Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / Policy / AssemblyEvidenceFactory.cs / 1305376 / AssemblyEvidenceFactory.cs
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
// [....]
//
using System;
using System.Collections.Generic;
using System.Diagnostics.Contracts;
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Permissions;
using Microsoft.Win32.SafeHandles;
namespace System.Security.Policy
{
///
/// Factory class which can create evidence on demand for an assembly
///
internal sealed class AssemblyEvidenceFactory : IRuntimeEvidenceFactory
{
private PEFileEvidenceFactory m_peFileFactory;
private RuntimeAssembly m_targetAssembly;
///
/// Create a factory which can generate evidence for the specified assembly
///
private AssemblyEvidenceFactory(RuntimeAssembly targetAssembly, PEFileEvidenceFactory peFileFactory)
{
Contract.Assert(targetAssembly != null);
Contract.Assert(peFileFactory != null);
m_targetAssembly = targetAssembly;
m_peFileFactory = peFileFactory;
}
///
/// PEFile that the assembly is loaded from
///
internal SafePEFileHandle PEFile
{
[SecurityCritical]
get { return m_peFileFactory.PEFile; }
}
///
/// Assembly that the evidence generated is for
///
public IEvidenceFactory Target
{
get { return m_targetAssembly; }
}
///
/// Generate a specific type of evidence for this assembly
///
public EvidenceBase GenerateEvidence(Type evidenceType)
{
// Assembly evidence is a superset of the evidence that a PEFile can supply, so first see if the
// requested evidence type can be generated by the assembly's PEFile
EvidenceBase evidence = m_peFileFactory.GenerateEvidence(evidenceType);
if (evidence != null)
{
return evidence;
}
// If the PEFile didn't know about this type of evidence, see if it is an evidence type that the
// Assembly knows how to generate
if (evidenceType == typeof(GacInstalled))
{
return GenerateGacEvidence();
}
else if (evidenceType == typeof(Hash))
{
return GenerateHashEvidence();
}
#pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode
else if (evidenceType == typeof(PermissionRequestEvidence))
{
return GeneratePermissionRequestEvidence();
}
#pragma warning restore 618
else if (evidenceType == typeof(StrongName))
{
return GenerateStrongNameEvidence();
}
return null;
}
///
/// Generate evidence if the assembly is installed in the GAC
///
private GacInstalled GenerateGacEvidence()
{
if (!m_targetAssembly.GlobalAssemblyCache)
{
return null;
}
m_peFileFactory.FireEvidenceGeneratedEvent(EvidenceTypeGenerated.Gac);
return new GacInstalled();
}
///
/// Generate evidence for the assembly's hash value
///
private Hash GenerateHashEvidence()
{
if (m_targetAssembly.IsDynamic)
{
return null;
}
m_peFileFactory.FireEvidenceGeneratedEvent(EvidenceTypeGenerated.Hash);
return new Hash(m_targetAssembly);
}
#pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode
///
/// Generate evidence for the assembly's declarative security
///
[SecuritySafeCritical]
private PermissionRequestEvidence GeneratePermissionRequestEvidence()
{
Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled);
PermissionSet minimumPermissions = null;
PermissionSet optionalPermissions = null;
PermissionSet refusedPermissions = null;
GetAssemblyPermissionRequests(m_targetAssembly.GetNativeHandle(),
JitHelpers.GetObjectHandleOnStack(ref minimumPermissions),
JitHelpers.GetObjectHandleOnStack(ref optionalPermissions),
JitHelpers.GetObjectHandleOnStack(ref refusedPermissions));
if (minimumPermissions != null || optionalPermissions != null || refusedPermissions != null)
{
return new PermissionRequestEvidence(minimumPermissions,
optionalPermissions,
refusedPermissions);
}
return null;
}
#pragma warning restore 618
///
/// Generate evidence for this file's strong name
///
[SecuritySafeCritical]
private StrongName GenerateStrongNameEvidence()
{
byte[] publicKeyBlob = null;
string simpleName = null;
ushort majorVersion = 0;
ushort minorVersion = 0;
ushort build = 0;
ushort revision = 0;
GetStrongNameInformation(m_targetAssembly.GetNativeHandle(),
