Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / Policy / PEFileEvidenceFactory.cs / 1305376 / PEFileEvidenceFactory.cs
// ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== //[....] // using System; using System.Collections; using System.Collections.Generic; using System.Diagnostics.Contracts; using System.IO; using System.Reflection; using System.Runtime.CompilerServices; using System.Runtime.ConstrainedExecution; using System.Runtime.InteropServices; using System.Runtime.Serialization.Formatters.Binary; using System.Security; using System.Security.Cryptography.X509Certificates; using System.Security.Policy; using System.Security.Permissions; using Microsoft.Win32.SafeHandles; namespace System.Security.Policy { ////// Arguments to the ETW evidence generation event. This enumeration should be kept in [....] with /// the VM enumeration EvidenceType in SecurityPolicy.h. /// internal enum EvidenceTypeGenerated { AssemblySupplied, Gac, Hash, PermissionRequest, Publisher, Site, StrongName, Url, Zone } ////// Factory class which can create evidence on demand for a VM PEFile /// internal sealed class PEFileEvidenceFactory : IRuntimeEvidenceFactory { [System.Security.SecurityCritical /*auto-generated*/] private SafePEFileHandle m_peFile; private Listm_assemblyProvidedEvidence; // Since all three of these evidence objects are generated from the same source data, we'll generate // all three when we're asked for any one of them and save them around in case we're asked for the // others. bool m_generatedLocationEvidence; private Site m_siteEvidence; private Url m_urlEvidence; private Zone m_zoneEvidence; [SecurityCritical] private PEFileEvidenceFactory(SafePEFileHandle peFile) { Contract.Assert(peFile != null && !peFile.IsClosed && !peFile.IsInvalid); m_peFile = peFile; } /// /// PEFile * that we generate evidence for /// internal SafePEFileHandle PEFile { [SecurityCritical] get { return m_peFile; } } ////// Object the supplied evidence is for /// public IEvidenceFactory Target { // Since the CLR does not have a PEFile abstraction and this PEFile may not have an associated // assembly if we're early in runtime startup, there is no valid target object to return here. get { return null; } } ////// Generate an evidence collection the PE file. This is called from the the VM in /// SecurityDescriptor::GetEvidenceForPEFile. /// [SecurityCritical] private static Evidence CreateSecurityIdentity(SafePEFileHandle peFile, Evidence hostProvidedEvidence) { PEFileEvidenceFactory evidenceFactory = new PEFileEvidenceFactory(peFile); Evidence evidence = new Evidence(evidenceFactory); // If the host (caller of Assembly.Load) provided evidence, merge it with the evidence we've just // created. The host evidence takes priority. if (hostProvidedEvidence != null) { evidence.MergeWithNoDuplicates(hostProvidedEvidence); } return evidence; } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void FireEvidenceGeneratedEvent(SafePEFileHandle peFile, EvidenceTypeGenerated type); ////// Fire an ETW event indicating that a piece of evidence has been generated. Evidence that is /// generated in the VM fires this event without a seperate call to this method, however /// evidence types generated in the BCL, such as GacInstalled, need to call this directly. /// [SecuritySafeCritical] internal void FireEvidenceGeneratedEvent(EvidenceTypeGenerated type) { FireEvidenceGeneratedEvent(m_peFile, type); } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetAssemblySuppliedEvidence(SafePEFileHandle peFile, ObjectHandleOnStack retSerializedEvidence); ////// Get any evidence that was serialized into the PE File /// [SecuritySafeCritical] public IEnumerableGetFactorySuppliedEvidence() { if (m_assemblyProvidedEvidence == null) { byte[] serializedEvidence = null; GetAssemblySuppliedEvidence(m_peFile, JitHelpers.GetObjectHandleOnStack(ref serializedEvidence)); m_assemblyProvidedEvidence = new List (); if (serializedEvidence != null) { Evidence deserializedEvidence = new Evidence(); // Partial trust assemblies can provide their own evidence, so make sure that we have // permission to deserialize it new SecurityPermission(SecurityPermissionFlag.SerializationFormatter).Assert(); try { BinaryFormatter formatter = new BinaryFormatter(); using (MemoryStream ms = new MemoryStream(serializedEvidence)) { deserializedEvidence = (Evidence)formatter.Deserialize(ms); } } catch { /* Ignore any errors deserializing */ } CodeAccessPermission.RevertAssert(); // Enumerate the assembly evidence, ignoring any host evidence supplied. Since we // could be loading a Whidbey assembly, we need to use the old GetAssemblyEnumerator // API and deal with objects instead of EvidenceBases. if (deserializedEvidence != null) { IEnumerator enumerator = deserializedEvidence.GetAssemblyEnumerator(); while (enumerator.MoveNext()) { if (enumerator.Current != null) { // If this is a legacy evidence object, we need to wrap it before // returning it. EvidenceBase