summaryrefslogtreecommitdiff
path: root/src/mscorlib/src/System/Security/Policy
diff options
context:
space:
mode:
Diffstat (limited to 'src/mscorlib/src/System/Security/Policy')
-rw-r--r--src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs573
-rw-r--r--src/mscorlib/src/System/Security/Policy/Evidence.cs1865
-rw-r--r--src/mscorlib/src/System/Security/Policy/EvidenceBase.cs31
-rw-r--r--src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs20
-rw-r--r--src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs1
-rw-r--r--src/mscorlib/src/System/Security/Policy/PolicyStatement.cs302
-rw-r--r--src/mscorlib/src/System/Security/Policy/Site.cs29
-rw-r--r--src/mscorlib/src/System/Security/Policy/StrongName.cs59
-rw-r--r--src/mscorlib/src/System/Security/Policy/URL.cs29
-rw-r--r--src/mscorlib/src/System/Security/Policy/Zone.cs66
10 files changed, 42 insertions, 2933 deletions
diff --git a/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs b/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs
index 57b216e462..3d4e35adf4 100644
--- a/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs
+++ b/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs
@@ -2,20 +2,14 @@
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
-//
-
-//
//
// This class encapsulates security decisions about an application.
//
-namespace System.Security.Policy {
+namespace System.Security.Policy
+{
using System.Collections;
using System.Collections.Generic;
-#if FEATURE_CLICKONCE
- using System.Deployment.Internal.Isolation;
- using System.Deployment.Internal.Isolation.Manifest;
-#endif
using System.Globalization;
using System.IO;
using System.Runtime.InteropServices;
@@ -40,14 +34,6 @@ namespace System.Security.Policy {
[Serializable]
public sealed class ApplicationTrust : EvidenceBase, ISecurityEncodable
{
-#if FEATURE_CLICKONCE
- private ApplicationIdentity m_appId;
- private bool m_appTrustedToRun;
- private bool m_persist;
-
- private object m_extraInfo;
- private SecurityElement m_elExtraInfo;
-#endif
private PolicyStatement m_psDefaultGrant;
private IList<StrongName> m_fullTrustAssemblies;
@@ -65,11 +51,6 @@ namespace System.Security.Policy {
[NonSerialized]
private int m_grantSetSpecialFlags;
-#if FEATURE_CLICKONCE
- public ApplicationTrust (ApplicationIdentity applicationIdentity) : this () {
- ApplicationIdentity = applicationIdentity;
- }
-#endif
public ApplicationTrust () : this (new PermissionSet(PermissionState.None))
{
}
@@ -83,7 +64,7 @@ namespace System.Security.Policy {
public ApplicationTrust(PermissionSet defaultGrantSet, IEnumerable<StrongName> fullTrustAssemblies) {
if (fullTrustAssemblies == null) {
- throw new ArgumentNullException("fullTrustAssemblies");
+ throw new ArgumentNullException(nameof(fullTrustAssemblies));
}
InitDefaultGrantSet(defaultGrantSet);
@@ -91,7 +72,7 @@ namespace System.Security.Policy {
List<StrongName> fullTrustList = new List<StrongName>();
foreach (StrongName strongName in fullTrustAssemblies) {
if (strongName == null) {
- throw new ArgumentException(Environment.GetResourceString("Argument_NullFullTrustAssembly"), "fullTrustAssemblies");
+ throw new ArgumentException(Environment.GetResourceString("Argument_NullFullTrustAssembly"), nameof(fullTrustAssemblies));
}
fullTrustList.Add(new StrongName(strongName.PublicKey, strongName.Name, strongName.Version));
@@ -104,7 +85,7 @@ namespace System.Security.Policy {
