summaryrefslogtreecommitdiff
path: root/src/mscorlib/src/System/Security/Policy
diff options
context:
space:
mode:
Diffstat (limited to 'src/mscorlib/src/System/Security/Policy')
-rw-r--r--src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs126
-rw-r--r--src/mscorlib/src/System/Security/Policy/Evidence.cs38
-rw-r--r--src/mscorlib/src/System/Security/Policy/EvidenceBase.cs178
-rw-r--r--src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs160
-rw-r--r--src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs34
-rw-r--r--src/mscorlib/src/System/Security/Policy/IIdentityPermissionFactory.cs20
-rw-r--r--src/mscorlib/src/System/Security/Policy/IRuntimeEvidenceFactory.cs36
-rw-r--r--src/mscorlib/src/System/Security/Policy/PolicyException.cs50
-rw-r--r--src/mscorlib/src/System/Security/Policy/PolicyStatement.cs246
-rw-r--r--src/mscorlib/src/System/Security/Policy/Site.cs105
-rw-r--r--src/mscorlib/src/System/Security/Policy/StrongName.cs171
-rw-r--r--src/mscorlib/src/System/Security/Policy/URL.cs98
-rw-r--r--src/mscorlib/src/System/Security/Policy/Zone.cs93
13 files changed, 0 insertions, 1355 deletions
diff --git a/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs b/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs
deleted file mode 100644
index 3d4e35a..0000000
--- a/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs
+++ /dev/null
@@ -1,126 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-// This class encapsulates security decisions about an application.
-//
-
-namespace System.Security.Policy
-{
- using System.Collections;
- using System.Collections.Generic;
- using System.Globalization;
- using System.IO;
- using System.Runtime.InteropServices;
-#if FEATURE_SERIALIZATION
- using System.Runtime.Serialization;
- using System.Runtime.Serialization.Formatters.Binary;
-#endif // FEATURE_SERIALIZATION
- using System.Runtime.Versioning;
- using System.Security.Permissions;
- using System.Security.Util;
- using System.Text;
- using System.Threading;
- using System.Diagnostics.Contracts;
-
- [System.Runtime.InteropServices.ComVisible(true)]
- public enum ApplicationVersionMatch {
- MatchExactVersion,
- MatchAllVersions
- }
-
- [System.Runtime.InteropServices.ComVisible(true)]
- [Serializable]
- public sealed class ApplicationTrust : EvidenceBase, ISecurityEncodable
- {
- private PolicyStatement m_psDefaultGrant;
- private IList<StrongName> m_fullTrustAssemblies;
-
- // Permission special flags for the default grant set in this ApplicationTrust. This should be
- // updated in sync with any updates to the default grant set.
- //
- // In the general case, these values cannot be trusted - we only store a reference to the
- // DefaultGrantSet, and return the reference directly, which means that code can update the
- // permission set without our knowledge. That would lead to the flags getting out of sync with the
- // grant set.
- //
- // However, we only care about these flags when we're creating a homogenous AppDomain, and in that
- // case we control the ApplicationTrust object end-to-end, and know that the permission set will not
- // change after the flags are calculated.
- [NonSerialized]
- private int m_grantSetSpecialFlags;
-
- public ApplicationTrust () : this (new PermissionSet(PermissionState.None))
- {
- }
-
- internal ApplicationTrust (PermissionSet defaultGrantSet)
- {
- InitDefaultGrantSet(defaultGrantSet);
-
- m_fullTrustAssemblies = new List<StrongName>().AsReadOnly();
- }
-
- public ApplicationTrust(PermissionSet defaultGrantSet, IEnumerable<StrongName> fullTrustAssemblies) {
- if (fullTrustAssemblies == null) {
- throw new ArgumentNullException(nameof(fullTrustAssemblies));
- }
-
- InitDefaultGrantSet(defaultGrantSet);
-
- List<StrongName> fullTrustList = new List<StrongName>();
- foreach (StrongName strongName in fullTrustAssemblies) {
- if (strongName == null) {
- throw new ArgumentException(Environment.GetResourceString("Argument_NullFullTrustAssembly"), nameof(fullTrustAssemblies));
- }
-
- fullTrustList.Add(new StrongName(strongName.PublicKey, strongName.Name, strongName.Version));
- }
-
- m_fullTrustAssemblies = fullTrustList.AsReadOnly();
- }
-
- // Sets up the default grant set for all constructors. Extracted to avoid the cost of
- // IEnumerable virtual dispatches on startup when there are no fullTrustAssemblies (CoreCLR)
- private void InitDefaultGrantSet(PermissionSet defaultGrantSet) {
- if (defaultGrantSet == null) {
- throw new ArgumentNullException(nameof(defaultGrantSet));
- }
-
- // Creating a PolicyStatement copies the incoming permission set, so we don't have to worry
- // about the PermissionSet parameter changing underneath us after we've calculated the
- // permisison flags in the DefaultGrantSet setter.
