Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / Policy / PEFileEvidenceFactory.cs / 1305376 / PEFileEvidenceFactory.cs
// ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== //[....] // using System; using System.Collections; using System.Collections.Generic; using System.Diagnostics.Contracts; using System.IO; using System.Reflection; using System.Runtime.CompilerServices; using System.Runtime.ConstrainedExecution; using System.Runtime.InteropServices; using System.Runtime.Serialization.Formatters.Binary; using System.Security; using System.Security.Cryptography.X509Certificates; using System.Security.Policy; using System.Security.Permissions; using Microsoft.Win32.SafeHandles; namespace System.Security.Policy { ////// Arguments to the ETW evidence generation event. This enumeration should be kept in [....] with /// the VM enumeration EvidenceType in SecurityPolicy.h. /// internal enum EvidenceTypeGenerated { AssemblySupplied, Gac, Hash, PermissionRequest, Publisher, Site, StrongName, Url, Zone } ////// Factory class which can create evidence on demand for a VM PEFile /// internal sealed class PEFileEvidenceFactory : IRuntimeEvidenceFactory { [System.Security.SecurityCritical /*auto-generated*/] private SafePEFileHandle m_peFile; private Listm_assemblyProvidedEvidence; // Since all three of these evidence objects are generated from the same source data, we'll generate // all three when we're asked for any one of them and save them around in case we're asked for the // others. bool m_generatedLocationEvidence; private Site m_siteEvidence; private Url m_urlEvidence; private Zone m_zoneEvidence; [SecurityCritical] private PEFileEvidenceFactory(SafePEFileHandle peFile) { Contract.Assert(peFile != null && !peFile.IsClosed && !peFile.IsInvalid); m_peFile = peFile; } /// /// PEFile * that we generate evidence for /// internal SafePEFileHandle PEFile { [SecurityCritical] get { return m_peFile; } } ////// Object the supplied evidence is for /// public IEvidenceFactory Target { // Since the CLR does not have a PEFile abstraction and this PEFile may not have an associated // assembly if we're early in runtime startup, there is no valid target object to return here. get { return null; } } ////// Generate an evidence collection the PE file. This is called from the the VM in /// SecurityDescriptor::GetEvidenceForPEFile. /// [SecurityCritical] private static Evidence CreateSecurityIdentity(SafePEFileHandle peFile, Evidence hostProvidedEvidence) { PEFileEvidenceFactory evidenceFactory = new PEFileEvidenceFactory(peFile); Evidence evidence = new Evidence(evidenceFactory); // If the host (caller of Assembly.Load) provided evidence, merge it with the evidence we've just // created. The host evidence takes priority. if (hostProvidedEvidence != null) { evidence.MergeWithNoDuplicates(hostProvidedEvidence); } return evidence; } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void FireEvidenceGeneratedEvent(SafePEFileHandle peFile, EvidenceTypeGenerated type); ////// Fire an ETW event indicating that a piece of evidence has been generated. Evidence that is /// generated in the VM fires this event without a seperate call to this method, however /// evidence types generated in the BCL, such as GacInstalled, need to call this directly. /// [SecuritySafeCritical] internal void FireEvidenceGeneratedEvent(EvidenceTypeGenerated type) { FireEvidenceGeneratedEvent(m_peFile, type); } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetAssemblySuppliedEvidence(SafePEFileHandle peFile, ObjectHandleOnStack retSerializedEvidence); ////// Get any evidence that was serialized into the PE File /// [SecuritySafeCritical] public IEnumerableGetFactorySuppliedEvidence() { if (m_assemblyProvidedEvidence == null) { byte[] serializedEvidence = null; GetAssemblySuppliedEvidence(m_peFile, JitHelpers.GetObjectHandleOnStack(ref serializedEvidence)); m_assemblyProvidedEvidence = new List (); if (serializedEvidence != null) { Evidence deserializedEvidence = new Evidence(); // Partial trust assemblies can provide their own evidence, so make sure that we have // permission to deserialize it new SecurityPermission(SecurityPermissionFlag.SerializationFormatter).Assert(); try { BinaryFormatter formatter = new BinaryFormatter(); using (MemoryStream ms = new MemoryStream(serializedEvidence)) { deserializedEvidence = (Evidence)formatter.Deserialize(ms); } } catch { /* Ignore any errors deserializing */ } CodeAccessPermission.RevertAssert(); // Enumerate the assembly evidence, ignoring any host evidence supplied. Since we // could be loading a Whidbey assembly, we need to use the old GetAssemblyEnumerator // API and deal with objects instead of EvidenceBases. if (deserializedEvidence != null) { IEnumerator enumerator = deserializedEvidence.GetAssemblyEnumerator(); while (enumerator.MoveNext()) { if (enumerator.Current != null) { // If this is a legacy evidence object, we need to wrap it before // returning it. EvidenceBase currentEvidence = enumerator.Current as EvidenceBase; if (currentEvidence == null) { currentEvidence = new LegacyEvidenceWrapper(enumerator.Current); } m_assemblyProvidedEvidence.Add(currentEvidence); } } } } } return m_assemblyProvidedEvidence; } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetLocationEvidence(SafePEFileHandle peFile, [Out] out SecurityZone zone, StringHandleOnStack retUrl); [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetPublisherCertificate(SafePEFileHandle peFile, ObjectHandleOnStack retCertificate); /// /// Called to generate different types of evidence on demand /// public EvidenceBase GenerateEvidence(Type evidenceType) { if (evidenceType == typeof(Site)) { return GenerateSiteEvidence(); } else if (evidenceType == typeof(Url)) { return GenerateUrlEvidence(); } else if (evidenceType == typeof(Zone)) { return GenerateZoneEvidence(); } else if (evidenceType == typeof(Publisher)) { return GeneratePublisherEvidence(); } return null; } ////// Generate Site, Url, and Zone evidence for this file. /// [SecuritySafeCritical] private void GenerateLocationEvidence() { if (!m_generatedLocationEvidence) { SecurityZone securityZone = SecurityZone.NoZone; string url = null; GetLocationEvidence(m_peFile, out securityZone, JitHelpers.GetStringHandleOnStack(ref url)); if (securityZone != SecurityZone.NoZone) { m_zoneEvidence = new Zone(securityZone); } if (!String.IsNullOrEmpty(url)) { m_urlEvidence = new Url(url, true); // We only create site evidence if the URL does not with file: if (!url.StartsWith("file:", StringComparison.OrdinalIgnoreCase)) { m_siteEvidence = Site.CreateFromUrl(url); } } m_generatedLocationEvidence = true; } } ////// Generate evidence for the file's Authenticode signature /// [SecuritySafeCritical] private Publisher GeneratePublisherEvidence() { byte[] certificate = null; GetPublisherCertificate(m_peFile, JitHelpers.GetObjectHandleOnStack(ref certificate)); if (certificate == null) { return null; } return new Publisher(new X509Certificate(certificate)); } ////// Generate evidence for the site this file was loaded from /// private Site GenerateSiteEvidence() { if (m_siteEvidence == null) { GenerateLocationEvidence(); } return m_siteEvidence; } ////// Generate evidence for the URL this file was loaded from /// private Url GenerateUrlEvidence() { if (m_urlEvidence == null) { GenerateLocationEvidence(); } return m_urlEvidence; } ////// Generate evidence for the zone this file was loaded from /// private Zone GenerateZoneEvidence() { if (m_zoneEvidence == null) { GenerateLocationEvidence(); } return m_zoneEvidence; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ResXResourceReader.cs
- Point.cs
- ImportContext.cs
- BaseResourcesBuildProvider.cs
- EnterpriseServicesHelper.cs
- BindingList.cs
- FacetDescription.cs
- OdbcConnectionOpen.cs
- SamlAdvice.cs
- prompt.cs
- FormView.cs
- ArraySet.cs
- securitycriticaldataClass.cs
- Utils.cs
- Section.cs
- ControlBuilderAttribute.cs
- SchemaNotation.cs
- InputProcessorProfilesLoader.cs
- IndentedWriter.cs
- LinkUtilities.cs
- InstanceStore.cs
- CheckBoxFlatAdapter.cs
- IItemProperties.cs
- ManipulationDelta.cs
- filewebrequest.cs
- WaitHandleCannotBeOpenedException.cs
- KeyValuePair.cs
- NavigatorInput.cs
- XmlException.cs
- LinearGradientBrush.cs
- Visual3DCollection.cs
- TextParagraph.cs
- XmlAnyAttributeAttribute.cs
- NavigationProperty.cs
- CodeSnippetStatement.cs
- Messages.cs
- PropertyGridEditorPart.cs
- ValidateNames.cs
- CorePropertiesFilter.cs
- DataGridTextBoxColumn.cs
- TextSelectionHelper.cs
- MsdtcClusterUtils.cs
- RequestNavigateEventArgs.cs
- RuleInfoComparer.cs
- InternalPolicyElement.cs
- EntityCollectionChangedParams.cs
- SafeRightsManagementHandle.cs
- TextInfo.cs
- SplineQuaternionKeyFrame.cs
- WebPartMovingEventArgs.cs
- XslUrlEditor.cs
- GlobalizationAssembly.cs
- ValidatedControlConverter.cs
- Util.cs
- cache.cs
- ObjectPersistData.cs
- Parser.cs
- ReadWriteObjectLock.cs
- XmlSchemaIdentityConstraint.cs
- HyperLinkStyle.cs
- XmlSignatureProperties.cs
- FileResponseElement.cs
- EmptyEnumerator.cs
- ItemDragEvent.cs
- DataRelationPropertyDescriptor.cs
- CRYPTPROTECT_PROMPTSTRUCT.cs
- UrlAuthFailedErrorFormatter.cs
- Listbox.cs
- DesignerDataConnection.cs
- NestPullup.cs
- SqlMetaData.cs
- BindingOperations.cs
- Tablet.cs
- AnchoredBlock.cs
- PageContent.cs
- AuthorizationRule.cs
- OrderByQueryOptionExpression.cs
- XmlSchemaCollection.cs
- TableLayoutStyleCollection.cs
- ApplicationServiceManager.cs
- HighlightComponent.cs
- RegisteredHiddenField.cs
- WindowShowOrOpenTracker.cs
- ModuleConfigurationInfo.cs
- PassportAuthenticationEventArgs.cs
- GroupBoxRenderer.cs
- DebugInfoExpression.cs
- QuaternionConverter.cs
- AnnotationAdorner.cs
- TimeSpanFormat.cs
- TrackBarRenderer.cs
- CodeDomConfigurationHandler.cs
- RequestNavigateEventArgs.cs
- GridViewColumnCollectionChangedEventArgs.cs
- ContentPlaceHolderDesigner.cs
- MenuRenderer.cs
- FontFamily.cs
- ServiceProviders.cs
- DrawingCollection.cs
- DbLambda.cs