// IEnumerable virtual dispatches on startup when there are no fullTrustAssemblies (CoreCLR)
private void InitDefaultGrantSet(PermissionSet defaultGrantSet) {
if (defaultGrantSet == null) {
- throw new ArgumentNullException("defaultGrantSet");
+ throw new ArgumentNullException(nameof(defaultGrantSet));
}
// Creating a PolicyStatement copies the incoming permission set, so we don't have to worry
@@ -113,19 +94,6 @@ namespace System.Security.Policy {
DefaultGrantSet = new PolicyStatement(defaultGrantSet);
}
-#if FEATURE_CLICKONCE
- public ApplicationIdentity ApplicationIdentity {
- get {
- return m_appId;
- }
- set {
- if (value == null)
- throw new ArgumentNullException("value", Environment.GetResourceString("Argument_InvalidAppId"));
- Contract.EndContractBlock();
- m_appId = value;
- }
- }
-#endif
public PolicyStatement DefaultGrantSet {
get {
if (m_psDefaultGrant == null)
@@ -149,541 +117,10 @@ namespace System.Security.Policy {
return m_fullTrustAssemblies;
}
}
-#if FEATURE_CLICKONCE
- public bool IsApplicationTrustedToRun {
- get {
- return m_appTrustedToRun;
- }
- set {
- m_appTrustedToRun = value;
- }
- }
-
- public bool Persist {
- get {
- return m_persist;
- }
- set {
- m_persist = value;
- }
- }
-
- public object ExtraInfo {
- get {
- if (m_elExtraInfo != null) {
- m_extraInfo = ObjectFromXml(m_elExtraInfo);
- m_elExtraInfo = null;
- }
- return m_extraInfo;
- }
- set {
- m_elExtraInfo = null;
- m_extraInfo = value;
- }
- }
-#endif //FEATURE_CLICKONCE
-
-#if FEATURE_CAS_POLICY
- public SecurityElement ToXml () {
- SecurityElement elRoot = new SecurityElement("ApplicationTrust");
- elRoot.AddAttribute("version", "1");
-
-#if FEATURE_CLICKONCE
- if (m_appId != null) {
- elRoot.AddAttribute("FullName", SecurityElement.Escape(m_appId.FullName));
- }
- if (m_appTrustedToRun) {
- elRoot.AddAttribute("TrustedToRun", "true");
- }
- if (m_persist) {
- elRoot.AddAttribute("Persist", "true");
- }
-#endif // FEATURE_CLICKONCE
-
- if (m_psDefaultGrant != null) {
- SecurityElement elDefaultGrant = new SecurityElement("DefaultGrant");
- elDefaultGrant.AddChild(m_psDefaultGrant.ToXml());
- elRoot.AddChild(elDefaultGrant);
- }
- if (m_fullTrustAssemblies.Count > 0) {
- SecurityElement elFullTrustAssemblies = new SecurityElement("FullTrustAssemblies");
- foreach (StrongName fullTrustAssembly in m_fullTrustAssemblies) {
- elFullTrustAssemblies.AddChild(fullTrustAssembly.ToXml());
- }
- elRoot.AddChild(elFullTrustAssemblies);
- }
-
-#if FEATURE_CLICKONCE
- if (ExtraInfo != null) {
- elRoot.AddChild(ObjectToXml("ExtraInfo", ExtraInfo));
- }
-#endif // FEATURE_CLICKONCE
- return elRoot;
- }
-
- public void FromXml (SecurityElement element) {
- if (element == null)
- throw new ArgumentNullException("element");
- if (String.Compare(element.Tag, "ApplicationTrust", StringComparison.Ordinal) != 0)
- throw new ArgumentException(Environment.GetResourceString("Argument_InvalidXML"));
-
-#if FEATURE_CLICKONCE
- m_appTrustedToRun = false;
- string isAppTrustedToRun = element.Attribute("TrustedToRun");
- if (isAppTrustedToRun != null && String.Compare(isAppTrustedToRun, "true", StringComparison.Ordinal) == 0) {
- m_appTrustedToRun = true;
- }
-
- m_persist = false;
- string persist = element.Attribute("Persist");
- if (persist != null && String.Compare(persist, "true", StringComparison.Ordinal) == 0) {
- m_persist = true;
- }
-
- m_appId = null;
- string fullName = element.Attribute("FullName");
- if (fullName != null && fullName.Length > 0) {
