Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / Policy / PEFileEvidenceFactory.cs / 1305376 / PEFileEvidenceFactory.cs
// ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== //[....] // using System; using System.Collections; using System.Collections.Generic; using System.Diagnostics.Contracts; using System.IO; using System.Reflection; using System.Runtime.CompilerServices; using System.Runtime.ConstrainedExecution; using System.Runtime.InteropServices; using System.Runtime.Serialization.Formatters.Binary; using System.Security; using System.Security.Cryptography.X509Certificates; using System.Security.Policy; using System.Security.Permissions; using Microsoft.Win32.SafeHandles; namespace System.Security.Policy { ////// Arguments to the ETW evidence generation event. This enumeration should be kept in [....] with /// the VM enumeration EvidenceType in SecurityPolicy.h. /// internal enum EvidenceTypeGenerated { AssemblySupplied, Gac, Hash, PermissionRequest, Publisher, Site, StrongName, Url, Zone } ////// Factory class which can create evidence on demand for a VM PEFile /// internal sealed class PEFileEvidenceFactory : IRuntimeEvidenceFactory { [System.Security.SecurityCritical /*auto-generated*/] private SafePEFileHandle m_peFile; private Listm_assemblyProvidedEvidence; // Since all three of these evidence objects are generated from the same source data, we'll generate // all three when we're asked for any one of them and save them around in case we're asked for the // others. bool m_generatedLocationEvidence; private Site m_siteEvidence; private Url m_urlEvidence; private Zone m_zoneEvidence; [SecurityCritical] private PEFileEvidenceFactory(SafePEFileHandle peFile) { Contract.Assert(peFile != null && !peFile.IsClosed && !peFile.IsInvalid); m_peFile = peFile; } /// /// PEFile * that we generate evidence for /// internal SafePEFileHandle PEFile { [SecurityCritical] get { return m_peFile; } } ////// Object the supplied evidence is for /// public IEvidenceFactory Target { // Since the CLR does not have a PEFile abstraction and this PEFile may not have an associated // assembly if we're early in runtime startup, there is no valid target object to return here. get { return null; } } ////// Generate an evidence collection the PE file. This is called from the the VM in /// SecurityDescriptor::GetEvidenceForPEFile. /// [SecurityCritical] private static Evidence CreateSecurityIdentity(SafePEFileHandle peFile, Evidence hostProvidedEvidence) { PEFileEvidenceFactory evidenceFactory = new PEFileEvidenceFactory(peFile); Evidence evidence = new Evidence(evidenceFactory); // If the host (caller of Assembly.Load) provided evidence, merge it with the evidence we've just // created. The host evidence takes priority. if (hostProvidedEvidence != null) { evidence.MergeWithNoDuplicates(hostProvidedEvidence); } return evidence; } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void FireEvidenceGeneratedEvent(SafePEFileHandle peFile, EvidenceTypeGenerated type); ////// Fire an ETW event indicating that a piece of evidence has been generated. Evidence that is /// generated in the VM fires this event without a seperate call to this method, however /// evidence types generated in the BCL, such as GacInstalled, need to call this directly. /// [SecuritySafeCritical] internal void FireEvidenceGeneratedEvent(EvidenceTypeGenerated type) { FireEvidenceGeneratedEvent(m_peFile, type); } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetAssemblySuppliedEvidence(SafePEFileHandle peFile, ObjectHandleOnStack retSerializedEvidence); ////// Get any evidence that was serialized into the PE File /// [SecuritySafeCritical] public IEnumerableGetFactorySuppliedEvidence() { if (m_assemblyProvidedEvidence == null) { byte[] serializedEvidence = null; GetAssemblySuppliedEvidence(m_peFile, JitHelpers.GetObjectHandleOnStack(ref serializedEvidence)); m_assemblyProvidedEvidence = new List (); if (serializedEvidence != null) { Evidence deserializedEvidence = new Evidence(); // Partial trust assemblies can provide their own evidence, so make sure that we have // permission to deserialize it new SecurityPermission(SecurityPermissionFlag.SerializationFormatter).Assert(); try { BinaryFormatter formatter = new BinaryFormatter(); using (MemoryStream ms = new MemoryStream(serializedEvidence)) { deserializedEvidence = (Evidence)formatter.Deserialize(ms); } } catch { /* Ignore any errors deserializing */ } CodeAccessPermission.RevertAssert(); // Enumerate the assembly evidence, ignoring any host evidence supplied. Since we // could be loading a Whidbey assembly, we need to use the old GetAssemblyEnumerator // API and deal with objects instead of EvidenceBases. if (deserializedEvidence != null) { IEnumerator enumerator = deserializedEvidence.GetAssemblyEnumerator(); while (enumerator.MoveNext()) { if (enumerator.Current != null) { // If this is a legacy evidence object, we need to wrap it before // returning it. EvidenceBase