Restore SEBPatch

SafeExamBrowser.Monitoring/System/Components/Cursors.cs

@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using System;
+using System.Linq;
+using System.Threading.Tasks;
+using SafeExamBrowser.Logging.Contracts;
+using SafeExamBrowser.Monitoring.Contracts.System.Events;
+using SafeExamBrowser.SystemComponents.Contracts.Registry;
+
+namespace SafeExamBrowser.Monitoring.System.Components
+{
+	internal class Cursors
+	{
+		private static readonly string SYSTEM_PATH = $@"{Environment.ExpandEnvironmentVariables("%SystemRoot%")}\Cursors\";
+		private static readonly string USER_PATH = $@"{Environment.ExpandEnvironmentVariables("%LocalAppData%")}\Microsoft\Windows\Cursors\";
+
+		private readonly ILogger logger;
+		private readonly IRegistry registry;
+
+		internal event SentinelEventHandler CursorChanged;
+
+		internal Cursors(ILogger logger, IRegistry registry)
+		{
+			this.logger = logger;
+			this.registry = registry;
+		}
+
+		internal void StartMonitoring()
+		{
+			registry.ValueChanged += Registry_ValueChanged;
+			logger.Info("Started monitoring cursors.");
+		}
+
+		internal void StopMonitoring()
+		{
+			registry.ValueChanged -= Registry_ValueChanged;
+			logger.Info("Stopped monitoring cursors.");
+		}
+
+		internal bool Verify()
+		{
+			logger.Info($"Starting cursor verification...");
+			logger.Info("Cursor configuration successfully verified.");
+
+			var success = true;
+			return success;
+		}
+
+		private void Registry_ValueChanged(string key, string name, object oldValue, object newValue)
+		{
+			
+		}
+
+		private void HandleCursorChange(string key, string name, object oldValue, object newValue)
+		{
+			var args = new SentinelEventArgs();
+
+			logger.Warn($@"The cursor registry value '{key}\{name}' has changed from '{oldValue}' to '{newValue}'!");
+
+			Task.Run(() => CursorChanged?.Invoke(args)).ContinueWith((_) =>
+			{
+				if (args.Allow)
+				{
+					registry.StopMonitoring(key, name);
+				}
+			});
+		}
+
+		private bool VerifyCursor(string cursor)
+		{
+			var success = true;
+
+			success &= registry.TryRead(RegistryValue.UserHive.Cursors_Key, cursor, out var value);
+			success &= !(value is string) || (value is string path && (string.IsNullOrWhiteSpace(path) || IsValidCursorPath(path)));
+
+			if (!success)
+			{
+				if (value != default)
+				{
+					logger.Warn($"Configuration of cursor '{cursor}' is compromised: '{value}'!");
+				}
+				else
+				{
+					logger.Warn($"Failed to verify configuration of cursor '{cursor}'!");
+				}
+			}
+
+			return success;
+		}
+
+		private bool IsValidCursorPath(string path)
+		{
+			return path.StartsWith(USER_PATH, StringComparison.OrdinalIgnoreCase) || path.StartsWith(SYSTEM_PATH, StringComparison.OrdinalIgnoreCase);
+		}
+	}
+}

SafeExamBrowser.Monitoring/System/Components/EaseOfAccess.cs

@@ -0,0 +1,71 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using System.Threading.Tasks;
+using SafeExamBrowser.Logging.Contracts;
+using SafeExamBrowser.Monitoring.Contracts.System.Events;
+using SafeExamBrowser.SystemComponents.Contracts.Registry;
+
+namespace SafeExamBrowser.Monitoring.System.Components
+{
+	internal class EaseOfAccess
+	{
+		private readonly ILogger logger;
+		private readonly IRegistry registry;
+
+		internal event SentinelEventHandler EaseOfAccessChanged;
+
+		internal EaseOfAccess(ILogger logger, IRegistry registry)
+		{
+			this.logger = logger;
+			this.registry = registry;
+		}
+
+		internal void StartMonitoring()
+		{
+			registry.ValueChanged += Registry_ValueChanged;
+
+			logger.Info("Started monitoring ease of access.");
+		}
+
+		internal void StopMonitoring()
+		{
+			registry.ValueChanged -= Registry_ValueChanged;
+
+			logger.Info("Stopped monitoring ease of access.");
+		}
+
+		internal bool Verify()
+		{
+			logger.Info($"Starting ease of access verification...");
+			logger.Info("Ease of access configuration successfully verified.");
+
+			return true;
+		}
+
+		private void Registry_ValueChanged(string key, string name, object oldValue, object newValue)
+		{
+			
+		}
+
+		private void HandleEaseOfAccessChange(string key, string name, object oldValue, object newValue)
+		{
+			var args = new SentinelEventArgs();
+
+			logger.Warn($@"The ease of access registry value '{key}\{name}' has changed from '{oldValue}' to '{newValue}'!");
+
+			Task.Run(() => EaseOfAccessChanged?.Invoke(args)).ContinueWith((_) =>
+			{
+				if (args.Allow)
+				{
+					registry.StopMonitoring(key, name);
+				}
+			});
+		}
+	}
+}