JitHelpers.GetObjectHandleOnStack(ref publicKeyBlob),
JitHelpers.GetStringHandleOnStack(ref simpleName),
out majorVersion,
out minorVersion,
out build,
out revision);
if (publicKeyBlob == null || publicKeyBlob.Length == 0)
{
return null;
}
return new StrongName(new StrongNamePublicKeyBlob(publicKeyBlob),
simpleName,
new Version(majorVersion, minorVersion, build, revision),
m_targetAssembly);
}
[DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
[SecurityCritical]
[SuppressUnmanagedCodeSecurity]
private static extern void GetAssemblyPermissionRequests(RuntimeAssembly assembly,
ObjectHandleOnStack retMinimumPermissions,
ObjectHandleOnStack retOptionalPermissions,
ObjectHandleOnStack retRefusedPermissions);
///
/// Get any evidence that was serialized into the assembly
///
public IEnumerable GetFactorySuppliedEvidence()
{
// The PEFile knows how to read the serialized evidence, so we can just delegate to it
return m_peFileFactory.GetFactorySuppliedEvidence();
}
[DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
[SecurityCritical]
[SuppressUnmanagedCodeSecurity]
private static extern void GetStrongNameInformation(RuntimeAssembly assembly,
ObjectHandleOnStack retPublicKeyBlob,
StringHandleOnStack retSimpleName,
[Out] out ushort majorVersion,
[Out] out ushort minorVersion,
[Out] out ushort build,
[Out] out ushort revision);
///
/// Retarget an evidence object from generating evidence for a PEFile to generating evidence for
/// the file's assembly.
///
[SecurityCritical]
private static Evidence UpgradeSecurityIdentity(Evidence peFileEvidence, RuntimeAssembly targetAssembly)
{
Contract.Assert(peFileEvidence != null);
Contract.Assert(targetAssembly != null);
Contract.Assert(peFileEvidence.Target is PEFileEvidenceFactory, "Expected upgrade path is from PEFile to Assembly");
peFileEvidence.Target = new AssemblyEvidenceFactory(targetAssembly,
peFileEvidence.Target as PEFileEvidenceFactory);
// Whidbey hosts would provide evidence for assemblies up front rather than on demand. If there
// is a HostSecurityManager which does want to provide evidence, then we should provide it the
// opprotunity to do the same for compatibility.
HostSecurityManager securityManager = AppDomain.CurrentDomain.HostSecurityManager;
if ((securityManager.Flags & HostSecurityManagerOptions.HostAssemblyEvidence) == HostSecurityManagerOptions.HostAssemblyEvidence)
{
peFileEvidence = securityManager.ProvideAssemblyEvidence(targetAssembly, peFileEvidence);
if (peFileEvidence == null)
{
throw new InvalidOperationException(Environment.GetResourceString("Policy_NullHostEvidence", securityManager.GetType().FullName, targetAssembly.FullName));
}
}
return peFileEvidence;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
// [....]
//
using System;
using System.Collections.Generic;
using System.Diagnostics.Contracts;
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Permissions;
using Microsoft.Win32.SafeHandles;
namespace System.Security.Policy
{
///
/// Factory class which can create evidence on demand for an assembly
///
internal sealed class AssemblyEvidenceFactory : IRuntimeEvidenceFactory
{
private PEFileEvidenceFactory m_peFileFactory;
private RuntimeAssembly m_targetAssembly;
///
/// Create a factory which can generate evidence for the specified assembly
///
private AssemblyEvidenceFactory(RuntimeAssembly targetAssembly, PEFileEvidenceFactory peFileFactory)
{
Contract.Assert(targetAssembly != null);
Contract.Assert(peFileFactory != null);
m_targetAssembly = targetAssembly;
m_peFileFactory = peFileFactory;
}
///
/// PEFile that the assembly is loaded from
///
internal SafePEFileHandle PEFile
{
[SecurityCritical]
get { return m_peFileFactory.PEFile; }
}
///
/// Assembly that the evidence generated is for
///
public IEvidenceFactory Target
{
get { return m_targetAssembly; }
}
///
/// Generate a specific type of evidence for this assembly
///
public EvidenceBase GenerateEvidence(Type evidenceType)
{
// Assembly evidence is a superset of the evidence that a PEFile can supply, so first see if the
