Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / Policy / AssemblyEvidenceFactory.cs / 1305376 / AssemblyEvidenceFactory.cs
// ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== //[....] // using System; using System.Collections.Generic; using System.Diagnostics.Contracts; using System.Reflection; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; using System.Security; using System.Security.Permissions; using Microsoft.Win32.SafeHandles; namespace System.Security.Policy { ////// Factory class which can create evidence on demand for an assembly /// internal sealed class AssemblyEvidenceFactory : IRuntimeEvidenceFactory { private PEFileEvidenceFactory m_peFileFactory; private RuntimeAssembly m_targetAssembly; ////// Create a factory which can generate evidence for the specified assembly /// private AssemblyEvidenceFactory(RuntimeAssembly targetAssembly, PEFileEvidenceFactory peFileFactory) { Contract.Assert(targetAssembly != null); Contract.Assert(peFileFactory != null); m_targetAssembly = targetAssembly; m_peFileFactory = peFileFactory; } ////// PEFile that the assembly is loaded from /// internal SafePEFileHandle PEFile { [SecurityCritical] get { return m_peFileFactory.PEFile; } } ////// Assembly that the evidence generated is for /// public IEvidenceFactory Target { get { return m_targetAssembly; } } ////// Generate a specific type of evidence for this assembly /// public EvidenceBase GenerateEvidence(Type evidenceType) { // Assembly evidence is a superset of the evidence that a PEFile can supply, so first see if the // requested evidence type can be generated by the assembly's PEFile EvidenceBase evidence = m_peFileFactory.GenerateEvidence(evidenceType); if (evidence != null) { return evidence; } // If the PEFile didn't know about this type of evidence, see if it is an evidence type that the // Assembly knows how to generate if (evidenceType == typeof(GacInstalled)) { return GenerateGacEvidence(); } else if (evidenceType == typeof(Hash)) { return GenerateHashEvidence(); } #pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode else if (evidenceType == typeof(PermissionRequestEvidence)) { return GeneratePermissionRequestEvidence(); } #pragma warning restore 618 else if (evidenceType == typeof(StrongName)) { return GenerateStrongNameEvidence(); } return null; } ////// Generate evidence if the assembly is installed in the GAC /// private GacInstalled GenerateGacEvidence() { if (!m_targetAssembly.GlobalAssemblyCache) { return null; } m_peFileFactory.FireEvidenceGeneratedEvent(EvidenceTypeGenerated.Gac); return new GacInstalled(); } ////// Generate evidence for the assembly's hash value /// private Hash GenerateHashEvidence() { if (m_targetAssembly.IsDynamic) { return null; } m_peFileFactory.FireEvidenceGeneratedEvent(EvidenceTypeGenerated.Hash); return new Hash(m_targetAssembly); } #pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode ////// Generate evidence for the assembly's declarative security /// [SecuritySafeCritical] private PermissionRequestEvidence GeneratePermissionRequestEvidence() { Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled); PermissionSet minimumPermissions = null; PermissionSet optionalPermissions = null; PermissionSet refusedPermissions = null; GetAssemblyPermissionRequests(m_targetAssembly.GetNativeHandle(), JitHelpers.GetObjectHandleOnStack(ref minimumPermissions), JitHelpers.GetObjectHandleOnStack(ref optionalPermissions), JitHelpers.GetObjectHandleOnStack(ref refusedPermissions)); if (minimumPermissions != null || optionalPermissions != null || refusedPermissions != null) { return new PermissionRequestEvidence(minimumPermissions, optionalPermissions, refusedPermissions); } return null; } #pragma warning restore 618 ////// Generate evidence for this file's strong name /// [SecuritySafeCritical] private StrongName GenerateStrongNameEvidence() { byte[] publicKeyBlob = null; string simpleName = null; ushort majorVersion = 0; ushort minorVersion = 0; ushort build = 0; ushort revision = 0; GetStrongNameInformation(m_targetAssembly.GetNativeHandle(), JitHelpers.GetObjectHandleOnStack(ref publicKeyBlob), JitHelpers.GetStringHandleOnStack(ref simpleName), out majorVersion, out minorVersion, out build, out revision); if (publicKeyBlob == null || publicKeyBlob.Length == 0) { return null; } return new StrongName(new StrongNamePublicKeyBlob(publicKeyBlob), simpleName, new Version(majorVersion, minorVersion, build, revision), m_targetAssembly); } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetAssemblyPermissionRequests(RuntimeAssembly assembly, ObjectHandleOnStack retMinimumPermissions, ObjectHandleOnStack retOptionalPermissions, ObjectHandleOnStack retRefusedPermissions); ////// Get any evidence that was serialized into the assembly /// public IEnumerableGetFactorySuppliedEvidence() { // The PEFile knows how to read the serialized evidence, so we can just delegate to it return m_peFileFactory.GetFactorySuppliedEvidence(); } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetStrongNameInformation(RuntimeAssembly assembly, ObjectHandleOnStack retPublicKeyBlob, StringHandleOnStack retSimpleName, [Out] out ushort majorVersion, [Out] out ushort minorVersion, [Out] out ushort build, [Out] out ushort revision); /// /// Retarget an evidence object from generating evidence for a PEFile to generating evidence for /// the file's assembly. /// [SecurityCritical] private static Evidence UpgradeSecurityIdentity(Evidence peFileEvidence, RuntimeAssembly targetAssembly) { Contract.Assert(peFileEvidence != null); Contract.Assert(targetAssembly != null); Contract.Assert(peFileEvidence.Target is PEFileEvidenceFactory, "Expected upgrade path is from PEFile to Assembly"); peFileEvidence.Target = new AssemblyEvidenceFactory(targetAssembly, peFileEvidence.Target as PEFileEvidenceFactory); // Whidbey hosts would provide evidence for assemblies up front rather than on demand. If there // is a HostSecurityManager which does want to provide evidence, then we should provide it the // opprotunity to do the same for compatibility. HostSecurityManager securityManager = AppDomain.CurrentDomain.HostSecurityManager; if ((securityManager.Flags & HostSecurityManagerOptions.HostAssemblyEvidence) == HostSecurityManagerOptions.HostAssemblyEvidence) { peFileEvidence = securityManager.ProvideAssemblyEvidence(targetAssembly, peFileEvidence); if (peFileEvidence == null) { throw new InvalidOperationException(Environment.GetResourceString("Policy_NullHostEvidence", securityManager.GetType().FullName, targetAssembly.FullName)); } } return peFileEvidence; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== //[....] // using System; using System.Collections.Generic; using System.Diagnostics.Contracts; using System.Reflection; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; using System.Security; using System.Security.Permissions; using Microsoft.Win32.SafeHandles; namespace System.Security.Policy { ////// Factory class which can create evidence on demand for an assembly /// internal sealed class AssemblyEvidenceFactory : IRuntimeEvidenceFactory { private PEFileEvidenceFactory m_peFileFactory; private RuntimeAssembly m_targetAssembly; ////// Create a factory which can generate evidence for the specified assembly /// private AssemblyEvidenceFactory(RuntimeAssembly targetAssembly, PEFileEvidenceFactory peFileFactory) { Contract.Assert(targetAssembly != null); Contract.Assert(peFileFactory != null); m_targetAssembly = targetAssembly; m_peFileFactory = peFileFactory; } ////// PEFile that the assembly is loaded from /// internal SafePEFileHandle PEFile { [SecurityCritical] get { return m_peFileFactory.PEFile; } } ////// Assembly that the evidence generated is for /// public IEvidenceFactory Target { get { return