currentEvidence = enumerator.Current as EvidenceBase; if (currentEvidence == null) { currentEvidence = new LegacyEvidenceWrapper(enumerator.Current); } m_assemblyProvidedEvidence.Add(currentEvidence); } } } } } return m_assemblyProvidedEvidence; } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetLocationEvidence(SafePEFileHandle peFile, [Out] out SecurityZone zone, StringHandleOnStack retUrl); [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetPublisherCertificate(SafePEFileHandle peFile, ObjectHandleOnStack retCertificate); /// /// Called to generate different types of evidence on demand /// public EvidenceBase GenerateEvidence(Type evidenceType) { if (evidenceType == typeof(Site)) { return GenerateSiteEvidence(); } else if (evidenceType == typeof(Url)) { return GenerateUrlEvidence(); } else if (evidenceType == typeof(Zone)) { return GenerateZoneEvidence(); } else if (evidenceType == typeof(Publisher)) { return GeneratePublisherEvidence(); } return null; } ////// Generate Site, Url, and Zone evidence for this file. /// [SecuritySafeCritical] private void GenerateLocationEvidence() { if (!m_generatedLocationEvidence) { SecurityZone securityZone = SecurityZone.NoZone; string url = null; GetLocationEvidence(m_peFile, out securityZone, JitHelpers.GetStringHandleOnStack(ref url)); if (securityZone != SecurityZone.NoZone) { m_zoneEvidence = new Zone(securityZone); } if (!String.IsNullOrEmpty(url)) { m_urlEvidence = new Url(url, true); // We only create site evidence if the URL does not with file: if (!url.StartsWith("file:", StringComparison.OrdinalIgnoreCase)) { m_siteEvidence = Site.CreateFromUrl(url); } } m_generatedLocationEvidence = true; } } ////// Generate evidence for the file's Authenticode signature /// [SecuritySafeCritical] private Publisher GeneratePublisherEvidence() { byte[] certificate = null; GetPublisherCertificate(m_peFile, JitHelpers.GetObjectHandleOnStack(ref certificate)); if (certificate == null) { return null; } return new Publisher(new X509Certificate(certificate)); } ////// Generate evidence for the site this file was loaded from /// private Site GenerateSiteEvidence() { if (m_siteEvidence == null) { GenerateLocationEvidence(); } return m_siteEvidence; } ////// Generate evidence for the URL this file was loaded from /// private Url GenerateUrlEvidence() { if (m_urlEvidence == null) { GenerateLocationEvidence(); } return m_urlEvidence; } ////// Generate evidence for the zone this file was loaded from /// private Zone GenerateZoneEvidence() { if (m_zoneEvidence == null) { GenerateLocationEvidence(); } return m_zoneEvidence; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ToolStripComboBox.cs
- EntityConnection.cs
- EventTrigger.cs
- HScrollProperties.cs
- AcceleratedTokenAuthenticator.cs
- AttachedProperty.cs
- XmlDataProvider.cs
- PerspectiveCamera.cs
- Base64Encoder.cs
- InvariantComparer.cs
- Popup.cs
- ClientSession.cs
- KnownTypeHelper.cs
- TypeInfo.cs
- ExceptionWrapper.cs
- PenThread.cs
- LogExtent.cs
- BlurBitmapEffect.cs
- RolePrincipal.cs
- TransportOutputChannel.cs
- LessThanOrEqual.cs
- Peer.cs
- PersonalizablePropertyEntry.cs
- SystemIPv6InterfaceProperties.cs
- basenumberconverter.cs
- CipherData.cs
- HtmlInputReset.cs
- SqlSelectClauseBuilder.cs
- CodeObjectCreateExpression.cs
- EntityDataSourceWizardForm.cs
- SafeFileMappingHandle.cs
- DataServiceStreamResponse.cs
- XmlSchema.cs
- FixedTextPointer.cs
- SqlCommandBuilder.cs
- MobileFormsAuthentication.cs
- AlternateView.cs
- DoubleIndependentAnimationStorage.cs
- ContextMenuAutomationPeer.cs
- X500Name.cs
- MailMessage.cs
- DescendentsWalkerBase.cs
- RowBinding.cs
- ColumnWidthChangedEvent.cs
- AnimationStorage.cs
- TdsValueSetter.cs
- RightsManagementEncryptionTransform.cs
- ByteAnimationUsingKeyFrames.cs
- XsdDuration.cs
- WindowsScrollBarBits.cs
- TableItemPattern.cs
- DocobjHost.cs
- SQLInt32.cs
- HashSetEqualityComparer.cs
- SqlUtils.cs
- HtmlCommandAdapter.cs
- NegatedConstant.cs
- XmlSchemaSimpleContentRestriction.cs
- SafeFileMappingHandle.cs
- BlobPersonalizationState.cs
- PaperSize.cs
- sqlinternaltransaction.cs
- WebPartCollection.cs
- FaultCallbackWrapper.cs
- SystemIPv4InterfaceProperties.cs
- OperatorExpressions.cs
- HttpCachePolicyElement.cs
- TableItemPattern.cs
- DataGridViewEditingControlShowingEventArgs.cs
- MethodExpr.cs
- DataIdProcessor.cs
- UseAttributeSetsAction.cs
- Model3D.cs
- XPathNodeList.cs
- DragEvent.cs
- CharacterMetrics.cs
- WindowsScrollBar.cs
- CompiledQueryCacheKey.cs
- WorkflowApplication.cs
- MediaPlayer.cs
- ConditionBrowserDialog.cs
- _AutoWebProxyScriptEngine.cs
- HttpModulesSection.cs
- ListViewSortEventArgs.cs
- Clock.cs
- RowCache.cs
- RestHandlerFactory.cs
- TreeViewCancelEvent.cs
- ForceCopyBuildProvider.cs
- StaticDataManager.cs
- DirectionalAction.cs
- UnitySerializationHolder.cs
- SHA384Managed.cs
- Transform3D.cs
- BitmapEffect.cs
- QueryNode.cs
- DataSet.cs
- View.cs
- HostingPreferredMapPath.cs
- CaseStatementSlot.cs