- DefaultGrantSet = new PolicyStatement(defaultGrantSet);
- }
-
- public PolicyStatement DefaultGrantSet {
- get {
- if (m_psDefaultGrant == null)
- return new PolicyStatement(new PermissionSet(PermissionState.None));
- return m_psDefaultGrant;
- }
- set {
- if (value == null) {
- m_psDefaultGrant = null;
- m_grantSetSpecialFlags = 0;
- }
- else {
- m_psDefaultGrant = value;
- m_grantSetSpecialFlags = SecurityManager.GetSpecialFlags(m_psDefaultGrant.PermissionSet, null);
- }
- }
- }
-
- public IList<StrongName> FullTrustAssemblies {
- get {
- return m_fullTrustAssemblies;
- }
- }
-
- public override EvidenceBase Clone()
- {
- return base.Clone();
- }
- }
-}
diff --git a/src/mscorlib/src/System/Security/Policy/Evidence.cs b/src/mscorlib/src/System/Security/Policy/Evidence.cs
deleted file mode 100644
index 22479df..0000000
--- a/src/mscorlib/src/System/Security/Policy/Evidence.cs
+++ /dev/null
@@ -1,38 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-namespace System.Security.Policy
-{
- using System.Runtime.InteropServices;
-#if FEATURE_SERIALIZATION
- using System.Runtime.Serialization;
- using System.Runtime.Serialization.Formatters.Binary;
-#endif // FEATURE_SERIALIZATION
-
- /// <summary>
- /// The Evidence class keeps track of information that can be used to make security decisions about
- /// an assembly or an AppDomain. There are two types of evidence, one is supplied by the CLR or a
- /// host, the other supplied by the assembly itself.
- ///
- /// We keep a dictionary that maps each type of possbile evidence to an EvidenceTypeDescriptor which
- /// contains the evidence objects themselves if they exist as well as some extra metadata about that
- /// type of evidence. This dictionary is fully populated with keys for host evidence at all times and
- /// for assembly evidence the first time the application evidence is touched. This means that if a
- /// Type key does not exist in the dictionary, then that particular type of evidence will never be
- /// given to the assembly or AppDomain in question as host evidence. The only exception is if the
- /// user later manually adds host evidence via the AddHostEvidence API.
- ///
- /// Assembly supplied evidence is created up front, however host supplied evidence may be lazily
- /// created. In the lazy creation case, the Type will map to either an EvidenceTypeDescriptor that does
- /// not contain any evidence data or null. As requests come in for that evidence, we'll populate the
- /// EvidenceTypeDescriptor appropriately.
- /// </summary>
-#if FEATURE_SERIALIZATION
- [Serializable]
-#endif
- [ComVisible(true)]
- public sealed class Evidence
- {
- }
-}
diff --git a/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs b/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs
deleted file mode 100644
index 7fef1de..0000000
--- a/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs
+++ /dev/null
@@ -1,178 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-
-using System;
-using System.Collections;
-using System.Collections.Generic;
-using System.Diagnostics;
-using System.Diagnostics.Contracts;
-using System.IO;
-using System.Runtime.InteropServices;
-#if FEATURE_SERIALIZATION
-using System.Runtime.Serialization.Formatters.Binary;
-#endif // FEATURE_SERIALIZATION
-using System.Security.Permissions;
-
-namespace System.Security.Policy
-{
- /// <summary>
- /// Base class from which all objects to be used as Evidence must derive
- /// </summary>
- [ComVisible(true)]
- [Serializable]
- public abstract class EvidenceBase
- {
- protected EvidenceBase()
- {
-#if FEATURE_SERIALIZATION
- // All objects to be used as evidence must be serializable. Make sure that any derived types
- // are marked serializable to enforce this, since the attribute does not inherit down to derived
- // classes.
- if (!GetType().IsSerializable)
- {
- throw new InvalidOperationException(Environment.GetResourceString("Policy_EvidenceMustBeSerializable"));
- }
-#endif // FEATURE_SERIALIZATION
- }
-
- /// <remarks>
- /// Since legacy evidence objects would be cloned by being serialized, the default implementation
- /// of EvidenceBase will do the same.
- /// </remarks>
- public virtual EvidenceBase Clone()
- {
-#if FEATURE_SERIALIZATION
- using (MemoryStream memoryStream = new MemoryStream())
- {
- BinaryFormatter formatter = new BinaryFormatter();
- formatter.Serialize(memoryStream, this);
-
- memoryStream.Position = 0;
- return formatter.Deserialize(memoryStream) as EvidenceBase;
- }
-#else // !FEATURE_SERIALIZATION
- throw new NotImplementedException();
-#endif // FEATURE_SERIALIZATION
- }
- }
-
- /// <summary>
- /// Interface for types which wrap Whidbey evidence objects for compatibility with v4 evidence rules
- /// </summary>
- internal interface ILegacyEvidenceAdapter
- {
- object EvidenceObject { get; }
- Type EvidenceType { get; }
- }
-
- /// <summary>
- /// Wrapper class to hold legacy evidence objects which do not derive from EvidenceBase, and allow
- /// them to be held in the Evidence collection which expects to maintain lists of EvidenceBase only
- /// </summary>
- [Serializable]
- internal sealed class LegacyEvidenceWrapper : EvidenceBase, ILegacyEvidenceAdapter
- {
- private object m_legacyEvidence;
-
- internal LegacyEvidenceWrapper(object legacyEvidence)
- {
- Debug.Assert(legacyEvidence != null);
- Debug.Assert(legacyEvidence.GetType() != typeof(EvidenceBase), "Attempt to wrap an EvidenceBase in a LegacyEvidenceWrapper");
- Debug.Assert(legacyEvidence.GetType().IsSerializable, "legacyEvidence.GetType().IsSerializable");
-
- m_legacyEvidence = legacyEvidence;
- }
-
- public object EvidenceObject
- {
- get { return m_legacyEvidence; }
- }
-
- public Type EvidenceType
- {
- get { return m_legacyEvidence.GetType(); }
- }
-
- public override bool Equals(object obj)
- {
- return m_legacyEvidence.Equals(obj);
- }
-
- public override int GetHashCode()
- {
- return m_legacyEvidence.GetHashCode();
- }
-
- public override EvidenceBase Clone()
- {
- return base.Clone();
- }
- }
-
- /// <summary>
- /// Pre-v4 versions of the runtime allow multiple pieces of evidence that all have the same type.