// requested evidence type can be generated by the assembly's PEFile
EvidenceBase evidence = m_peFileFactory.GenerateEvidence(evidenceType);
if (evidence != null)
{
return evidence;
}
// If the PEFile didn't know about this type of evidence, see if it is an evidence type that the
// Assembly knows how to generate
if (evidenceType == typeof(GacInstalled))
{
return GenerateGacEvidence();
}
else if (evidenceType == typeof(Hash))
{
return GenerateHashEvidence();
}
#pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode
else if (evidenceType == typeof(PermissionRequestEvidence))
{
return GeneratePermissionRequestEvidence();
}
#pragma warning restore 618
else if (evidenceType == typeof(StrongName))
{
return GenerateStrongNameEvidence();
}
return null;
}
///
/// Generate evidence if the assembly is installed in the GAC
///
private GacInstalled GenerateGacEvidence()
{
if (!m_targetAssembly.GlobalAssemblyCache)
{
return null;
}
m_peFileFactory.FireEvidenceGeneratedEvent(EvidenceTypeGenerated.Gac);
return new GacInstalled();
}
///
/// Generate evidence for the assembly's hash value
///
private Hash GenerateHashEvidence()
{
if (m_targetAssembly.IsDynamic)
{
return null;
}
m_peFileFactory.FireEvidenceGeneratedEvent(EvidenceTypeGenerated.Hash);
return new Hash(m_targetAssembly);
}
#pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode
///
/// Generate evidence for the assembly's declarative security
///
[SecuritySafeCritical]
private PermissionRequestEvidence GeneratePermissionRequestEvidence()
{
Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled);
PermissionSet minimumPermissions = null;
PermissionSet optionalPermissions = null;
PermissionSet refusedPermissions = null;
GetAssemblyPermissionRequests(m_targetAssembly.GetNativeHandle(),
JitHelpers.GetObjectHandleOnStack(ref minimumPermissions),
JitHelpers.GetObjectHandleOnStack(ref optionalPermissions),
JitHelpers.GetObjectHandleOnStack(ref refusedPermissions));
if (minimumPermissions != null || optionalPermissions != null || refusedPermissions != null)
{
return new PermissionRequestEvidence(minimumPermissions,
optionalPermissions,
refusedPermissions);
}
return null;
}
#pragma warning restore 618
///
/// Generate evidence for this file's strong name
///
[SecuritySafeCritical]
private StrongName GenerateStrongNameEvidence()
{
byte[] publicKeyBlob = null;
string simpleName = null;
ushort majorVersion = 0;
ushort minorVersion = 0;
ushort build = 0;
ushort revision = 0;
GetStrongNameInformation(m_targetAssembly.GetNativeHandle(),
JitHelpers.GetObjectHandleOnStack(ref publicKeyBlob),
JitHelpers.GetStringHandleOnStack(ref simpleName),
out majorVersion,
out minorVersion,
out build,
out revision);
if (publicKeyBlob == null || publicKeyBlob.Length == 0)
{
return null;
}
return new StrongName(new StrongNamePublicKeyBlob(publicKeyBlob),
simpleName,
new Version(majorVersion, minorVersion, build, revision),
m_targetAssembly);
}
[DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
[SecurityCritical]
[SuppressUnmanagedCodeSecurity]
private static extern void GetAssemblyPermissionRequests(RuntimeAssembly assembly,
ObjectHandleOnStack retMinimumPermissions,
ObjectHandleOnStack retOptionalPermissions,
ObjectHandleOnStack retRefusedPermissions);
///
/// Get any evidence that was serialized into the assembly
///
public IEnumerable GetFactorySuppliedEvidence()
{
// The PEFile knows how to read the serialized evidence, so we can just delegate to it
return m_peFileFactory.GetFactorySuppliedEvidence();
}
[DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
[SecurityCritical]
[SuppressUnmanagedCodeSecurity]
private static extern void GetStrongNameInformation(RuntimeAssembly assembly,
ObjectHandleOnStack retPublicKeyBlob,
StringHandleOnStack retSimpleName,
[Out] out ushort majorVersion,
[Out] out ushort minorVersion,
[Out] out ushort build,
[Out] out ushort revision);
///
/// Retarget an evidence object from generating evidence for a PEFile to generating evidence for
/// the file's assembly.