- m_appId = new ApplicationIdentity(fullName);
- }
-#endif // FEATURE_CLICKONCE
-
- m_psDefaultGrant = null;
- m_grantSetSpecialFlags = 0;
- SecurityElement elDefaultGrant = element.SearchForChildByTag("DefaultGrant");
- if (elDefaultGrant != null) {
- SecurityElement elDefaultGrantPS = elDefaultGrant.SearchForChildByTag("PolicyStatement");
- if (elDefaultGrantPS != null) {
- PolicyStatement ps = new PolicyStatement(null);
- ps.FromXml(elDefaultGrantPS);
- m_psDefaultGrant = ps;
- m_grantSetSpecialFlags = SecurityManager.GetSpecialFlags(ps.PermissionSet, null);
- }
- }
-
- List<StrongName> fullTrustAssemblies = new List<StrongName>();
- SecurityElement elFullTrustAssemblies = element.SearchForChildByTag("FullTrustAssemblies");
- if (elFullTrustAssemblies != null && elFullTrustAssemblies.InternalChildren != null) {
- IEnumerator enumerator = elFullTrustAssemblies.Children.GetEnumerator();
- while (enumerator.MoveNext()) {
- StrongName fullTrustAssembly = new StrongName();
- fullTrustAssembly.FromXml(enumerator.Current as SecurityElement);
- fullTrustAssemblies.Add(fullTrustAssembly);
- }
- }
-
- m_fullTrustAssemblies = fullTrustAssemblies.AsReadOnly();
-
-#if FEATURE_CLICKONCE
- m_elExtraInfo = element.SearchForChildByTag("ExtraInfo");
-#endif // FEATURE_CLICKONCE
- }
-
-#if FEATURE_CLICKONCE
- private static SecurityElement ObjectToXml (string tag, Object obj) {
- BCLDebug.Assert(obj != null, "You need to pass in an object");
-
- ISecurityEncodable encodableObj = obj as ISecurityEncodable;
-
- SecurityElement elObject;
- if (encodableObj != null) {
- elObject = encodableObj.ToXml();
- if (!elObject.Tag.Equals(tag))
- throw new ArgumentException(Environment.GetResourceString("Argument_InvalidXML"));
- }
- MemoryStream stream = new MemoryStream();
- BinaryFormatter formatter = new BinaryFormatter();
- formatter.Serialize(stream, obj);
- byte[] array = stream.ToArray();
-
- elObject = new SecurityElement(tag);
- elObject.AddAttribute("Data", Hex.EncodeHexString(array));
- return elObject;
- }
-
- private static Object ObjectFromXml (SecurityElement elObject) {
- BCLDebug.Assert(elObject != null, "You need to pass in a security element");
-
- if (elObject.Attribute("class") != null) {
- ISecurityEncodable encodableObj = XMLUtil.CreateCodeGroup(elObject) as ISecurityEncodable;
- if (encodableObj != null) {
- encodableObj.FromXml(elObject);
- return encodableObj;
- }
- }
-
- string objectData = elObject.Attribute("Data");
- MemoryStream stream = new MemoryStream(Hex.DecodeHexString(objectData));
- BinaryFormatter formatter = new BinaryFormatter();
- return formatter.Deserialize(stream);
- }
-#endif // FEATURE_CLICKONCE
-#endif // FEATURE_CAS_POLICY
-
-#pragma warning disable 618
- [SecurityPermission(SecurityAction.Demand, SerializationFormatter = true)]
-#pragma warning restore 618
- [SecuritySafeCritical]
public override EvidenceBase Clone()
{
return base.Clone();
}
}
-
-#if FEATURE_CLICKONCE
- [System.Security.SecurityCritical] // auto-generated_required
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class ApplicationTrustCollection : ICollection {
- private const string ApplicationTrustProperty = "ApplicationTrust";
- private const string InstallerIdentifier = "{60051b8f-4f12-400a-8e50-dd05ebd438d1}";
- private static Guid ClrPropertySet = new Guid("c989bb7a-8385-4715-98cf-a741a8edb823");
-
- // The CLR specific constant install reference.
