diff options
Diffstat (limited to 'src/mscorlib/src/System/Security/Policy')
13 files changed, 0 insertions, 1355 deletions
diff --git a/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs b/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs deleted file mode 100644 index 3d4e35adf4..0000000000 --- a/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs +++ /dev/null @@ -1,126 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// -// This class encapsulates security decisions about an application. -// - -namespace System.Security.Policy -{ - using System.Collections; - using System.Collections.Generic; - using System.Globalization; - using System.IO; - using System.Runtime.InteropServices; -#if FEATURE_SERIALIZATION - using System.Runtime.Serialization; - using System.Runtime.Serialization.Formatters.Binary; -#endif // FEATURE_SERIALIZATION - using System.Runtime.Versioning; - using System.Security.Permissions; - using System.Security.Util; - using System.Text; - using System.Threading; - using System.Diagnostics.Contracts; - - [System.Runtime.InteropServices.ComVisible(true)] - public enum ApplicationVersionMatch { - MatchExactVersion, - MatchAllVersions - } - - [System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - public sealed class ApplicationTrust : EvidenceBase, ISecurityEncodable - { - private PolicyStatement m_psDefaultGrant; - private IList<StrongName> m_fullTrustAssemblies; - - // Permission special flags for the default grant set in this ApplicationTrust. This should be - // updated in sync with any updates to the default grant set. - // - // In the general case, these values cannot be trusted - we only store a reference to the - // DefaultGrantSet, and return the reference directly, which means that code can update the - // permission set without our knowledge. That would lead to the flags getting out of sync with the - // grant set. - // - // However, we only care about these flags when we're creating a homogenous AppDomain, and in that - // case we control the ApplicationTrust object end-to-end, and know that the permission set will not - // change after the flags are calculated. - [NonSerialized] - private int m_grantSetSpecialFlags; - - public ApplicationTrust () : this (new PermissionSet(PermissionState.None)) - { - } - - internal ApplicationTrust (PermissionSet defaultGrantSet) - { - InitDefaultGrantSet(defaultGrantSet); - - m_fullTrustAssemblies = new List<StrongName>().AsReadOnly(); - } - - public ApplicationTrust(PermissionSet defaultGrantSet, IEnumerable<StrongName> fullTrustAssemblies) { - if (fullTrustAssemblies == null) { - throw new ArgumentNullException(nameof(fullTrustAssemblies)); - } - - InitDefaultGrantSet(defaultGrantSet); - - List<StrongName> fullTrustList = new List<StrongName>(); - foreach (StrongName strongName in fullTrustAssemblies) { - if (strongName == null) { - throw new ArgumentException(Environment.GetResourceString("Argument_NullFullTrustAssembly"), nameof(fullTrustAssemblies)); - } - - fullTrustList.Add(new StrongName(strongName.PublicKey, strongName.Name, strongName.Version)); - } - - m_fullTrustAssemblies = fullTrustList.AsReadOnly(); - } - - // Sets up the default grant set for all constructors. Extracted to avoid the cost of - // IEnumerable virtual dispatches on startup when there are no fullTrustAssemblies (CoreCLR) - private void InitDefaultGrantSet(PermissionSet defaultGrantSet) { - if (defaultGrantSet == null) { - throw new ArgumentNullException(nameof(defaultGrantSet)); - } - - // Creating a PolicyStatement copies the incoming permission set, so we don't have to worry - // about the PermissionSet parameter changing underneath us after we've calculated the - // permisison flags in the DefaultGrantSet setter. - DefaultGrantSet = new PolicyStatement(defaultGrantSet); - } - - public PolicyStatement DefaultGrantSet { - get { - if (m_psDefaultGrant == null) - return new PolicyStatement(new PermissionSet(PermissionState.None)); - return m_psDefaultGrant; - } - set { - if (value == null) { - m_psDefaultGrant = null; - m_grantSetSpecialFlags = 0; - } - else { - m_psDefaultGrant = value; - m_grantSetSpecialFlags = SecurityManager.GetSpecialFlags(m_psDefaultGrant.PermissionSet, null); - } - } - } - - public IList<StrongName> FullTrustAssemblies { - get { - return m_fullTrustAssemblies; - } - } - - public override EvidenceBase Clone() - { - return base.Clone(); - } - } -} diff --git a/src/mscorlib/src/System/Security/Policy/Evidence.cs b/src/mscorlib/src/System/Security/Policy/Evidence.cs deleted file mode 100644 index 22479dff6c..0000000000 --- a/src/mscorlib/src/System/Security/Policy/Evidence.cs +++ /dev/null @@ -1,38 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Policy -{ - using System.Runtime.InteropServices; -#if FEATURE_SERIALIZATION - using System.Runtime.Serialization; - using System.Runtime.Serialization.Formatters.Binary; -#endif // FEATURE_SERIALIZATION - - /// <summary> - /// The Evidence class keeps track of information that can be used to make security decisions about - /// an assembly or an AppDomain. There are two types of evidence, one is supplied by the CLR or a - /// host, the other supplied by the assembly itself. - /// - /// We keep a dictionary that maps each type of possbile evidence to an EvidenceTypeDescriptor which - /// contains the evidence objects themselves if they exist as well as some extra metadata about that - /// type of evidence. This dictionary is fully populated with keys for host evidence at all times and - /// for assembly evidence the first time the application evidence is touched. This means that if a - /// Type key does not exist in the dictionary, then that particular type of evidence will never be - /// given to the assembly or AppDomain in question as host evidence. The only exception is if the - /// user later manually adds host evidence via the AddHostEvidence API. - /// - /// Assembly supplied evidence is created up front, however host supplied evidence may be lazily - /// created. In the lazy creation case, the Type will map to either an EvidenceTypeDescriptor that does - /// not contain any evidence data or null. As requests come in for that evidence, we'll populate the - /// EvidenceTypeDescriptor appropriately. - /// </summary> -#if FEATURE_SERIALIZATION - [Serializable] -#endif - [ComVisible(true)] - public sealed class Evidence - { - } -} diff --git a/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs b/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs deleted file mode 100644 index 7fef1ded3c..0000000000 --- a/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs +++ /dev/null @@ -1,178 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// - -using System; -using System.Collections; -using System.Collections.Generic; -using System.Diagnostics; -using System.Diagnostics.Contracts; -using System.IO; -using System.Runtime.InteropServices; -#if FEATURE_SERIALIZATION -using System.Runtime.Serialization.Formatters.Binary; -#endif // FEATURE_SERIALIZATION -using System.Security.Permissions; - -namespace System.Security.Policy -{ - /// <summary> - /// Base class from which all objects to be used as Evidence must derive - /// </summary> - [ComVisible(true)] - [Serializable] - public abstract class EvidenceBase - { - protected EvidenceBase() - { -#if FEATURE_SERIALIZATION - // All objects to be used as evidence must be serializable. Make sure that any derived types - // are marked serializable to enforce this, since the attribute does not inherit down to derived - // classes. - if (!GetType().IsSerializable) - { - throw new InvalidOperationException(Environment.GetResourceString("Policy_EvidenceMustBeSerializable")); - } -#endif // FEATURE_SERIALIZATION - } - - /// <remarks> - /// Since legacy evidence objects would be cloned by being serialized, the default implementation - /// of EvidenceBase will do the same. - /// </remarks> - public virtual EvidenceBase Clone() - { -#if FEATURE_SERIALIZATION - using (MemoryStream memoryStream = new MemoryStream()) - { - BinaryFormatter formatter = new BinaryFormatter(); - formatter.Serialize(memoryStream, this); - - memoryStream.Position = 0; - return formatter.Deserialize(memoryStream) as EvidenceBase; - } -#else // !FEATURE_SERIALIZATION - throw new NotImplementedException(); -#endif // FEATURE_SERIALIZATION - } - } - - /// <summary> - /// Interface for types which wrap Whidbey evidence objects for compatibility with v4 evidence rules - /// </summary> - internal interface ILegacyEvidenceAdapter - { - object EvidenceObject { get; } - Type EvidenceType { get; } - } - - /// <summary> - /// Wrapper class to hold legacy evidence objects which do not derive from EvidenceBase, and allow - /// them to be held in the Evidence collection which expects to maintain lists of EvidenceBase only - /// </summary> - [Serializable] - internal sealed class LegacyEvidenceWrapper : EvidenceBase, ILegacyEvidenceAdapter - { - private object m_legacyEvidence; - - internal LegacyEvidenceWrapper(object legacyEvidence) - { - Debug.Assert(legacyEvidence != null); - Debug.Assert(legacyEvidence.GetType() != typeof(EvidenceBase), "Attempt to wrap an EvidenceBase in a LegacyEvidenceWrapper"); - Debug.Assert(legacyEvidence.GetType().IsSerializable, "legacyEvidence.GetType().IsSerializable"); - - m_legacyEvidence = legacyEvidence; - } - - public object EvidenceObject - { - get { return m_legacyEvidence; } - } - - public Type EvidenceType - { - get { return m_legacyEvidence.GetType(); } - } - - public override bool Equals(object obj) - { - return m_legacyEvidence.Equals(obj); - } - - public override int GetHashCode() - { - return m_legacyEvidence.GetHashCode(); - } - - public override EvidenceBase Clone() - { - return base.Clone(); - } - } - - /// <summary> - /// Pre-v4 versions of the runtime allow multiple pieces of evidence that all have the same type. - /// This type wraps those evidence objects into a single type of list, allowing legacy code to continue - /// to work with the Evidence collection that does not expect multiple evidences of the same type. - /// - /// This may not be limited to LegacyEvidenceWrappers, since it's valid for legacy code to add multiple - /// objects of built-in evidence to an Evidence collection. The built-in evidence now derives from - /// EvienceObject, so when the legacy code runs on v4, it may end up attempting to add multiple - /// Hash evidences for intsance. - /// </summary> - [Serializable] - internal sealed class LegacyEvidenceList : EvidenceBase, IEnumerable<EvidenceBase>, ILegacyEvidenceAdapter - { - private List<EvidenceBase> m_legacyEvidenceList = new List<EvidenceBase>(); - - public object EvidenceObject - { - get - { - // We'll choose the first item in the list to represent us if we're forced to return only - // one object. This can occur if multiple pieces of evidence are added via the legacy APIs, - // and then the new APIs are used to retrieve that evidence. - return m_legacyEvidenceList.Count > 0 ? m_legacyEvidenceList[0] : null; - } - } - - public Type EvidenceType - { - get - { - Debug.Assert(m_legacyEvidenceList.Count > 0, "No items in LegacyEvidenceList, cannot tell what type they are"); - - ILegacyEvidenceAdapter adapter = m_legacyEvidenceList[0] as ILegacyEvidenceAdapter; - return adapter == null ? m_legacyEvidenceList[0].GetType() : adapter.EvidenceType; - } - } - - public void Add(EvidenceBase evidence) - { - Debug.Assert(evidence != null); - Debug.Assert(m_legacyEvidenceList.Count == 0 || EvidenceType == evidence.GetType() || (evidence is LegacyEvidenceWrapper && (evidence as LegacyEvidenceWrapper).EvidenceType == EvidenceType), - "LegacyEvidenceList must be homogeonous"); - Debug.Assert(evidence.GetType() != typeof(LegacyEvidenceList), - "Attempt to add a legacy evidence list to another legacy evidence list"); - - m_legacyEvidenceList.Add(evidence); - } - - public IEnumerator<EvidenceBase> GetEnumerator() - { - return m_legacyEvidenceList.GetEnumerator(); - } - - IEnumerator System.Collections.IEnumerable.GetEnumerator() - { - return m_legacyEvidenceList.GetEnumerator(); - } - - public override EvidenceBase Clone() - { - return base.Clone(); - } - } -} diff --git a/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs b/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs deleted file mode 100644 index 8deb145102..0000000000 --- a/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs +++ /dev/null @@ -1,160 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. -using System; -using System.Diagnostics; -using System.Diagnostics.Contracts; -using System.Runtime.Serialization; - -namespace System.Security.Policy -{ - /// <summary> - /// Descriptor stored in the Evidence collection to detail the information we have about a type of - /// evidence. This descriptor also stores any evidence that's been generated of the specific type. - /// </summary> - [Serializable] - internal sealed class EvidenceTypeDescriptor - { - [NonSerialized] - private bool m_hostCanGenerate; - - [NonSerialized] - private bool m_generated; - - private EvidenceBase m_hostEvidence; - private EvidenceBase m_assemblyEvidence; - - // EvidenceTypeDescriptors are stored in Evidence indexed by the type they describe, so this - // information is redundant. We keep it around in checked builds to help debugging, but we can drop - // it from retial builds. -#if _DEBUG - [NonSerialized] - private Type m_evidenceType; -#endif // _DEBUG - - public EvidenceTypeDescriptor() - { - } - - /// <summary> - /// Make a deep copy of a type descriptor - /// </summary> - private EvidenceTypeDescriptor(EvidenceTypeDescriptor descriptor) - { - Debug.Assert(descriptor != null); - - m_hostCanGenerate = descriptor.m_hostCanGenerate; - - if (descriptor.m_assemblyEvidence != null) - { - m_assemblyEvidence = descriptor.m_assemblyEvidence.Clone() as EvidenceBase; - } - if (descriptor.m_hostEvidence != null) - { - m_hostEvidence = descriptor.m_hostEvidence.Clone() as EvidenceBase; - } - -#if _DEBUG - m_evidenceType = descriptor.m_evidenceType; -#endif // _DEBUG - } - - /// <summary> - /// Evidence of this type supplied by the assembly - /// </summary> - public EvidenceBase AssemblyEvidence - { - get { return m_assemblyEvidence; } - - set - { - Debug.Assert(value != null); -#if _DEBUG - Debug.Assert(CheckEvidenceType(value), "Incorrect type of AssemblyEvidence set"); -#endif - m_assemblyEvidence = value; - } - } - - /// <summary> - /// Flag indicating that we've already attempted to generate this type of evidence - /// </summary> - public bool Generated - { - get { return m_generated; } - - set - { - Debug.Assert(value, "Attempt to clear the Generated flag"); - m_generated = value; - } - } - - /// <summary> - /// Has the HostSecurityManager has told us that it can potentially generate evidence of this type - /// </summary> - public bool HostCanGenerate - { - get { return m_hostCanGenerate; } - - set - { - Debug.Assert(value, "Attempt to clear HostCanGenerate flag"); - m_hostCanGenerate = value; - } - } - - /// <summary> - /// Evidence of this type supplied by the CLR or the host - /// </summary> - public EvidenceBase HostEvidence - { - get { return m_hostEvidence; } - - set - { - Debug.Assert(value != null); -#if _DEBUG - Debug.Assert(CheckEvidenceType(value), "Incorrect type of HostEvidence set"); -#endif - m_hostEvidence = value; - } - } - -#if _DEBUG - /// <summary> - /// Verify that evidence being stored in this descriptor is of the correct type - /// </summary> - private bool CheckEvidenceType(EvidenceBase evidence) - { - Debug.Assert(evidence != null); - - ILegacyEvidenceAdapter legacyAdapter = evidence as ILegacyEvidenceAdapter; - Type storedType = legacyAdapter == null ? evidence.GetType() : legacyAdapter.EvidenceType; - - return m_evidenceType == null || m_evidenceType.IsAssignableFrom(storedType); - } -#endif // _DEBUG - - /// <summary> - /// Make a deep copy of this descriptor - /// </summary> - public EvidenceTypeDescriptor Clone() - { - return new EvidenceTypeDescriptor(this); - } - -#if _DEBUG - /// <summary> - /// Set the type that this evidence descriptor refers to. - /// </summary> - internal void SetEvidenceType(Type evidenceType) - { - Debug.Assert(evidenceType != null); - Debug.Assert(m_evidenceType == null, "Attempt to reset evidence type"); - - m_evidenceType = evidenceType; - } -#endif // _DEBUG - } -} diff --git a/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs b/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs deleted file mode 100644 index 8f8c07c9e4..0000000000 --- a/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs +++ /dev/null @@ -1,34 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - - -namespace System.Security.Policy { - /// <summary> - /// Interface for evidence objects that support being "unverified". For instance, StrongName - /// evidence for a strong name signature which was not yet verified. This interface is used to - /// keep track of weather or not the evidence object was needed to compute a grant set. If it was, - /// then we can force verificaiton of the evidence object -- if not we can save time by not doing - /// any verification on it. (Since we didn't use it for policy resolution, it wouldn't have - /// mattered if the evidence was not present in the first place). - /// </summary> - internal interface IDelayEvaluatedEvidence { - /// <summary> - /// Is this evidence object verified yet? - /// </summary> - bool IsVerified - { - get; - } - - /// <summary> - /// Was this evidence object used during the course of policy evaluation? - /// </summary> - bool WasUsed { get; } - - /// <summary> - /// Mark the object as used - /// </summary> - void MarkUsed(); - } -} diff --git a/src/mscorlib/src/System/Security/Policy/IIdentityPermissionFactory.cs b/src/mscorlib/src/System/Security/Policy/IIdentityPermissionFactory.cs deleted file mode 100644 index a46f39602d..0000000000 --- a/src/mscorlib/src/System/Security/Policy/IIdentityPermissionFactory.cs +++ /dev/null @@ -1,20 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// -// -// All Identities will implement this interface. -// - -namespace System.Security.Policy { - using System.Runtime.Remoting; - using System; - using System.Security.Util; -[System.Runtime.InteropServices.ComVisible(true)] - public interface IIdentityPermissionFactory - { - IPermission CreateIdentityPermission( Evidence evidence ); - } - -} diff --git a/src/mscorlib/src/System/Security/Policy/IRuntimeEvidenceFactory.cs b/src/mscorlib/src/System/Security/Policy/IRuntimeEvidenceFactory.cs deleted file mode 100644 index 98467fe367..0000000000 --- a/src/mscorlib/src/System/Security/Policy/IRuntimeEvidenceFactory.cs +++ /dev/null @@ -1,36 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// - -using System; -using System.Collections.Generic; - -namespace System.Security.Policy -{ - /// <summary> - /// IRuntimeEvidenceFactory is implemented by runtime types which the CLR knows how to delay - /// generate evidence for. It is used by the Evidence class to get evidence on demand when we first - /// need it. - /// </summary> - internal interface IRuntimeEvidenceFactory - { - /// <summary> - /// Object which the evidence generated by this factory is used for - /// </summary> - IEvidenceFactory Target { get; } - - /// <summary> - /// Get the collection of evidence objects supplied by the factory itself, rather than by the - /// runtime. - /// </summary> - IEnumerable<EvidenceBase> GetFactorySuppliedEvidence(); - - /// <summary> - /// Generate a specific type of evidence for this object, returning null if the specified type of - /// evidence cannot be generated. - /// </summary> - EvidenceBase GenerateEvidence(Type evidenceType); - } -} diff --git a/src/mscorlib/src/System/Security/Policy/PolicyException.cs b/src/mscorlib/src/System/Security/Policy/PolicyException.cs deleted file mode 100644 index 68e87f780d..0000000000 --- a/src/mscorlib/src/System/Security/Policy/PolicyException.cs +++ /dev/null @@ -1,50 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// -// -// Use this class to throw a PolicyException -// - -namespace System.Security.Policy { - - using System; - using System.Runtime.Serialization; - [Serializable] -[System.Runtime.InteropServices.ComVisible(true)] - public class PolicyException : SystemException - { - public PolicyException() - - : base(Environment.GetResourceString( "Policy_Default" )) { - HResult = __HResults.CORSEC_E_POLICY_EXCEPTION; - } - - public PolicyException(String message) - - : base(message) { - HResult = __HResults.CORSEC_E_POLICY_EXCEPTION; - } - - public PolicyException(String message, Exception exception) - - : base(message, exception) { - HResult = __HResults.CORSEC_E_POLICY_EXCEPTION; - } - - protected PolicyException(SerializationInfo info, StreamingContext context) : base (info, context) {} - - internal PolicyException(String message, int hresult) : base (message) - { - HResult = hresult; - } - - internal PolicyException(String message, int hresult, Exception exception) : base (message, exception) - { - HResult = hresult; - } - - } - -} diff --git a/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs b/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs deleted file mode 100644 index 9b58ece9f1..0000000000 --- a/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs +++ /dev/null @@ -1,246 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// -// Represents the policy associated with some piece of evidence -// -using System.Diagnostics.Contracts; -namespace System.Security.Policy { - - using System; - using System.Security; - using System.Security.Util; - using Math = System.Math; - using System.Collections; - using System.Collections.Generic; - using System.Security.Permissions; - using System.Text; - using System.Globalization; -[Serializable] - [Flags] -[System.Runtime.InteropServices.ComVisible(true)] - public enum PolicyStatementAttribute - { - Nothing = 0x0, - Exclusive = 0x01, - LevelFinal = 0x02, - All = 0x03, - } - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - sealed public class PolicyStatement : ISecurityPolicyEncodable, ISecurityEncodable - { - // The PermissionSet associated with this policy - internal PermissionSet m_permSet; - - // The bitfield of inheritance properties associated with this policy - internal PolicyStatementAttribute m_attributes; - - internal PolicyStatement() - { - m_permSet = null; - m_attributes = PolicyStatementAttribute.Nothing; - } - - public PolicyStatement( PermissionSet permSet ) - : this( permSet, PolicyStatementAttribute.Nothing ) - { - } - - public PolicyStatement( PermissionSet permSet, PolicyStatementAttribute attributes ) - { - if (permSet == null) - { - m_permSet = new PermissionSet( false ); - } - else - { - m_permSet = permSet.Copy(); - } - if (ValidProperties( attributes )) - { - m_attributes = attributes; - } - } - - private PolicyStatement( PermissionSet permSet, PolicyStatementAttribute attributes, bool copy ) - { - if (permSet != null) - { - if (copy) - m_permSet = permSet.Copy(); - else - m_permSet = permSet; - } - else - { - m_permSet = new PermissionSet( false ); - } - - m_attributes = attributes; - } - - public PermissionSet PermissionSet - { - get - { - lock (this) - { - return m_permSet.Copy(); - } - } - - set - { - lock (this) - { - if (value == null) - { - m_permSet = new PermissionSet( false ); - } - else - { - m_permSet = value.Copy(); - } - } - } - } - - internal void SetPermissionSetNoCopy( PermissionSet permSet ) - { - m_permSet = permSet; - } - - internal PermissionSet GetPermissionSetNoCopy() - { - lock (this) - { - return m_permSet; - } - } - - public PolicyStatementAttribute Attributes - { - get - { - return m_attributes; - } - - set - { - if (ValidProperties( value )) - { - m_attributes = value; - } - } - } - - public PolicyStatement Copy() - { - // The PolicyStatement .ctor will copy the permission set - return new PolicyStatement(m_permSet, Attributes, true); - } - - public String AttributeString - { - get - { - StringBuilder sb = new StringBuilder(); - - bool first = true; - - if (GetFlag((int) PolicyStatementAttribute.Exclusive )) - { - sb.Append( "Exclusive" ); - first = false; - } - if (GetFlag((int) PolicyStatementAttribute.LevelFinal )) - { - if (!first) - sb.Append( " " ); - sb.Append( "LevelFinal" ); - } - - return sb.ToString(); - } - } - - private static bool ValidProperties( PolicyStatementAttribute attributes ) - { - if ((attributes & ~(PolicyStatementAttribute.All)) == 0) - { - return true; - } - else - { - throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidFlag" ) ); - } - } - - private bool GetFlag( int flag ) - { - return (flag & (int)m_attributes) != 0; - } - - /// <summary> - /// Union a child policy statement into this policy statement - /// </summary> - internal void InplaceUnion(PolicyStatement childPolicy) - { - BCLDebug.Assert(childPolicy != null, "childPolicy != null"); - - if (((Attributes & childPolicy.Attributes) & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive) - { - throw new PolicyException(Environment.GetResourceString( "Policy_MultipleExclusive" )); - } - - // We need to merge together our grant set and attributes. The result of this merge is - // dependent upon if we're merging a child marked exclusive or not. If the child is not - // exclusive, we need to union in its grant set and or in its attributes. However, if the child - // is exclusive then it is the only code group which should have an effect on the resulting - // grant set and therefore our grant should be ignored. - if ((childPolicy.Attributes & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive) - { - m_permSet = childPolicy.GetPermissionSetNoCopy(); - Attributes = childPolicy.Attributes; - } - else - { - m_permSet.InplaceUnion(childPolicy.GetPermissionSetNoCopy()); - Attributes = Attributes | childPolicy.Attributes; - } - } - - [System.Runtime.InteropServices.ComVisible(false)] - public override bool Equals( Object obj ) - { - PolicyStatement other = obj as PolicyStatement; - - if (other == null) - return false; - - if (this.m_attributes != other.m_attributes) - return false; - - if (!Object.Equals( this.m_permSet, other.m_permSet )) - return false; - - return true; - } - - [System.Runtime.InteropServices.ComVisible(false)] - public override int GetHashCode() - { - int accumulator = (int)this.m_attributes; - - if (m_permSet != null) - accumulator = accumulator ^ m_permSet.GetHashCode(); - - return accumulator; - } - - } -} - diff --git a/src/mscorlib/src/System/Security/Policy/Site.cs b/src/mscorlib/src/System/Security/Policy/Site.cs deleted file mode 100644 index 14a95e1666..0000000000 --- a/src/mscorlib/src/System/Security/Policy/Site.cs +++ /dev/null @@ -1,105 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// - -// -// -// Site is an IIdentity representing internet sites. -// - -using System; -using System.Diagnostics; -using System.Diagnostics.Contracts; -using System.Globalization; -using System.Security.Permissions; -using System.Security.Util; - -namespace System.Security.Policy -{ - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class Site : EvidenceBase, IIdentityPermissionFactory - { - private SiteString m_name; - - public Site(String name) - { - if (name == null) - throw new ArgumentNullException(nameof(name)); - Contract.EndContractBlock(); - - m_name = new SiteString( name ); - } - - private Site(SiteString name) - { - Debug.Assert(name != null); - m_name = name; - } - - public static Site CreateFromUrl( String url ) - { - return new Site(ParseSiteFromUrl(url)); - } - - private static SiteString ParseSiteFromUrl( String name ) - { - URLString urlString = new URLString( name ); - - if (String.Compare( urlString.Scheme, "file", StringComparison.OrdinalIgnoreCase) == 0) - throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidSite" ) ); - - return new SiteString( new URLString( name ).Host ); - } - - public String Name - { - get { return