- /// This type wraps those evidence objects into a single type of list, allowing legacy code to continue
- /// to work with the Evidence collection that does not expect multiple evidences of the same type.
- ///
- /// This may not be limited to LegacyEvidenceWrappers, since it's valid for legacy code to add multiple
- /// objects of built-in evidence to an Evidence collection. The built-in evidence now derives from
- /// EvienceObject, so when the legacy code runs on v4, it may end up attempting to add multiple
- /// Hash evidences for intsance.
- /// </summary>
- [Serializable]
- internal sealed class LegacyEvidenceList : EvidenceBase, IEnumerable<EvidenceBase>, ILegacyEvidenceAdapter
- {
- private List<EvidenceBase> m_legacyEvidenceList = new List<EvidenceBase>();
-
- public object EvidenceObject
- {
- get
- {
- // We'll choose the first item in the list to represent us if we're forced to return only
- // one object. This can occur if multiple pieces of evidence are added via the legacy APIs,
- // and then the new APIs are used to retrieve that evidence.
- return m_legacyEvidenceList.Count > 0 ? m_legacyEvidenceList[0] : null;
- }
- }
-
- public Type EvidenceType
- {
- get
- {
- Debug.Assert(m_legacyEvidenceList.Count > 0, "No items in LegacyEvidenceList, cannot tell what type they are");
-
- ILegacyEvidenceAdapter adapter = m_legacyEvidenceList[0] as ILegacyEvidenceAdapter;
- return adapter == null ? m_legacyEvidenceList[0].GetType() : adapter.EvidenceType;
- }
- }
-
- public void Add(EvidenceBase evidence)
- {
- Debug.Assert(evidence != null);
- Debug.Assert(m_legacyEvidenceList.Count == 0 || EvidenceType == evidence.GetType() || (evidence is LegacyEvidenceWrapper && (evidence as LegacyEvidenceWrapper).EvidenceType == EvidenceType),
- "LegacyEvidenceList must be homogeonous");
- Debug.Assert(evidence.GetType() != typeof(LegacyEvidenceList),
- "Attempt to add a legacy evidence list to another legacy evidence list");
-
- m_legacyEvidenceList.Add(evidence);
- }
-
- public IEnumerator<EvidenceBase> GetEnumerator()
- {
- return m_legacyEvidenceList.GetEnumerator();
- }
-
- IEnumerator System.Collections.IEnumerable.GetEnumerator()
- {
- return m_legacyEvidenceList.GetEnumerator();
- }
-
- public override EvidenceBase Clone()
- {
- return base.Clone();
- }
- }
-}
diff --git a/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs b/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs
deleted file mode 100644
index 8deb145..0000000
--- a/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs
+++ /dev/null
@@ -1,160 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-using System;
-using System.Diagnostics;
-using System.Diagnostics.Contracts;
-using System.Runtime.Serialization;
-
-namespace System.Security.Policy
-{
- /// <summary>
- /// Descriptor stored in the Evidence collection to detail the information we have about a type of
- /// evidence. This descriptor also stores any evidence that's been generated of the specific type.
- /// </summary>
- [Serializable]
- internal sealed class EvidenceTypeDescriptor
- {
- [NonSerialized]
- private bool m_hostCanGenerate;
-
- [NonSerialized]
- private bool m_generated;
-
- private EvidenceBase m_hostEvidence;
- private EvidenceBase m_assemblyEvidence;
-
- // EvidenceTypeDescriptors are stored in Evidence indexed by the type they describe, so this
- // information is redundant. We keep it around in checked builds to help debugging, but we can drop
- // it from retial builds.