SafeExamBrowser.Monitoring/System/Components/StickyKeys.cs

@@ -0,0 +1,124 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using System.Threading.Tasks;
+using System.Timers;
+using SafeExamBrowser.Logging.Contracts;
+using SafeExamBrowser.Monitoring.Contracts.System.Events;
+using SafeExamBrowser.WindowsApi.Contracts;
+
+namespace SafeExamBrowser.Monitoring.System.Components
+{
+	internal class StickyKeys
+	{
+		private readonly ILogger logger;
+		private readonly INativeMethods nativeMethods;
+		private readonly Timer timer;
+
+		private IStickyKeysState original;
+
+		internal event SentinelEventHandler Changed;
+
+		internal StickyKeys(ILogger logger, INativeMethods nativeMethods)
+		{
+			this.logger = logger;
+			this.nativeMethods = nativeMethods;
+			this.timer = new Timer();
+		}
+
+		internal bool Disable()
+		{
+
+			return true;
+		}
+
+		internal bool Enable()
+		{
+			return true;
+		}
+
+		internal bool Revert()
+		{
+			var success = true;
+
+			if (original != default)
+			{
+				success = nativeMethods.TrySetStickyKeys(original);
+
+				if (success)
+				{
+					logger.Info($"Successfully reverted sticky keys (original state: {ToString(original)}).");
+				}
+				else
+				{
+					logger.Error($"Failed to revert sticky keys (original state: {ToString(original)})!");
+				}
+			}
+
+			original = default;
+
+			return success;
+		}
+
+		internal void StartMonitoring()
+		{
+			timer.AutoReset = true;
+			timer.Elapsed += Timer_Elapsed;
+			timer.Interval = 1000;
+			timer.Start();
+
+			logger.Info("Started monitoring sticky keys.");
+		}
+
+		internal void StopMonitoring()
+		{
+			timer.Elapsed -= Timer_Elapsed;
+			timer.Stop();
+
+			logger.Info("Stopped monitoring sticky keys.");
+		}
+
+		private void Timer_Elapsed(object sender, ElapsedEventArgs e)
+		{
+			
+		}
+
+		private void HandleStickyKeysChange(IStickyKeysState state)
+		{
+			var args = new SentinelEventArgs();
+
+			logger.Warn($"The sticky keys state has changed: {ToString(state)}.");
+
+			Task.Run(() => Changed?.Invoke(args)).ContinueWith((_) =>
+			{
+				if (args.Allow)
+				{
+					StopMonitoring();
+				}
+			});
+
+			if (nativeMethods.DisableStickyKeys())
+			{
+				logger.Info($"Disabled sticky keys.");
+			}
+			else
+			{
+				logger.Error($"Failed to disable sticky keys!");
+			}
+		}
+
+		private string ToString(IStickyKeysState state)
+		{
+			var availability = state.IsAvailable ? "available" : "unavailable";
+			var status = state.IsEnabled ? "enabled" : "disabled";
+			var hotkey = state.IsHotkeyActive ? "active" : "inactive";
+
+			return $"functionality {availability} and {status}, hotkey {hotkey}";
+		}
+	}
+}

