassword, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing);
return(null);
}
else
{
// Decrypting with entered password worked: We save it for returning it later
if (forEditing)
{
sebFilePassword = password;
}
}
}
}
else
{
//decrypting with hashedAdminPassword worked: we save it for returning as decryption password
sebFilePassword = hashedAdminPassword;
// identify that password as hash
passwordIsHash = true;
}
/// Decryption worked
// Ungzip the .seb (according to specification >= v14) decrypted serialized XML plist data
decryptedSebData = GZipByte.Decompress(decryptedSebData);
// Check if the openend reconfiguring seb file has the same admin password inside like the current one
try
{
sebPreferencesDict = (DictObj)Plist.readPlist(decryptedSebData);
}
catch (Exception readPlistException)
{
// Error when deserializing the decrypted configuration data
// We abort reading the new settings here
SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedReason, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing);
Console.WriteLine(readPlistException.Message);
return(null);
}
// Get the admin password set in these settings
string sebFileHashedAdminPassword = (string)SEBSettings.valueForDictionaryKey(sebPreferencesDict, SEBSettings.KeyHashedAdminPassword);
if (sebFileHashedAdminPassword == null)
{
sebFileHashedAdminPassword = "";
}
// Has the SEB config file the same admin password inside as the current settings have?
if (String.Compare(hashedAdminPassword, sebFileHashedAdminPassword, StringComparison.OrdinalIgnoreCase) != 0)
{
//No: The admin password inside the .seb file wasn't the same as the current one
if (forEditing)
{
// If the file is openend for editing (and not to reconfigure SEB)
// we have to ask the user for the admin password inside the file
if (!askForPasswordAndCompareToHashedPassword(sebFileHashedAdminPassword, forEditing))
{
// If the user didn't enter the right password we abort
return(null);
}
}
else
{
// The file was actually opened for reconfiguring the SEB client:
// we have to ask for the current admin password and
// allow reconfiguring only if the user enters the right one
// We don't check this for the case the current admin password was used to encrypt the new settings
// In this case there can be a new admin pw defined in the new settings and users don't need to enter the old one
if (passwordIsHash == false && hashedAdminPassword.Length > 0)
{
// Allow up to 5 attempts for entering current admin password
int i = 5;
password = null;
string hashedPassword;
string enterPasswordString = SEBUIStrings.enterCurrentAdminPwdForReconfiguring;
bool passwordsMatch;
do
{
i--;
// Prompt for password
password = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, enterPasswordString);
// If cancel was pressed, abort
if (password == null)
{
return(null);
}
if (password.Length == 0)
{
hashedPassword = "";
}
else
{
hashedPassword = SEBProtectionController.ComputePasswordHash(password);
}
passwordsMatch = (String.Compare(hashedPassword, hashedAdminPassword, StringComparison.OrdinalIgnoreCase) == 0);
// in case we get an error we allow the user to try it again
enterPasswordString = SEBUIStrings.enterCurrentAdminPwdForReconfiguringAgain;
} while (!passwordsMatch && i > 0);
if (!passwordsMatch)
{
//wrong password entered in 5th try: stop reading .seb file
SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongCurrentAdminPwd, MessageBoxIcon.Error, MessageBoxButtons.OK, neverShowTouchOptimized: forEditing);
return(null);
}
}
}
}
// We need to set the right value for the key sebConfigPurpose to know later where to store the new settings
sebPreferencesDict[SEBSettings.KeySebConfigPurpose] = (int)SEBSettings.sebConfigPurposes.sebConfigPurposeConfiguringClient;
// Reading preferences was successful!