- private static object s_installReference = null;
- private static StoreApplicationReference InstallReference {
- get {
- if (s_installReference == null) {
- Interlocked.CompareExchange(ref s_installReference,
- new StoreApplicationReference(
- IsolationInterop.GUID_SXS_INSTALL_REFERENCE_SCHEME_OPAQUESTRING,
- InstallerIdentifier,
- null),
- null);
- }
- return (StoreApplicationReference) s_installReference;
- }
- }
-
- private object m_appTrusts = null;
- private ArrayList AppTrusts {
- [System.Security.SecurityCritical] // auto-generated
- get {
- if (m_appTrusts == null) {
- ArrayList appTrusts = new ArrayList();
- if (m_storeBounded) {
- RefreshStorePointer();
- // enumerate the user store and populate the collection
- StoreDeploymentMetadataEnumeration deplEnum = m_pStore.EnumInstallerDeployments(IsolationInterop.GUID_SXS_INSTALL_REFERENCE_SCHEME_OPAQUESTRING, InstallerIdentifier, ApplicationTrustProperty, null);
- foreach (IDefinitionAppId defAppId in deplEnum) {
- StoreDeploymentMetadataPropertyEnumeration metadataEnum = m_pStore.EnumInstallerDeploymentProperties(IsolationInterop.GUID_SXS_INSTALL_REFERENCE_SCHEME_OPAQUESTRING, InstallerIdentifier, ApplicationTrustProperty, defAppId);
- foreach (StoreOperationMetadataProperty appTrustProperty in metadataEnum) {
- string appTrustXml = appTrustProperty.Value;
- if (appTrustXml != null && appTrustXml.Length > 0) {
- SecurityElement seTrust = SecurityElement.FromString(appTrustXml);
- ApplicationTrust appTrust = new ApplicationTrust();
- appTrust.FromXml(seTrust);
- appTrusts.Add(appTrust);
- }
- }
- }
- }
- Interlocked.CompareExchange(ref m_appTrusts, appTrusts, null);
- }
- return m_appTrusts as ArrayList;
- }
- }
-
- private bool m_storeBounded = false;
- private Store m_pStore = null; // Component store interface pointer.
-
- // Only internal constructors are exposed.
- [System.Security.SecurityCritical] // auto-generated
- internal ApplicationTrustCollection () : this(false) {}
- internal ApplicationTrustCollection (bool storeBounded) {
- m_storeBounded = storeBounded;
- }
-
- [System.Security.SecurityCritical] // auto-generated
- private void RefreshStorePointer () {
- // Refresh store pointer.