SafeExamBrowser.Monitoring/System/Components/SystemEvents.cs

@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ * 
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using System;
+using System.Threading.Tasks;
+using Microsoft.Win32;
+using SafeExamBrowser.Logging.Contracts;
+using SafeExamBrowser.Monitoring.Contracts.System.Events;
+
+namespace SafeExamBrowser.Monitoring.System.Components
+{
+	internal class SystemEvents
+	{
+		private readonly ILogger logger;
+
+		internal event SessionChangedEventHandler SessionChanged;
+
+		internal SystemEvents(ILogger logger)
+		{
+			this.logger = logger;
+		}
+
+		internal void StartMonitoring()
+		{
+			Microsoft.Win32.SystemEvents.EventsThreadShutdown += SystemEvents_EventsThreadShutdown;
+			Microsoft.Win32.SystemEvents.InstalledFontsChanged += SystemEvents_InstalledFontsChanged;
+			Microsoft.Win32.SystemEvents.PowerModeChanged += SystemEvents_PowerModeChanged;
+			Microsoft.Win32.SystemEvents.SessionEnded += SystemEvents_SessionEnded;
+			Microsoft.Win32.SystemEvents.SessionEnding += SystemEvents_SessionEnding;
+			Microsoft.Win32.SystemEvents.SessionSwitch += SystemEvents_SessionChanged;
+			Microsoft.Win32.SystemEvents.TimeChanged += SystemEvents_TimeChanged;
+			Microsoft.Win32.SystemEvents.UserPreferenceChanged += SystemEvents_UserPreferenceChanged;
+
+			logger.Info("Started monitoring system events.");
+		}
+
+		internal void StopMonitoring()
+		{
+			Microsoft.Win32.SystemEvents.EventsThreadShutdown -= SystemEvents_EventsThreadShutdown;
+			Microsoft.Win32.SystemEvents.InstalledFontsChanged -= SystemEvents_InstalledFontsChanged;
+			Microsoft.Win32.SystemEvents.PowerModeChanged -= SystemEvents_PowerModeChanged;
+			Microsoft.Win32.SystemEvents.SessionEnded -= SystemEvents_SessionEnded;
+			Microsoft.Win32.SystemEvents.SessionEnding -= SystemEvents_SessionEnding;
+			Microsoft.Win32.SystemEvents.SessionSwitch -= SystemEvents_SessionChanged;
+			Microsoft.Win32.SystemEvents.TimeChanged -= SystemEvents_TimeChanged;
+			Microsoft.Win32.SystemEvents.UserPreferenceChanged -= SystemEvents_UserPreferenceChanged;
+
+			logger.Info("Stopped monitoring system events.");
+		}
+
+		private void SystemEvents_EventsThreadShutdown(object sender, EventArgs e)
+		{
+			
+		}
+
+		private void SystemEvents_InstalledFontsChanged(object sender, EventArgs e)
+		{
+			
+		}
+
+		private void SystemEvents_PowerModeChanged(object sender, PowerModeChangedEventArgs e)
+		{
+			
+		}
+
+		private void SystemEvents_SessionEnded(object sender, SessionEndedEventArgs e)
+		{
+			
+		}
+
+		private void SystemEvents_SessionEnding(object sender, SessionEndingEventArgs e)
+		{
+			
+		}
+
+		private void SystemEvents_SessionChanged(object sender, SessionSwitchEventArgs e)
+		{
+			
+		}
+
+		private void SystemEvents_TimeChanged(object sender, EventArgs e)
+		{
+			
+		}
+
+		private void SystemEvents_UserPreferenceChanged(object sender, UserPreferenceChangedEventArgs e)
+		{
+			
+		}
+	}
+}

SafeExamBrowser.Monitoring/System/SystemSentinel.cs

@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using SafeExamBrowser.Logging.Contracts;
+using SafeExamBrowser.Monitoring.Contracts.System;
+using SafeExamBrowser.Monitoring.Contracts.System.Events;
+using SafeExamBrowser.Monitoring.System.Components;
+using SafeExamBrowser.SystemComponents.Contracts.Registry;
+using SafeExamBrowser.WindowsApi.Contracts;
+
+namespace SafeExamBrowser.Monitoring.System
+{
+	public class SystemSentinel : ISystemSentinel
+	{
+		private readonly Cursors cursors;
+		private readonly EaseOfAccess easeOfAccess;
+		private readonly StickyKeys stickyKeys;
+		private readonly SystemEvents systemEvents;
+
+		public event SentinelEventHandler CursorChanged;
+		public event SentinelEventHandler EaseOfAccessChanged;
+		public event SentinelEventHandler StickyKeysChanged;
+		public event SessionChangedEventHandler SessionChanged;
+
+		public SystemSentinel(ILogger logger, INativeMethods nativeMethods, IRegistry registry)
+		{
+			cursors = new Cursors(logger, registry);
+			easeOfAccess = new EaseOfAccess(logger, registry);
+			stickyKeys = new StickyKeys(logger, nativeMethods);
+			systemEvents = new SystemEvents(logger);
+		}
+
+		public bool DisableStickyKeys()
+		{
+			return stickyKeys.Disable();
+		}
+
+		public bool EnableStickyKeys()
+		{
+			return stickyKeys.Enable();
+		}
+
+		public bool RevertStickyKeys()
+		{
+			return stickyKeys.Revert();
+		}
+
+		public void StartMonitoringCursors()
+		{
+			cursors.CursorChanged += (args) => CursorChanged?.Invoke(args);
+			cursors.StartMonitoring();
+		}
+
+		public void StartMonitoringEaseOfAccess()
+		{
+			easeOfAccess.EaseOfAccessChanged += (args) => EaseOfAccessChanged?.Invoke(args);
+			easeOfAccess.StartMonitoring();
+		}
+
+		public void StartMonitoringStickyKeys()
+		{
+			stickyKeys.Changed += (args) => StickyKeysChanged?.Invoke(args);
+			stickyKeys.StartMonitoring();
+		}
+
+		public void StartMonitoringSystemEvents()
+		{
+			systemEvents.SessionChanged += () => SessionChanged?.Invoke();
+			systemEvents.StartMonitoring();
+		}
+
+		public void StopMonitoring()
+		{
+			cursors.StopMonitoring();
+			easeOfAccess.StopMonitoring();
+			stickyKeys.StopMonitoring();
+			systemEvents.StopMonitoring();
+		}
+
+		public bool VerifyCursors()
+		{
+			return cursors.Verify();
+		}
+
+		public bool VerifyEaseOfAccess()
+		{
+			return easeOfAccess.Verify();
+		}
+	}
+}