currentEvidence = enumerator.Current as EvidenceBase; if (currentEvidence == null) { currentEvidence = new LegacyEvidenceWrapper(enumerator.Current); } m_assemblyProvidedEvidence.Add(currentEvidence); } } } } } return m_assemblyProvidedEvidence; } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetLocationEvidence(SafePEFileHandle peFile, [Out] out SecurityZone zone, StringHandleOnStack retUrl); [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetPublisherCertificate(SafePEFileHandle peFile, ObjectHandleOnStack retCertificate); /// /// Called to generate different types of evidence on demand /// public EvidenceBase GenerateEvidence(Type evidenceType) { if (evidenceType == typeof(Site)) { return GenerateSiteEvidence(); } else if (evidenceType == typeof(Url)) { return GenerateUrlEvidence(); } else if (evidenceType == typeof(Zone)) { return GenerateZoneEvidence(); } else if (evidenceType == typeof(Publisher)) { return GeneratePublisherEvidence(); } return null; } ////// Generate Site, Url, and Zone evidence for this file. /// [SecuritySafeCritical] private void GenerateLocationEvidence() { if (!m_generatedLocationEvidence) { SecurityZone securityZone = SecurityZone.NoZone; string url = null; GetLocationEvidence(m_peFile, out securityZone, JitHelpers.GetStringHandleOnStack(ref url)); if (securityZone != SecurityZone.NoZone) { m_zoneEvidence = new Zone(securityZone); } if (!String.IsNullOrEmpty(url)) { m_urlEvidence = new Url(url, true); // We only create site evidence if the URL does not with file: if (!url.StartsWith("file:", StringComparison.OrdinalIgnoreCase)) { m_siteEvidence = Site.CreateFromUrl(url); } } m_generatedLocationEvidence = true; } } ////// Generate evidence for the file's Authenticode signature /// [SecuritySafeCritical] private Publisher GeneratePublisherEvidence() { byte[] certificate = null; GetPublisherCertificate(m_peFile, JitHelpers.GetObjectHandleOnStack(ref certificate)); if (certificate == null) { return null; } return new Publisher(new X509Certificate(certificate)); } ////// Generate evidence for the site this file was loaded from /// private Site GenerateSiteEvidence() { if (m_siteEvidence == null) { GenerateLocationEvidence(); } return m_siteEvidence; } ////// Generate evidence for the URL this file was loaded from /// private Url GenerateUrlEvidence() { if (m_urlEvidence == null) { GenerateLocationEvidence(); } return m_urlEvidence; } ////// Generate evidence for the zone this file was loaded from /// private Zone GenerateZoneEvidence() { if (m_zoneEvidence == null) { GenerateLocationEvidence(); } return m_zoneEvidence; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- HitTestParameters.cs
- LinkGrep.cs
- EncryptedHeader.cs
- RequestQueryProcessor.cs
- SapiRecoInterop.cs
- SqlLiftWhereClauses.cs
- CharAnimationBase.cs
- ListItemConverter.cs
- DeferredTextReference.cs
- ButtonAutomationPeer.cs
- ThaiBuddhistCalendar.cs
- XmlChildEnumerator.cs
- FileDialog.cs
- StringArrayConverter.cs
- MethodResolver.cs
- Classification.cs
- InvalidCastException.cs
- TableRowCollection.cs
- ListDictionary.cs
- DataTableTypeConverter.cs
- RenderDataDrawingContext.cs
- Transform3D.cs
- MimeMultiPart.cs
- UIElementPropertyUndoUnit.cs
- HwndAppCommandInputProvider.cs
- BasicAsyncResult.cs
- Permission.cs
- EpmContentDeSerializer.cs
- WindowManager.cs
- COM2Properties.cs
- FormViewPageEventArgs.cs
- SqlGatherConsumedAliases.cs
- PingOptions.cs
- Funcletizer.cs
- BufferBuilder.cs
- TemplateAction.cs
- DataGridViewRowCollection.cs
- TaskFactory.cs
- XmlUtil.cs
- Application.cs
- PageParser.cs
- DirectionalLight.cs
- SamlAudienceRestrictionCondition.cs
- SamlAuthorityBinding.cs
- StringComparer.cs
- OletxTransactionHeader.cs
- OnOperation.cs
- TextFormatter.cs
- HtmlInputSubmit.cs
- PageCodeDomTreeGenerator.cs
- DataFormats.cs
- DataGridViewSortCompareEventArgs.cs
- sqlnorm.cs
- AdapterUtil.cs
- StyleSheet.cs
- GroupStyle.cs
- Button.cs
- BasicExpandProvider.cs
- DataBindingExpressionBuilder.cs
- GridToolTip.cs
- WebBrowser.cs
- DataList.cs
- ISO2022Encoding.cs
- Metafile.cs
- Tablet.cs
- ResourceExpressionEditor.cs
- SmiRecordBuffer.cs
- PingReply.cs
- TextServicesLoader.cs
- CodeAttachEventStatement.cs
- BrowserCapabilitiesFactory.cs
- MarshalByRefObject.cs
- MenuItemStyleCollection.cs
- DrawingState.cs
- WindowExtensionMethods.cs
- WebPartConnectVerb.cs
- QueryableFilterRepeater.cs
- CodeTypeDeclaration.cs
- CodeSubDirectory.cs
- ProxyWebPartConnectionCollection.cs
- ToolStripComboBox.cs
- PageTrueTypeFont.cs
- ConfigurationStrings.cs
- TypeExtension.cs
- HttpCacheVary.cs
- XmlSerializerFaultFormatter.cs
- ColumnResizeAdorner.cs
- Utils.cs
- sqlmetadatafactory.cs
- EntityContainerRelationshipSetEnd.cs
- Win32Exception.cs
- WebErrorHandler.cs
- EntityReference.cs
- EntityContainerAssociationSetEnd.cs
- CodeSnippetExpression.cs
- TPLETWProvider.cs
- StorageConditionPropertyMapping.cs
- UpdateManifestForBrowserApplication.cs
- MonthChangedEventArgs.cs
- MergeLocalizationDirectives.cs