m_name.ToString(); } - } - - internal SiteString GetSiteString() - { - return m_name; - } - - public IPermission CreateIdentityPermission( Evidence evidence ) - { - return new SiteIdentityPermission( Name ); - } - - public override bool Equals(Object o) - { - Site other = o as Site; - if (other == null) - { - return false; - } - - return String.Equals(Name, other.Name, StringComparison.OrdinalIgnoreCase); - } - - public override int GetHashCode() - { - return Name.GetHashCode(); - } - - public override EvidenceBase Clone() - { - return new Site(m_name); - } - - public Object Copy() - { - return Clone(); - } - - // INormalizeForIsolatedStorage is not implemented for startup perf - // equivalent to INormalizeForIsolatedStorage.Normalize() - internal Object Normalize() - { - return m_name.ToString().ToUpper(CultureInfo.InvariantCulture); - } - } -} diff --git a/src/mscorlib/src/System/Security/Policy/StrongName.cs b/src/mscorlib/src/System/Security/Policy/StrongName.cs deleted file mode 100644 index 999b478ba7..0000000000 --- a/src/mscorlib/src/System/Security/Policy/StrongName.cs +++ /dev/null @@ -1,171 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// - -// -// -// StrongName is an IIdentity representing strong names. -// - -namespace System.Security.Policy { - using System.IO; - using System.Reflection; - using System.Security.Util; - using System.Security.Permissions; - using System.Diagnostics.Contracts; - using CultureInfo = System.Globalization.CultureInfo; - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class StrongName : EvidenceBase, IIdentityPermissionFactory, IDelayEvaluatedEvidence - { - private StrongNamePublicKeyBlob m_publicKeyBlob; - private String m_name; - private Version m_version; - - // Delay evaluated evidence is for policy resolution only, so it doesn't make sense to save that - // state away and then try to evaluate the strong name later. - [NonSerialized] - private RuntimeAssembly m_assembly = null; - - [NonSerialized] - private bool m_wasUsed = false; - - internal StrongName() {} - - public StrongName( StrongNamePublicKeyBlob blob, String name, Version version ) : this(blob, name, version, null) - { - } - - internal StrongName(StrongNamePublicKeyBlob blob, String name, Version version, Assembly assembly) - { - if (name == null) - throw new ArgumentNullException(nameof(name)); - if (String.IsNullOrEmpty(name)) - throw new ArgumentException(Environment.GetResourceString("Argument_EmptyStrongName")); - - if (blob == null) - throw new ArgumentNullException(nameof(blob)); - - if (version == null) - throw new ArgumentNullException(nameof(version)); - Contract.EndContractBlock(); - - RuntimeAssembly rtAssembly = assembly as RuntimeAssembly; - if (assembly != null && rtAssembly == null) - throw new ArgumentException(Environment.GetResourceString("Argument_MustBeRuntimeAssembly"), nameof(assembly)); - - m_publicKeyBlob = blob; - m_name = name; - m_version = version; - m_assembly = rtAssembly; - } - - public StrongNamePublicKeyBlob PublicKey - { - get - { - return m_publicKeyBlob; - } - } - - public String Name - { - get - { - return m_name; - } - } - - public Version Version - { - get - { - return m_version; - } - } - - bool IDelayEvaluatedEvidence.IsVerified - { - get - { - return true; - } - } - - bool IDelayEvaluatedEvidence.WasUsed - { - get { return m_wasUsed; } - } - - void IDelayEvaluatedEvidence.MarkUsed() - { - m_wasUsed = true; - } - - internal static bool CompareNames( String asmName, String mcName ) - { - if (mcName.Length > 0 && mcName[mcName.Length-1] == '*' && mcName.Length - 1 <= asmName.Length) - return String.Compare( mcName, 0, asmName, 0, mcName.Length - 1, StringComparison.OrdinalIgnoreCase) == 0; - else - return String.Compare( mcName, asmName, StringComparison.OrdinalIgnoreCase) == 0; - } - - public IPermission CreateIdentityPermission( Evidence evidence ) - { - return new StrongNameIdentityPermission( m_publicKeyBlob, m_name, m_version ); - } - - public override EvidenceBase Clone() - { - return new StrongName(m_publicKeyBlob, m_name, m_version); - } - - public Object Copy() - { - return Clone(); - } - - public override bool Equals( Object o ) - { - StrongName that = (o as StrongName); - return (that != null) && - Equals( this.m_publicKeyBlob, that.m_publicKeyBlob ) && - Equals( this.m_name, that.m_name ) && - Equals( this.m_version, that.m_version ); - } - - public override int GetHashCode() - { - if (m_publicKeyBlob != null) - { - return m_publicKeyBlob.GetHashCode(); - } - else if (m_name != null || m_version != null) - { - return (m_name == null ? 0 : m_name.GetHashCode()) + (m_version == null ? 