return(sebPreferencesDict);
}
private static Dictionary <string, object> DecryptDataWithPasswordForConfiguringClient(byte[] sebData, bool forEditing, ref string sebFilePassword, ref bool passwordIsHash)
{
passwordIsHash = false;
string upper = ((string)SEBSettings.valueForDictionaryKey(SEBSettings.settingsCurrent, "hashedAdminPassword") ?? "").ToUpper();
byte[] input1 = SEBProtectionController.DecryptDataWithPassword(sebData, upper);
string str1;
if (input1 == null)
{
input1 = SEBProtectionController.DecryptDataWithPassword(sebData, "");
if (input1 == null)
{
int num1 = 5;
str1 = (string)null;
string passwordRequestText = SEBUIStrings.enterEncryptionPassword;
string input2;
do
{
--num1;
input2 = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, passwordRequestText);
if (input2 == null)
{
return((Dictionary <string, object>)null);
}
string passwordHash = SEBProtectionController.ComputePasswordHash(input2);
input1 = SEBProtectionController.DecryptDataWithPassword(sebData, passwordHash);
passwordRequestText = SEBUIStrings.enterEncryptionPasswordAgain;
}while (input1 == null && num1 > 0);
if (input1 == null)
{
int num2 = (int)SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongPassword, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing);
return((Dictionary <string, object>)null);
}
if (forEditing)
{
sebFilePassword = input2;
}
}
}
else
{
sebFilePassword = upper;
passwordIsHash = true;
}
byte[] data = GZipByte.Decompress(input1);
Dictionary <string, object> dictionary;
try
{
dictionary = (Dictionary <string, object>)Plist.readPlist(data);
}
catch (Exception ex)
{
int num = (int)SEBMessageBox.Show(SEBUIStrings.loadingSettingsFailed, SEBUIStrings.loadingSettingsFailedReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing);
Console.WriteLine(ex.Message);
return((Dictionary <string, object>)null);
}
string str2 = (string)SEBSettings.valueForDictionaryKey(dictionary, "hashedAdminPassword") ?? "";
if (string.Compare(upper, str2, StringComparison.OrdinalIgnoreCase) != 0)
{
if (forEditing)
{
if (!SEBConfigFileManager.askForPasswordAndCompareToHashedPassword(str2, forEditing))
{
return((Dictionary <string, object>)null);
}
}
else if (!passwordIsHash && upper.Length > 0)
{
int num1 = 5;
str1 = (string)null;
string passwordRequestText = SEBUIStrings.enterCurrentAdminPwdForReconfiguring;
bool flag;
do
{
--num1;
string input2 = ThreadedDialog.ShowPasswordDialogForm(SEBUIStrings.reconfiguringLocalSettings, passwordRequestText);
if (input2 == null)
{
return((Dictionary <string, object>)null);
}
flag = string.Compare(input2.Length != 0 ? SEBProtectionController.ComputePasswordHash(input2) : "", upper, StringComparison.OrdinalIgnoreCase) == 0;
passwordRequestText = SEBUIStrings.enterCurrentAdminPwdForReconfiguringAgain;
}while (!flag && num1 > 0);
if (!flag)
{
int num2 = (int)SEBMessageBox.Show(SEBUIStrings.reconfiguringLocalSettingsFailed, SEBUIStrings.reconfiguringLocalSettingsFailedWrongCurrentAdminPwd, MessageBoxIcon.Hand, MessageBoxButtons.OK, forEditing);
return((Dictionary <string, object>)null);
}
}
}
dictionary["sebConfigPurpose"] = (object)1;
return(dictionary);
}
private void btnOk_Click(object sender, EventArgs e)
{
if (string.Compare((string)SEBClientInfo.getSebSetting("hashedQuitPassword")["hashedQuitPassword"], SEBProtectionController.ComputePasswordHash(this.txtQuitPassword.Text), StringComparison.OrdinalIgnoreCase) != 0)
{
this.Hide();
int num = (int)SEBMessageBox.Show(SEBUIStrings.quittingFailed, SEBUIStrings.quittingFailedReason, MessageBoxIcon.Hand, MessageBoxButtons.OK, false);
this.txtQuitPassword.Text = "";
this.Visible = false;
}
else
{
this.Visible = false;
SEBClientInfo.SebWindowsClientForm.ExitApplication(true);
}
}