-#if _DEBUG
- [NonSerialized]
- private Type m_evidenceType;
-#endif // _DEBUG
-
- public EvidenceTypeDescriptor()
- {
- }
-
- /// <summary>
- /// Make a deep copy of a type descriptor
- /// </summary>
- private EvidenceTypeDescriptor(EvidenceTypeDescriptor descriptor)
- {
- Debug.Assert(descriptor != null);
-
- m_hostCanGenerate = descriptor.m_hostCanGenerate;
-
- if (descriptor.m_assemblyEvidence != null)
- {
- m_assemblyEvidence = descriptor.m_assemblyEvidence.Clone() as EvidenceBase;
- }
- if (descriptor.m_hostEvidence != null)
- {
- m_hostEvidence = descriptor.m_hostEvidence.Clone() as EvidenceBase;
- }
-
-#if _DEBUG
- m_evidenceType = descriptor.m_evidenceType;
-#endif // _DEBUG
- }
-
- /// <summary>
- /// Evidence of this type supplied by the assembly
- /// </summary>
- public EvidenceBase AssemblyEvidence
- {
- get { return m_assemblyEvidence; }
-
- set
- {
- Debug.Assert(value != null);
-#if _DEBUG
- Debug.Assert(CheckEvidenceType(value), "Incorrect type of AssemblyEvidence set");
-#endif
- m_assemblyEvidence = value;
- }
- }
-
- /// <summary>
- /// Flag indicating that we've already attempted to generate this type of evidence
- /// </summary>
- public bool Generated
- {
- get { return m_generated; }
-
- set
- {
- Debug.Assert(value, "Attempt to clear the Generated flag");
- m_generated = value;
- }
- }
-
- /// <summary>
- /// Has the HostSecurityManager has told us that it can potentially generate evidence of this type
- /// </summary>
- public bool HostCanGenerate
- {
- get { return m_hostCanGenerate; }
-
- set
- {
- Debug.Assert(value, "Attempt to clear HostCanGenerate flag");
- m_hostCanGenerate = value;
- }
- }
-
- /// <summary>
- /// Evidence of this type supplied by the CLR or the host
- /// </summary>
- public EvidenceBase HostEvidence
- {
- get { return m_hostEvidence; }
-
- set
- {
- Debug.Assert(value != null);
-#if _DEBUG
- Debug.Assert(CheckEvidenceType(value), "Incorrect type of HostEvidence set");
-#endif
- m_hostEvidence = value;
- }
- }
-
-#if _DEBUG
- /// <summary>
- /// Verify that evidence being stored in this descriptor is of the correct type
- /// </summary>
- private bool CheckEvidenceType(EvidenceBase evidence)
- {
- Debug.Assert(evidence != null);
-
- ILegacyEvidenceAdapter legacyAdapter = evidence as ILegacyEvidenceAdapter;
- Type storedType = legacyAdapter == null ? evidence.GetType() : legacyAdapter.EvidenceType;
-
- return m_evidenceType == null || m_evidenceType.IsAssignableFrom(storedType);
- }
-#endif // _DEBUG
-
- /// <summary>
- /// Make a deep copy of this descriptor
- /// </summary>
- public EvidenceTypeDescriptor Clone()
- {
- return new EvidenceTypeDescriptor(this);
- }
-
-#if _DEBUG
- /// <summary>
- /// Set the type that this evidence descriptor refers to.
- /// </summary>
- internal void SetEvidenceType(Type evidenceType)
- {
- Debug.Assert(evidenceType != null);
- Debug.Assert(m_evidenceType == null, "Attempt to reset evidence type");
-
- m_evidenceType = evidenceType;
- }
-#endif // _DEBUG
- }
-}
diff --git a/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs b/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs
deleted file mode 100644
index 8f8c07c..0000000
--- a/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs
+++ /dev/null
@@ -1,34 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-
-namespace System.Security.Policy {
- /// <summary>
- /// Interface for evidence objects that support being "unverified". For instance, StrongName
- /// evidence for a strong name signature which was not yet verified. This interface is used to
- /// keep track of weather or not the evidence object was needed to compute a grant set. If it was,
- /// then we can force verificaiton of the evidence object -- if not we can save time by not doing
- /// any verification on it. (Since we didn't use it for policy resolution, it wouldn't have
- /// mattered if the evidence was not present in the first place).
- /// </summary>
- internal interface IDelayEvaluatedEvidence {
- /// <summary>
- /// Is this evidence object verified yet?
- /// </summary>
- bool IsVerified
- {
- get;
- }
-
- /// <summary>
- /// Was this evidence object used during the course of policy evaluation?
- /// </summary>
- bool WasUsed { get; }
-
- /// <summary>
- /// Mark the object as used
- /// </summary>
- void MarkUsed();
- }
-}
diff --git a/src/mscorlib/src/System/Security/Policy/IIdentityPermissionFactory.cs b/src/mscorlib/src/System/Security/Policy/IIdentityPermissionFactory.cs
deleted file mode 100644
index a46f396..0000000
--- a/src/mscorlib/src/System/Security/Policy/IIdentityPermissionFactory.cs
+++ /dev/null
@@ -1,20 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-//
-// All Identities will implement this interface.