m_targetAssembly; } } ////// Generate a specific type of evidence for this assembly /// public EvidenceBase GenerateEvidence(Type evidenceType) { // Assembly evidence is a superset of the evidence that a PEFile can supply, so first see if the // requested evidence type can be generated by the assembly's PEFile EvidenceBase evidence = m_peFileFactory.GenerateEvidence(evidenceType); if (evidence != null) { return evidence; } // If the PEFile didn't know about this type of evidence, see if it is an evidence type that the // Assembly knows how to generate if (evidenceType == typeof(GacInstalled)) { return GenerateGacEvidence(); } else if (evidenceType == typeof(Hash)) { return GenerateHashEvidence(); } #pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode else if (evidenceType == typeof(PermissionRequestEvidence)) { return GeneratePermissionRequestEvidence(); } #pragma warning restore 618 else if (evidenceType == typeof(StrongName)) { return GenerateStrongNameEvidence(); } return null; } ////// Generate evidence if the assembly is installed in the GAC /// private GacInstalled GenerateGacEvidence() { if (!m_targetAssembly.GlobalAssemblyCache) { return null; } m_peFileFactory.FireEvidenceGeneratedEvent(EvidenceTypeGenerated.Gac); return new GacInstalled(); } ////// Generate evidence for the assembly's hash value /// private Hash GenerateHashEvidence() { if (m_targetAssembly.IsDynamic) { return null; } m_peFileFactory.FireEvidenceGeneratedEvent(EvidenceTypeGenerated.Hash); return new Hash(m_targetAssembly); } #pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode ////// Generate evidence for the assembly's declarative security /// [SecuritySafeCritical] private PermissionRequestEvidence GeneratePermissionRequestEvidence() { Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled); PermissionSet minimumPermissions = null; PermissionSet optionalPermissions = null; PermissionSet refusedPermissions = null; GetAssemblyPermissionRequests(m_targetAssembly.GetNativeHandle(), JitHelpers.GetObjectHandleOnStack(ref minimumPermissions), JitHelpers.GetObjectHandleOnStack(ref optionalPermissions), JitHelpers.GetObjectHandleOnStack(ref refusedPermissions)); if (minimumPermissions != null || optionalPermissions != null || refusedPermissions != null) { return new PermissionRequestEvidence(minimumPermissions, optionalPermissions, refusedPermissions); } return null; } #pragma warning restore 618 ////// Generate evidence for this file's strong name /// [SecuritySafeCritical] private StrongName GenerateStrongNameEvidence() { byte[] publicKeyBlob = null; string simpleName = null; ushort majorVersion = 0; ushort minorVersion = 0; ushort build = 0; ushort revision = 0; GetStrongNameInformation(m_targetAssembly.GetNativeHandle(), JitHelpers.GetObjectHandleOnStack(ref publicKeyBlob), JitHelpers.GetStringHandleOnStack(ref simpleName), out majorVersion, out minorVersion, out build, out revision); if (publicKeyBlob == null || publicKeyBlob.Length == 0) { return null; } return new StrongName(new StrongNamePublicKeyBlob(publicKeyBlob), simpleName, new Version(majorVersion, minorVersion, build, revision), m_targetAssembly); } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetAssemblyPermissionRequests(RuntimeAssembly assembly, ObjectHandleOnStack retMinimumPermissions, ObjectHandleOnStack retOptionalPermissions, ObjectHandleOnStack retRefusedPermissions); ////// Get any evidence that was serialized into the assembly /// public IEnumerableGetFactorySuppliedEvidence() { // The PEFile knows how to read the serialized evidence, so we can just delegate to it return m_peFileFactory.GetFactorySuppliedEvidence(); } [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] [SecurityCritical] [SuppressUnmanagedCodeSecurity] private static extern void GetStrongNameInformation(RuntimeAssembly assembly, ObjectHandleOnStack retPublicKeyBlob, StringHandleOnStack