0 : m_version.GetHashCode()); - } - else - { - return typeof( StrongName ).GetHashCode(); - } - } - - // INormalizeForIsolatedStorage is not implemented for startup perf - // equivalent to INormalizeForIsolatedStorage.Normalize() - internal Object Normalize() - { - MemoryStream ms = new MemoryStream(); - BinaryWriter bw = new BinaryWriter(ms); - - bw.Write(m_publicKeyBlob.PublicKey); - bw.Write(m_version.Major); - bw.Write(m_name); - - ms.Position = 0; - return ms; - } - } -} diff --git a/src/mscorlib/src/System/Security/Policy/URL.cs b/src/mscorlib/src/System/Security/Policy/URL.cs deleted file mode 100644 index 3541124ac6..0000000000 --- a/src/mscorlib/src/System/Security/Policy/URL.cs +++ /dev/null @@ -1,98 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// - -// -// -// Url is an IIdentity representing url internet sites. -// - -namespace System.Security.Policy { - using System.IO; - using System.Security.Util; - using UrlIdentityPermission = System.Security.Permissions.UrlIdentityPermission; - using System.Runtime.Serialization; - using System.Diagnostics; - using System.Diagnostics.Contracts; - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class Url : EvidenceBase, IIdentityPermissionFactory - { - private URLString m_url; - - internal Url( String name, bool parsed ) - { - if (name == null) - throw new ArgumentNullException( nameof(name) ); - Contract.EndContractBlock(); - - m_url = new URLString( name, parsed ); - } - - public Url( String name ) - { - if (name == null) - throw new ArgumentNullException( nameof(name) ); - Contract.EndContractBlock(); - - m_url = new URLString( name ); - } - - private Url(Url url) - { - Debug.Assert(url != null); - m_url = url.m_url; - } - - public String Value - { - get { return m_url.ToString(); } - } - - internal URLString GetURLString() - { - return m_url; - } - - public IPermission CreateIdentityPermission( Evidence evidence ) - { - return new UrlIdentityPermission( m_url ); - } - - public override bool Equals(Object o) - { - Url other = o as Url; - if (other == null) - { - return false; - } - - return other.m_url.Equals(m_url); - } - - public override int GetHashCode() - { - return this.m_url.GetHashCode(); - } - - public override EvidenceBase Clone() - { - return new Url(this); - } - - public Object Copy() - { - return Clone(); - } - - // INormalizeForIsolatedStorage is not implemented for startup perf - // equivalent to INormalizeForIsolatedStorage.Normalize() - internal Object Normalize() - { - return m_url.NormalizeUrl(); - } - } -} diff --git a/src/mscorlib/src/System/Security/Policy/Zone.cs b/src/mscorlib/src/System/Security/Policy/Zone.cs deleted file mode 100644 index a9f5d84aeb..0000000000 --- a/src/mscorlib/src/System/Security/Policy/Zone.cs +++ /dev/null @@ -1,93 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// - -// -// -// Zone is an IIdentity representing Internet/Intranet/MyComputer etc. -// - -namespace System.Security.Policy -{ - using System.Security.Util; - using ZoneIdentityPermission = System.Security.Permissions.ZoneIdentityPermission; - using System.Runtime.CompilerServices; - using System.Runtime.InteropServices; - using System.Runtime.Versioning; - using System.Runtime.Serialization; - using System.Diagnostics; - using System.Diagnostics.Contracts; - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class Zone : EvidenceBase, IIdentityPermissionFactory - { - private SecurityZone m_zone; - - private static readonly String[] s_names = - {"MyComputer", "Intranet", "Trusted", "Internet", "Untrusted", "NoZone"}; - - public Zone(SecurityZone zone) - { - if (zone < SecurityZone.NoZone || zone > SecurityZone.Untrusted) - throw new ArgumentException( Environment.GetResourceString( "Argument_IllegalZone" ) ); - Contract.EndContractBlock(); - - m_zone = zone; - } - - private Zone(Zone zone) - { - Debug.Assert(zone != null); - m_zone = zone.m_zone; - } - - public IPermission CreateIdentityPermission( Evidence evidence ) - { - return new ZoneIdentityPermission( SecurityZone ); - } - - public SecurityZone SecurityZone - { - get - { - return m_zone; - } - } - - public override bool Equals(Object o) - { - Zone other = o as Zone; - if (other == null) - { - return false; - } - - return SecurityZone == other.SecurityZone; - } - - public override int GetHashCode() - { - return (int)SecurityZone; - } - - public override EvidenceBase Clone() - { - return new Zone(this); - } - - public Object Copy() - { - return Clone(); - } - - // INormalizeForIsolatedStorage is not implemented for startup perf - // equivalent to INormalizeForIsolatedStorage.Normalize() - internal Object Normalize() - { - return s_names[(int)SecurityZone]; - } - } -} |