- if (m_pStore != null)
- Marshal.ReleaseComObject(m_pStore.InternalStore);
- m_pStore = IsolationInterop.GetUserStore();
- }
-
- public int Count
- {
- [System.Security.SecuritySafeCritical] // overrides public transparent member
- get {
- return AppTrusts.Count;
- }
- }
-
- public ApplicationTrust this[int index] {
- [System.Security.SecurityCritical] // auto-generated
- get {
- return AppTrusts[index] as ApplicationTrust;
- }
- }
-
- public ApplicationTrust this[string appFullName] {
- [System.Security.SecurityCritical] // auto-generated
- get {
- ApplicationIdentity identity = new ApplicationIdentity(appFullName);
- ApplicationTrustCollection appTrusts = Find(identity, ApplicationVersionMatch.MatchExactVersion);
- if (appTrusts.Count > 0)
- return appTrusts[0];
- return null;
- }
- }
-
- [System.Security.SecurityCritical] // auto-generated
- private void CommitApplicationTrust(ApplicationIdentity applicationIdentity, string trustXml) {
- StoreOperationMetadataProperty[] properties = new StoreOperationMetadataProperty[] {
- new StoreOperationMetadataProperty(ClrPropertySet, ApplicationTrustProperty, trustXml)
- };
-
- IEnumDefinitionIdentity idenum = applicationIdentity.Identity.EnumAppPath();
- IDefinitionIdentity[] asbId = new IDefinitionIdentity[1];
- IDefinitionIdentity deplId = null;
- if (idenum.Next(1, asbId) == 1)
- deplId = asbId[0];
-
- IDefinitionAppId defAppId = IsolationInterop.AppIdAuthority.CreateDefinition();
- defAppId.SetAppPath(1, new IDefinitionIdentity[] {deplId});
- defAppId.put_Codebase(applicationIdentity.CodeBase);
-
- using (StoreTransaction storeTxn = new StoreTransaction()) {
- storeTxn.Add(new StoreOperationSetDeploymentMetadata(defAppId, InstallReference, properties));
- RefreshStorePointer();
- m_pStore.Transact(storeTxn.Operations);
- }
-
- m_appTrusts = null; // reset the app trusts in the collection.
- }
-
- [System.Security.SecurityCritical] // auto-generated
- public int Add (ApplicationTrust trust) {
- if (trust == null)
- throw new ArgumentNullException("trust");
- if (trust.ApplicationIdentity == null)
- throw new ArgumentException(Environment.GetResourceString("Argument_ApplicationTrustShouldHaveIdentity"));
- Contract.EndContractBlock();
-
- // Add the trust decision of the application to the fusion store.
- if (m_storeBounded) {
- CommitApplicationTrust(trust.ApplicationIdentity, trust.ToXml().ToString());
- return -1;
- } else {
- return AppTrusts.Add(trust);
- }
- }
-
- [System.Security.SecurityCritical] // auto-generated
- public void AddRange (ApplicationTrust[] trusts) {
- if (trusts == null)
- throw new ArgumentNullException("trusts");
- Contract.EndContractBlock();
-
- int i=0;
- try {
- for (; i<trusts.Length; i++) {
- Add(trusts[i]);
- }
- } catch {
- for (int j=0; j<i; j++) {
- Remove(trusts[j]);
- }
- throw;
- }
- }
-
- [System.Security.SecurityCritical] // auto-generated
- public void AddRange (ApplicationTrustCollection trusts) {
- if (trusts == null)
- throw new ArgumentNullException("trusts");
- Contract.EndContractBlock();
-
- int i = 0;
- try {
- foreach (ApplicationTrust trust in trusts) {
- Add(trust);
- i++;
- }
- } catch {
- for (int j=0; j<i; j++) {
- Remove(trusts[j]);
- }
- throw;
- }
- }
-
- [System.Security.SecurityCritical] // auto-generated
- public ApplicationTrustCollection Find (ApplicationIdentity applicationIdentity, ApplicationVersionMatch versionMatch) {
- ApplicationTrustCollection collection = new ApplicationTrustCollection(false);
- foreach (ApplicationTrust trust in this) {
- if (CmsUtils.CompareIdentities(trust.ApplicationIdentity, applicationIdentity, versionMatch))
- collection.Add(trust);
- }
- return collection;
- }
-
- [System.Security.SecurityCritical] // auto-generated
- public void Remove (ApplicationIdentity applicationIdentity, ApplicationVersionMatch versionMatch) {
- ApplicationTrustCollection collection = Find(applicationIdentity, versionMatch);
- RemoveRange(collection);
- }
-
- [System.Security.SecurityCritical] // auto-generated
- public void Remove (ApplicationTrust trust) {
- if (trust == null)
- throw new ArgumentNullException("trust");
- if (trust.ApplicationIdentity == null)
- throw new ArgumentException(Environment.GetResourceString("Argument_ApplicationTrustShouldHaveIdentity"));
- Contract.EndContractBlock();
-
- // Remove the trust decision of the application from the fusion store.