///
[SecurityCritical]
private static Evidence UpgradeSecurityIdentity(Evidence peFileEvidence, RuntimeAssembly targetAssembly)
{
Contract.Assert(peFileEvidence != null);
Contract.Assert(targetAssembly != null);
Contract.Assert(peFileEvidence.Target is PEFileEvidenceFactory, "Expected upgrade path is from PEFile to Assembly");
peFileEvidence.Target = new AssemblyEvidenceFactory(targetAssembly,
peFileEvidence.Target as PEFileEvidenceFactory);
// Whidbey hosts would provide evidence for assemblies up front rather than on demand. If there
// is a HostSecurityManager which does want to provide evidence, then we should provide it the
// opprotunity to do the same for compatibility.
HostSecurityManager securityManager = AppDomain.CurrentDomain.HostSecurityManager;
if ((securityManager.Flags & HostSecurityManagerOptions.HostAssemblyEvidence) == HostSecurityManagerOptions.HostAssemblyEvidence)
{
peFileEvidence = securityManager.ProvideAssemblyEvidence(targetAssembly, peFileEvidence);
if (peFileEvidence == null)
{
throw new InvalidOperationException(Environment.GetResourceString("Policy_NullHostEvidence", securityManager.GetType().FullName, targetAssembly.FullName));
}
}
return peFileEvidence;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TextSearch.cs
- SqlCommandBuilder.cs
- RtfNavigator.cs
- Emitter.cs
- AllMembershipCondition.cs
- CompressedStack.cs
- CookielessData.cs
- SecurityElement.cs
- Win32MouseDevice.cs
- StylusPointPropertyInfo.cs
- Hyperlink.cs
- SqlAggregateChecker.cs
- WebRequest.cs
- invalidudtexception.cs
- CollectionBase.cs
- ModelTreeManager.cs
- WeakEventTable.cs
- DataBindingValueUIHandler.cs
- activationcontext.cs
- WS2007HttpBindingCollectionElement.cs
- Scene3D.cs
- OleDbTransaction.cs
- EmptyImpersonationContext.cs
- AssertSection.cs
- CryptoStream.cs
- HostUtils.cs
- DrawingAttributeSerializer.cs
- DeviceSpecificChoice.cs
- SegmentInfo.cs
- ListItemsCollectionEditor.cs
- TextServicesDisplayAttribute.cs
- TextRange.cs
- AlphaSortedEnumConverter.cs
- Expr.cs
- ServiceThrottlingElement.cs
- SQLInt16Storage.cs
- CompModSwitches.cs
- CharAnimationBase.cs
- DataGridHeaderBorder.cs
- DetailsViewInsertedEventArgs.cs
- SoapEnumAttribute.cs
- HostingEnvironmentSection.cs
- HttpStreamXmlDictionaryReader.cs
- InkSerializer.cs
- UnsafeNetInfoNativeMethods.cs
- GridViewRow.cs
- AlternationConverter.cs
- QuaternionRotation3D.cs
- FormsIdentity.cs
- WrapPanel.cs
- BufferedWebEventProvider.cs
- ProcessManager.cs
- ProbeDuplexAsyncResult.cs
- FormatSettings.cs
- WebResourceAttribute.cs
- UnorderedHashRepartitionStream.cs
- PopOutPanel.cs
- WSAddressing10ProblemHeaderQNameFault.cs
- RC2.cs
- FontDifferentiator.cs
- Transform3D.cs
- TreeNodeStyle.cs
- PingReply.cs
- MethodBody.cs
- XmlSchemaGroup.cs
- ClipboardProcessor.cs
- List.cs
- exports.cs
- AddInIpcChannel.cs
- TextShapeableCharacters.cs
- RestHandler.cs
- FragmentQuery.cs
- WmiInstallComponent.cs
- SynchronizedDispatch.cs
- Debug.cs
- ActiveXHost.cs
- ActivatableWorkflowsQueryResult.cs
- TransformGroup.cs
- DictionaryContent.cs
- DefaultPrintController.cs
- MsmqDiagnostics.cs
- DispatcherHookEventArgs.cs
- Soap.cs
- SystemWebSectionGroup.cs
- InstanceData.cs
- WinEventHandler.cs
- Single.cs
- OledbConnectionStringbuilder.cs
- PackUriHelper.cs
- BinaryParser.cs
- ExeConfigurationFileMap.cs
- BasePattern.cs
- HtmlLinkAdapter.cs
- DynamicArgumentDialog.cs
- VariableValue.cs
- SetIterators.cs
- CryptoConfig.cs
- SmtpTransport.cs
- Calendar.cs
- Shape.cs