-//
-
-namespace System.Security.Policy {
- using System.Runtime.Remoting;
- using System;
- using System.Security.Util;
-[System.Runtime.InteropServices.ComVisible(true)]
- public interface IIdentityPermissionFactory
- {
- IPermission CreateIdentityPermission( Evidence evidence );
- }
-
-}
diff --git a/src/mscorlib/src/System/Security/Policy/IRuntimeEvidenceFactory.cs b/src/mscorlib/src/System/Security/Policy/IRuntimeEvidenceFactory.cs
deleted file mode 100644
index 98467fe..0000000
--- a/src/mscorlib/src/System/Security/Policy/IRuntimeEvidenceFactory.cs
+++ /dev/null
@@ -1,36 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-
-using System;
-using System.Collections.Generic;
-
-namespace System.Security.Policy
-{
- /// <summary>
- /// IRuntimeEvidenceFactory is implemented by runtime types which the CLR knows how to delay
- /// generate evidence for. It is used by the Evidence class to get evidence on demand when we first
- /// need it.
- /// </summary>
- internal interface IRuntimeEvidenceFactory
- {
- /// <summary>
- /// Object which the evidence generated by this factory is used for
- /// </summary>
- IEvidenceFactory Target { get; }
-
- /// <summary>
- /// Get the collection of evidence objects supplied by the factory itself, rather than by the
- /// runtime.
- /// </summary>
- IEnumerable<EvidenceBase> GetFactorySuppliedEvidence();
-
- /// <summary>
- /// Generate a specific type of evidence for this object, returning null if the specified type of
- /// evidence cannot be generated.
- /// </summary>
- EvidenceBase GenerateEvidence(Type evidenceType);
- }
-}
diff --git a/src/mscorlib/src/System/Security/Policy/PolicyException.cs b/src/mscorlib/src/System/Security/Policy/PolicyException.cs
deleted file mode 100644
index 68e87f7..0000000
--- a/src/mscorlib/src/System/Security/Policy/PolicyException.cs
+++ /dev/null
@@ -1,50 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-//
-// Use this class to throw a PolicyException
-//
-
-namespace System.Security.Policy {
-
- using System;
- using System.Runtime.Serialization;
- [Serializable]
-[System.Runtime.InteropServices.ComVisible(true)]
- public class PolicyException : SystemException
- {
- public PolicyException()
-
- : base(Environment.GetResourceString( "Policy_Default" )) {
- HResult = __HResults.CORSEC_E_POLICY_EXCEPTION;
- }
-
- public PolicyException(String message)
-
- : base(message) {
- HResult = __HResults.CORSEC_E_POLICY_EXCEPTION;
- }
-
- public PolicyException(String message, Exception exception)
-
- : base(message, exception) {
- HResult = __HResults.CORSEC_E_POLICY_EXCEPTION;
- }
-
- protected PolicyException(SerializationInfo info, StreamingContext context) : base (info, context) {}
-
- internal PolicyException(String message, int hresult) : base (message)
- {
- HResult = hresult;
- }
-
- internal PolicyException(String message, int hresult, Exception exception) : base (message, exception)
- {
- HResult = hresult;
- }
-
- }
-
-}
diff --git a/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs b/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs
deleted file mode 100644
index 9b58ece..0000000
--- a/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs
+++ /dev/null
@@ -1,246 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-// Represents the policy associated with some piece of evidence
-//
-using System.Diagnostics.Contracts;
-namespace System.Security.Policy {
-
- using System;
- using System.Security;
- using System.Security.Util;
- using Math = System.Math;
- using System.Collections;
- using System.Collections.Generic;
- using System.Security.Permissions;
- using System.Text;
- using System.Globalization;
-[Serializable]
- [Flags]
-[System.Runtime.InteropServices.ComVisible(true)]
- public enum PolicyStatementAttribute
- {
- Nothing = 0x0,
- Exclusive = 0x01,
- LevelFinal = 0x02,
- All = 0x03,
- }
-
- [Serializable]
- [System.Runtime.InteropServices.ComVisible(true)]
- sealed public class PolicyStatement : ISecurityPolicyEncodable, ISecurityEncodable
- {
- // The PermissionSet associated with this policy
- internal PermissionSet m_permSet;
-
- // The bitfield of inheritance properties associated with this policy
- internal PolicyStatementAttribute m_attributes;
-
- internal PolicyStatement()
- {
- m_permSet = null;
- m_attributes = PolicyStatementAttribute.Nothing;
- }
-
- public PolicyStatement( PermissionSet permSet )
- : this( permSet, PolicyStatementAttribute.Nothing )
- {
- }
-
- public PolicyStatement( PermissionSet permSet, PolicyStatementAttribute attributes )
- {
- if (permSet == null)
- {
- m_permSet = new PermissionSet( false );
- }
- else
- {
- m_permSet = permSet.Copy();
- }
- if (ValidProperties( attributes ))
- {
- m_attributes = attributes;
- }
- }
-
- private PolicyStatement( PermissionSet permSet, PolicyStatementAttribute attributes, bool copy )
- {
- if (permSet != null)
- {
- if (copy)
- m_permSet = permSet.Copy();
- else
- m_permSet = permSet;
- }
- else
- {
- m_permSet = new PermissionSet( false );
- }
-
- m_attributes = attributes;
- }
-
- public PermissionSet PermissionSet
- {
- get
- {
- lock (this)
- {
- return m_permSet.Copy();
- }
- }
-
- set
- {
- lock (this)
- {
- if (value == null)
- {
- m_permSet = new PermissionSet( false );
- }
- else
- {
- m_permSet = value.Copy();
- }
- }
- }
- }
-
- internal void SetPermissionSetNoCopy( PermissionSet permSet )
- {
- m_permSet = permSet;
- }
-
- internal PermissionSet GetPermissionSetNoCopy()
- {
- lock (this)
- {
- return m_permSet;
- }
- }
-
- public PolicyStatementAttribute Attributes