- if (m_storeBounded) {
- CommitApplicationTrust(trust.ApplicationIdentity, null);
- } else {
- AppTrusts.Remove(trust);
- }
- }
-
- [System.Security.SecurityCritical] // auto-generated
- public void RemoveRange (ApplicationTrust[] trusts) {
- if (trusts == null)
- throw new ArgumentNullException("trusts");
- Contract.EndContractBlock();
-
- int i=0;
- try {
- for (; i<trusts.Length; i++) {
- Remove(trusts[i]);
- }
- } catch {
- for (int j=0; j<i; j++) {
- Add(trusts[j]);
- }
- throw;
- }
- }
-
- [System.Security.SecurityCritical] // auto-generated
- public void RemoveRange (ApplicationTrustCollection trusts) {
- if (trusts == null)
- throw new ArgumentNullException("trusts");
- Contract.EndContractBlock();
-
- int i = 0;
- try {
- foreach (ApplicationTrust trust in trusts) {
- Remove(trust);
- i++;
- }
- } catch {
- for (int j=0; j<i; j++) {
- Add(trusts[j]);
- }
- throw;
- }
- }
-
- [System.Security.SecurityCritical] // auto-generated
- public void Clear() {
- // remove all trust decisions in the collection.
- ArrayList trusts = this.AppTrusts;
- if (m_storeBounded) {
- foreach (ApplicationTrust trust in trusts) {
- if (trust.ApplicationIdentity == null)
- throw new ArgumentException(Environment.GetResourceString("Argument_ApplicationTrustShouldHaveIdentity"));
-
- // Remove the trust decision of the application from the fusion store.
- CommitApplicationTrust(trust.ApplicationIdentity, null);
- }
- }
- trusts.Clear();
- }
-
- public ApplicationTrustEnumerator GetEnumerator() {
- return new ApplicationTrustEnumerator(this);
- }
-
- /// <internalonly/>
- [System.Security.SecuritySafeCritical] // overrides public transparent member
- IEnumerator IEnumerable.GetEnumerator()
- {
- return new ApplicationTrustEnumerator(this);
- }
-
- /// <internalonly/>
- [System.Security.SecuritySafeCritical] // overrides public transparent member
- void ICollection.CopyTo(Array array, int index) {
- if (array == null)
- throw new ArgumentNullException("array");
- if (array.Rank != 1)
- throw new ArgumentException(Environment.GetResourceString("Arg_RankMultiDimNotSupported"));
- if (index < 0 || index >= array.Length)
- throw new ArgumentOutOfRangeException("index", Environment.GetResourceString("ArgumentOutOfRange_Index"));
- if (array.Length - index < this.Count)
- throw new ArgumentException(Environment.GetResourceString("Argument_InvalidOffLen"));
- Contract.EndContractBlock();
-
- for (int i=0; i < this.Count; i++) {
- array.SetValue(this[i], index++);
- }
- }
-
- public void CopyTo (ApplicationTrust[] array, int index) {
- ((ICollection)this).CopyTo(array, index);
- }
-
- public bool IsSynchronized {
- [System.Security.SecuritySafeCritical] // overrides public transparent member
- get
- {
- return false;
- }
- }
-
- public object SyncRoot {
- [System.Security.SecuritySafeCritical] // overrides public transparent member
- get
- {
- return this;
- }
- }
- }
-
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class ApplicationTrustEnumerator : IEnumerator {
- [System.Security.SecurityCritical] // auto-generated
- private ApplicationTrustCollection m_trusts;
- private int m_current;
-
- private ApplicationTrustEnumerator() {}
- [System.Security.SecurityCritical] // auto-generated
- internal ApplicationTrustEnumerator(ApplicationTrustCollection trusts) {
- m_trusts = trusts;