retSimpleName, [Out] out ushort majorVersion, [Out] out ushort minorVersion, [Out] out ushort build, [Out] out ushort revision); /// /// Retarget an evidence object from generating evidence for a PEFile to generating evidence for /// the file's assembly. /// [SecurityCritical] private static Evidence UpgradeSecurityIdentity(Evidence peFileEvidence, RuntimeAssembly targetAssembly) { Contract.Assert(peFileEvidence != null); Contract.Assert(targetAssembly != null); Contract.Assert(peFileEvidence.Target is PEFileEvidenceFactory, "Expected upgrade path is from PEFile to Assembly"); peFileEvidence.Target = new AssemblyEvidenceFactory(targetAssembly, peFileEvidence.Target as PEFileEvidenceFactory); // Whidbey hosts would provide evidence for assemblies up front rather than on demand. If there // is a HostSecurityManager which does want to provide evidence, then we should provide it the // opprotunity to do the same for compatibility. HostSecurityManager securityManager = AppDomain.CurrentDomain.HostSecurityManager; if ((securityManager.Flags & HostSecurityManagerOptions.HostAssemblyEvidence) == HostSecurityManagerOptions.HostAssemblyEvidence) { peFileEvidence = securityManager.ProvideAssemblyEvidence(targetAssembly, peFileEvidence); if (peFileEvidence == null) { throw new InvalidOperationException(Environment.GetResourceString("Policy_NullHostEvidence", securityManager.GetType().FullName, targetAssembly.FullName)); } } return peFileEvidence; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ProcessRequestArgs.cs
- MissingFieldException.cs
- StandardCommands.cs
- DataSourceHelper.cs
- CompositeDesignerAccessibleObject.cs
- TimerElapsedEvenArgs.cs
- DateTimeStorage.cs
- ZipIOExtraFieldElement.cs
- AccessDataSourceView.cs
- Crc32.cs
- MouseEvent.cs
- PrintDocument.cs
- RootProfilePropertySettingsCollection.cs
- SafeProcessHandle.cs
- COM2TypeInfoProcessor.cs
- UserControlBuildProvider.cs
- InternalSafeNativeMethods.cs
- InvalidCastException.cs
- ToolTip.cs
- SHA512Managed.cs
- BaseTemplateBuildProvider.cs
- WebEventCodes.cs
- NeedSkipTokenVisitor.cs
- DataListAutoFormat.cs
- AssemblyFilter.cs
- VersionedStreamOwner.cs
- DelegateHelpers.cs
- StylusCaptureWithinProperty.cs
- Html32TextWriter.cs
- ComplexType.cs
- TreeNode.cs
- AjaxFrameworkAssemblyAttribute.cs
- SrgsRuleRef.cs
- MergeLocalizationDirectives.cs
- AlternationConverter.cs
- Utils.cs
- BoundPropertyEntry.cs
- _NTAuthentication.cs
- GridPattern.cs
- NavigationWindow.cs
- MaskedTextBox.cs
- SqlCacheDependency.cs
- DiagnosticTraceSource.cs
- CreateUserErrorEventArgs.cs
- DocumentViewerBase.cs
- XsltSettings.cs
- SqlWebEventProvider.cs
- MetadataCache.cs
- FamilyMapCollection.cs
- CanonicalXml.cs
- MarkupCompilePass1.cs
- OperationParameterInfoCollection.cs
- ConnectionPoint.cs
- GuidTagList.cs
- TextRunCacheImp.cs
- EmptyStringExpandableObjectConverter.cs
- HandlerBase.cs
- NativeStructs.cs
- GridItemPatternIdentifiers.cs
- RawMouseInputReport.cs
- ClientRoleProvider.cs
- MeasureData.cs
- SetterBaseCollection.cs
- webproxy.cs
- CodeValidator.cs
- InstanceDescriptor.cs
- XmlDataSource.cs
- AsymmetricSignatureDeformatter.cs
- InkCanvasFeedbackAdorner.cs
- MimeTypePropertyAttribute.cs
- SafeMILHandle.cs
- ToolStripSeparatorRenderEventArgs.cs
- XmlSchemaAttributeGroup.cs
- SpecularMaterial.cs
- Cursor.cs
- DoubleLink.cs
- XmlCodeExporter.cs
- PathParser.cs
- StaticFileHandler.cs
- ProxyManager.cs
- xmlsaver.cs
- WebPartEditorOkVerb.cs
- BrowserDefinitionCollection.cs
- TablePattern.cs
- GeometryDrawing.cs
- TraversalRequest.cs
- StateBag.cs
- DataControlLinkButton.cs
- SchemaContext.cs
- ViewCellRelation.cs
- PassportAuthenticationEventArgs.cs
- UpWmlMobileTextWriter.cs
- ConfigurationStrings.cs
- TypedReference.cs
- ColorContext.cs
- DataTemplate.cs
- ComponentTray.cs
- SystemMulticastIPAddressInformation.cs
- SafeCryptoHandles.cs
- XPathNodePointer.cs