- {
- get
- {
- return m_attributes;
- }
-
- set
- {
- if (ValidProperties( value ))
- {
- m_attributes = value;
- }
- }
- }
-
- public PolicyStatement Copy()
- {
- // The PolicyStatement .ctor will copy the permission set
- return new PolicyStatement(m_permSet, Attributes, true);
- }
-
- public String AttributeString
- {
- get
- {
- StringBuilder sb = new StringBuilder();
-
- bool first = true;
-
- if (GetFlag((int) PolicyStatementAttribute.Exclusive ))
- {
- sb.Append( "Exclusive" );
- first = false;
- }
- if (GetFlag((int) PolicyStatementAttribute.LevelFinal ))
- {
- if (!first)
- sb.Append( " " );
- sb.Append( "LevelFinal" );
- }
-
- return sb.ToString();
- }
- }
-
- private static bool ValidProperties( PolicyStatementAttribute attributes )
- {
- if ((attributes & ~(PolicyStatementAttribute.All)) == 0)
- {
- return true;
- }
- else
- {
- throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidFlag" ) );
- }
- }
-
- private bool GetFlag( int flag )
- {
- return (flag & (int)m_attributes) != 0;
- }
-
- /// <summary>
- /// Union a child policy statement into this policy statement
- /// </summary>
- internal void InplaceUnion(PolicyStatement childPolicy)
- {
- BCLDebug.Assert(childPolicy != null, "childPolicy != null");
-
- if (((Attributes & childPolicy.Attributes) & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive)
- {
- throw new PolicyException(Environment.GetResourceString( "Policy_MultipleExclusive" ));
- }
-
- // We need to merge together our grant set and attributes. The result of this merge is
- // dependent upon if we're merging a child marked exclusive or not. If the child is not
- // exclusive, we need to union in its grant set and or in its attributes. However, if the child
- // is exclusive then it is the only code group which should have an effect on the resulting
- // grant set and therefore our grant should be ignored.
- if ((childPolicy.Attributes & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive)
- {
- m_permSet = childPolicy.GetPermissionSetNoCopy();
- Attributes = childPolicy.Attributes;
- }
- else
- {
- m_permSet.InplaceUnion(childPolicy.GetPermissionSetNoCopy());
- Attributes = Attributes | childPolicy.Attributes;
- }
- }
-
- [System.Runtime.InteropServices.ComVisible(false)]
- public override bool Equals( Object obj )
- {
- PolicyStatement other = obj as PolicyStatement;
-
- if (other == null)
- return false;
-
- if (this.m_attributes != other.m_attributes)
- return false;
-
- if (!Object.Equals( this.m_permSet, other.m_permSet ))
- return false;
-
- return true;
- }
-
- [System.Runtime.InteropServices.ComVisible(false)]
- public override int GetHashCode()
- {
- int accumulator = (int)this.m_attributes;
-
- if (m_permSet != null)
- accumulator = accumulator ^ m_permSet.GetHashCode();
-
- return accumulator;
- }
-
- }
-}
-
diff --git a/src/mscorlib/src/System/Security/Policy/Site.cs b/src/mscorlib/src/System/Security/Policy/Site.cs
deleted file mode 100644
index 14a95e1..0000000
--- a/src/mscorlib/src/System/Security/Policy/Site.cs
+++ /dev/null
@@ -1,105 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-
-//
-//
-// Site is an IIdentity representing internet sites.
-//
-
-using System;
-using System.Diagnostics;
-using System.Diagnostics.Contracts;
-using System.Globalization;
-using System.Security.Permissions;
-using System.Security.Util;
-
-namespace System.Security.Policy
-{
- [Serializable]
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class Site : EvidenceBase, IIdentityPermissionFactory
- {
- private SiteString m_name;
-
- public Site(String name)
- {
- if (name == null)
- throw new ArgumentNullException(nameof(name));
- Contract.EndContractBlock();
-
- m_name = new SiteString( name );
- }
-
- private Site(SiteString name)
- {
- Debug.Assert(name != null);
- m_name = name;
- }
-
- public static Site CreateFromUrl( String url )
- {
- return new Site(ParseSiteFromUrl(url));
- }
-
- private static SiteString ParseSiteFromUrl( String name )
- {
- URLString urlString = new URLString( name );
-
- if (String.Compare( urlString.Scheme, "file", StringComparison.OrdinalIgnoreCase) == 0)
- throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidSite" ) );
-
- return new SiteString( new URLString( name ).Host );
- }
-
- public String Name
- {
- get { return m_name.ToString(); }
- }
-
- internal SiteString GetSiteString()
- {
- return m_name;
- }
-
- public IPermission CreateIdentityPermission( Evidence evidence )
- {
- return new SiteIdentityPermission( Name );
- }
-
- public override bool Equals(Object o)
- {
- Site other = o as Site;
- if (other == null)
- {
- return false;
- }
-
- return String.Equals(Name, other.Name, StringComparison.OrdinalIgnoreCase);
- }
-
- public override int GetHashCode()
- {
- return Name.GetHashCode();
- }
-
- public override EvidenceBase Clone()
- {
- return new Site(m_name);
- }
-
- public Object Copy()
- {
- return Clone();
- }
-
- // INormalizeForIsolatedStorage is not implemented for startup perf
- // equivalent to INormalizeForIsolatedStorage.Normalize()
- internal Object Normalize()
- {
- return m_name.ToString().ToUpper(CultureInfo.InvariantCulture);
- }
- }
-}
diff --git a/src/mscorlib/src/System/Security/Policy/StrongName.cs b/src/mscorlib/src/System/Security/Policy/StrongName.cs
deleted file mode 100644
index 999b478..0000000
--- a/src/mscorlib/src/System/Security/Policy/StrongName.cs
+++ /dev/null
@@ -1,171 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-
-//
-//
-// StrongName is an IIdentity representing strong names.
