Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Browser Exam Key does not change #7

Closed
diegoara96 opened this issue May 11, 2020 · 5 comments
Closed

Browser Exam Key does not change #7

diegoara96 opened this issue May 11, 2020 · 5 comments
Assignees
@dbuechel
Projects
SEB 3.0.0
Milestone
3.0.0

Comments

@diegoara96
Copy link
Contributor

Problem: When I send a .seb from one computer to another with 2 different versions of the Safe Exam Browser the key does not change.

Environment:
PC1: last github version of SEB and self-signed code
PC2: virtual machine with altered and unsigned code (the code always return false in IsVirtualMachine()

Steps to reproduce it:

  1. Compile and self-sign the code in PC1
  2. Use SEB Configuration Tool, configure it, save the .seb and copy the Browser Exam Key,
    copy the .seb to PC2 and click in .seb
  3. Now the SEB will send the same Browser Exam Key

Supposedly PC1 and PC2 should send 2 different keys since they have different code. Is this correct?
can be a problem of self-signed ?

Thanks
@dbuechel dbuechel self-assigned this May 12, 2020
@dbuechel dbuechel added this to To do in SEB 3.0.0 May 12, 2020
@dbuechel dbuechel added this to the 3.0.0 milestone May 12, 2020
@dbuechel
Copy link
Member

I have not tried it with a self-signed certificate. Could you please debug the relevant code or print some log messages of the individual components of the key calculation? You should find the reason for the behavior you're observing pretty swiftly.

The best place to do so is probably here: https://github.com/SafeExamBrowser/seb-win-refactoring/blob/master/SafeExamBrowser.Browser/Handlers/ResourceHandler.cs#L127

@diegoara96
Copy link
Contributor Author

diegoara96 commented May 12, 2020
edited
Loading 

2020-05-12 12:31:56.271 [20] - DEBUG: [RequestHandler #1] Browser Exam Key = 0dcee4843d53237456763bfffe9e8a58c1d256bd0fd881dfe5f749ea4a0f035e
2020-05-12 12:31:56.272 [20] - DEBUG: [RequestHandler #1] appConfig.CodeSignatureHash = 
2020-05-12 12:31:56.273 [20] - DEBUG: [RequestHandler #1] appConfig.ProgramBuildVersio = 1.0.0.0
2020-05-12 12:31:56.273 [20] - DEBUG: [RequestHandler #1] settings.ConfigurationKey = 1ba3329f2f7aec7ec289b1b7bd1fda0e87d02e18c2d82b25d953b2b97000435c

appconfig.CodeSignatureHash is empy and im signing the code

@dbuechel
Copy link
Member

Ah, yes. That makes perfect sense, given how the signature is retrieved: https://github.com/SafeExamBrowser/seb-win-refactoring/blob/master/SafeExamBrowser.Configuration/ConfigurationData/DataValues.cs#L59

The documentation even states that only Authenticode signatures will return a signer certificate: https://docs.microsoft.com/en-us/dotnet/api/system.reflection.module.getsignercertificate?view=netframework-4.8

@diegoara96
Copy link
Contributor Author

Okay, that makes sense.It was a problem with my certificate. I'll change it now.Thanks

@dbuechel
Copy link
Member

Great!

@dbuechel dbuechel moved this from To do to Done in SEB 3.0.0 May 12, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dbuechel dbuechel

Labels
None yet
Projects
No open projects
SEB 3.0.0
  
Done
Milestone
3.0.0
Development

No branches or pull requests
2 participants
@dbuechel @diegoara96