-//
-
-namespace System.Security.Policy {
- using System.IO;
- using System.Reflection;
- using System.Security.Util;
- using System.Security.Permissions;
- using System.Diagnostics.Contracts;
- using CultureInfo = System.Globalization.CultureInfo;
-
- [Serializable]
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class StrongName : EvidenceBase, IIdentityPermissionFactory, IDelayEvaluatedEvidence
- {
- private StrongNamePublicKeyBlob m_publicKeyBlob;
- private String m_name;
- private Version m_version;
-
- // Delay evaluated evidence is for policy resolution only, so it doesn't make sense to save that
- // state away and then try to evaluate the strong name later.
- [NonSerialized]
- private RuntimeAssembly m_assembly = null;
-
- [NonSerialized]
- private bool m_wasUsed = false;
-
- internal StrongName() {}
-
- public StrongName( StrongNamePublicKeyBlob blob, String name, Version version ) : this(blob, name, version, null)
- {
- }
-
- internal StrongName(StrongNamePublicKeyBlob blob, String name, Version version, Assembly assembly)
- {
- if (name == null)
- throw new ArgumentNullException(nameof(name));
- if (String.IsNullOrEmpty(name))
- throw new ArgumentException(Environment.GetResourceString("Argument_EmptyStrongName"));
-
- if (blob == null)
- throw new ArgumentNullException(nameof(blob));
-
- if (version == null)
- throw new ArgumentNullException(nameof(version));
- Contract.EndContractBlock();
-
- RuntimeAssembly rtAssembly = assembly as RuntimeAssembly;
- if (assembly != null && rtAssembly == null)
- throw new ArgumentException(Environment.GetResourceString("Argument_MustBeRuntimeAssembly"), nameof(assembly));
-
- m_publicKeyBlob = blob;
- m_name = name;
- m_version = version;
- m_assembly = rtAssembly;
- }
-
- public StrongNamePublicKeyBlob PublicKey
- {
- get
- {
- return m_publicKeyBlob;
- }
- }
-
- public String Name
- {
- get
- {
- return m_name;
- }
- }
-
- public Version Version
- {
- get
- {
- return m_version;
- }
- }
-
- bool IDelayEvaluatedEvidence.IsVerified
- {
- get
- {
- return true;
- }
- }
-
- bool IDelayEvaluatedEvidence.WasUsed
- {
- get { return m_wasUsed; }
- }
-
- void IDelayEvaluatedEvidence.MarkUsed()
- {
- m_wasUsed = true;
- }
-
- internal static bool CompareNames( String asmName, String mcName )
- {
- if (mcName.Length > 0 && mcName[mcName.Length-1] == '*' && mcName.Length - 1 <= asmName.Length)
- return String.Compare( mcName, 0, asmName, 0, mcName.Length - 1, StringComparison.OrdinalIgnoreCase) == 0;
- else
- return String.Compare( mcName, asmName, StringComparison.OrdinalIgnoreCase) == 0;
- }
-
- public IPermission CreateIdentityPermission( Evidence evidence )
- {
- return new StrongNameIdentityPermission( m_publicKeyBlob, m_name, m_version );
- }
-
- public override EvidenceBase Clone()
- {
- return new StrongName(m_publicKeyBlob, m_name, m_version);
- }
-
- public Object Copy()
- {
- return Clone();
- }
-
- public override bool Equals( Object o )
- {
- StrongName that = (o as StrongName);
- return (that != null) &&
- Equals( this.m_publicKeyBlob, that.m_publicKeyBlob ) &&
- Equals( this.m_name, that.m_name ) &&
- Equals( this.m_version, that.m_version );
- }
-
- public override int GetHashCode()
- {
- if (m_publicKeyBlob != null)
- {
- return m_publicKeyBlob.GetHashCode();
- }
- else if (m_name != null || m_version != null)
- {
- return (m_name == null ? 0 : m_name.GetHashCode()) + (m_version == null ? 0 : m_version.GetHashCode());
- }
- else
- {
- return typeof( StrongName ).GetHashCode();
- }
- }
-
- // INormalizeForIsolatedStorage is not implemented for startup perf
- // equivalent to INormalizeForIsolatedStorage.Normalize()
- internal Object Normalize()
- {
- MemoryStream ms = new MemoryStream();
- BinaryWriter bw = new BinaryWriter(ms);
-
- bw.Write(m_publicKeyBlob.PublicKey);
- bw.Write(m_version.Major);
- bw.Write(m_name);
-
- ms.Position = 0;
- return ms;
- }
- }
-}
diff --git a/src/mscorlib/src/System/Security/Policy/URL.cs b/src/mscorlib/src/System/Security/Policy/URL.cs
deleted file mode 100644
index 3541124..0000000
--- a/src/mscorlib/src/System/Security/Policy/URL.cs
+++ /dev/null
@@ -1,98 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-
-//
-//
-// Url is an IIdentity representing url internet sites.
-//
-
-namespace System.Security.Policy {
- using System.IO;
- using System.Security.Util;
- using UrlIdentityPermission = System.Security.Permissions.UrlIdentityPermission;
- using System.Runtime.Serialization;
- using System.Diagnostics;
- using System.Diagnostics.Contracts;
-
- [Serializable]
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class Url : EvidenceBase, IIdentityPermissionFactory
- {
- private URLString m_url;
-
- internal Url( String name, bool parsed )
- {
- if (name == null)
- throw new ArgumentNullException( nameof(name) );
- Contract.EndContractBlock();
-
- m_url = new URLString( name, parsed );
- }
-
- public Url( String name )
- {
- if (name == null)
- throw new ArgumentNullException( nameof(name) );
- Contract.EndContractBlock();
-
- m_url = new URLString( name );
- }
-
- private Url(Url url)
- {
- Debug.Assert(url != null);
- m_url = url.m_url;
- }
-
- public String Value
- {
- get { return m_url.ToString(); }
- }
-
- internal URLString GetURLString()
- {
- return m_url;
- }
-
- public IPermission CreateIdentityPermission( Evidence evidence )
- {
- return new UrlIdentityPermission( m_url );
- }
-
- public override bool Equals(Object o)
- {
- Url other = o as Url;
- if (other == null)
- {
- return false;
- }
-
- return other.m_url.Equals(m_url);
- }
-
- public override int GetHashCode()
- {
- return this.m_url.GetHashCode();
- }
-
- public override EvidenceBase Clone()
- {
- return new Url(this);
- }
-
- public Object Copy()
- {
- return Clone();
- }
-
- // INormalizeForIsolatedStorage is not implemented for startup perf
- // equivalent to INormalizeForIsolatedStorage.Normalize()
- internal Object Normalize()
- {
- return m_url.NormalizeUrl();
- }
- }
-}
diff --git a/src/mscorlib/src/System/Security/Policy/Zone.cs b/src/mscorlib/src/System/Security/Policy/Zone.cs
deleted file mode 100644
index a9f5d84..0000000
--- a/src/mscorlib/src/System/Security/Policy/Zone.cs
+++ /dev/null
@@ -1,93 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-//
-
-//
-//
-// Zone is an IIdentity representing Internet/Intranet/MyComputer etc.
-//
-
-namespace System.Security.Policy
-{
- using System.Security.Util;
- using ZoneIdentityPermission = System.Security.Permissions.ZoneIdentityPermission;
- using System.Runtime.CompilerServices;
- using System.Runtime.InteropServices;
- using System.Runtime.Versioning;
- using System.Runtime.Serialization;
- using System.Diagnostics;
- using System.Diagnostics.Contracts;
-
- [Serializable]
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class Zone : EvidenceBase, IIdentityPermissionFactory
- {
- private SecurityZone m_zone;
-
- private static readonly String[] s_names =
- {"MyComputer", "Intranet", "Trusted", "Internet", "Untrusted", "NoZone"};
-
- public Zone(SecurityZone zone)
- {
- if (zone < SecurityZone.NoZone || zone > SecurityZone.Untrusted)
- throw new ArgumentException( Environment.GetResourceString( "Argument_IllegalZone" ) );
- Contract.EndContractBlock();
-
- m_zone = zone;
- }
-
- private Zone(Zone zone)
- {
- Debug.Assert(zone != null);
- m_zone = zone.m_zone;
- }
-
- public IPermission CreateIdentityPermission( Evidence evidence )
- {
- return new ZoneIdentityPermission( SecurityZone );
- }
-
- public SecurityZone SecurityZone
- {
- get
- {
- return m_zone;
- }
- }
-
- public override bool Equals(Object o)
- {
- Zone other = o as Zone;
- if (other == null)
- {
- return false;
- }
-
- return SecurityZone == other.SecurityZone;
- }
-
- public override int GetHashCode()
- {
- return (int)SecurityZone;
- }
-
- public override EvidenceBase Clone()
- {
- return new Zone(this);
- }
-
- public Object Copy()
- {
- return Clone();
- }
-
- // INormalizeForIsolatedStorage is not implemented for startup perf
- // equivalent to INormalizeForIsolatedStorage.Normalize()
- internal Object Normalize()
- {
- return s_names[(int)SecurityZone];
- }
- }
-}