- m_current = -1;
- }
-
- public ApplicationTrust Current {
- [System.Security.SecuritySafeCritical] // auto-generated
- get {
- return m_trusts[m_current];
- }
- }
-
- /// <internalonly/>
- object IEnumerator.Current {
- [System.Security.SecuritySafeCritical] // auto-generated
- get {
- return (object) m_trusts[m_current];
- }
- }
-
- [System.Security.SecuritySafeCritical] // auto-generated
- public bool MoveNext() {
- if (m_current == ((int) m_trusts.Count - 1))
- return false;
- m_current++;
- return true;
- }
-
- public void Reset() {
- m_current = -1;
- }
- }
-#endif // FEATURE_CLICKONCE
}
diff --git a/src/mscorlib/src/System/Security/Policy/Evidence.cs b/src/mscorlib/src/System/Security/Policy/Evidence.cs
index 8bf8aa7e92..22479dff6c 100644
--- a/src/mscorlib/src/System/Security/Policy/Evidence.cs
+++ b/src/mscorlib/src/System/Security/Policy/Evidence.cs
@@ -2,28 +2,13 @@
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
-//
-
namespace System.Security.Policy
{
- using System;
- using System.Collections;
- using System.Collections.Generic;
- using System.Configuration.Assemblies;
- using System.Diagnostics.Contracts;
- using System.IO;
- using System.Reflection;
- using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
- using System.Runtime.Remoting;
#if FEATURE_SERIALIZATION
using System.Runtime.Serialization;
using System.Runtime.Serialization.Formatters.Binary;
#endif // FEATURE_SERIALIZATION
- using System.Security.Permissions;
- using System.Security.Util;
- using System.Threading;
- using Microsoft.Win32.SafeHandles;
/// <summary>
/// The Evidence class keeps track of information that can be used to make security decisions about
@@ -48,1856 +33,6 @@ namespace System.Security.Policy
#endif
[ComVisible(true)]
public sealed class Evidence
-#if FEATURE_CAS_POLICY
- : ICollection
-#endif // FEATURE_CAS_POLICY
{
-#if !FEATURE_CORECLR && FEATURE_RWLOCK
-#if FEATURE_SERIALIZATION
- [OptionalField(VersionAdded = 4)]
- private Dictionary<Type, EvidenceTypeDescriptor> m_evidence;
-
- [OptionalField(VersionAdded = 4)]
- private bool m_deserializedTargetEvidence;
-
- // These fields are only used to deserialize v2.0 serialized versions of Evidence. It will be null
- // after the seriailzation process is complete, and should not be used.
-#pragma warning disable 414
- private volatile ArrayList m_hostList;
- private volatile ArrayList m_assemblyList;
-#pragma warning restore 414
-#else // !FEATURE_SERIALIZATION
- private Dictionary<Type, EvidenceTypeDescriptor> m_evidence;
-#endif // FEATURE_SERIALIZATION
-
- [NonSerialized]
- private ReaderWriterLock m_evidenceLock;
-
- [NonSerialized]
- private uint m_version;
-
- [NonSerialized]
- private IRuntimeEvidenceFactory m_target;
-
- private bool m_locked;
-
- // If this evidence collection is a clone where we may need to backpatch to the original, this will
- // reference the collection it was cloned from. See
- // code:System.Security.Policy.Evidence#BackpatchGeneratedEvidence
- [NonSerialized]
- private WeakReference m_cloneOrigin;
-
- private static volatile Type[] s_runtimeEvidenceTypes;
-
- /// <summary>
- /// Set of actions that we could perform if we detect that we are attempting to add evidence
- /// when we already have evidence of that type stored.
- /// </summary>
- private enum DuplicateEvidenceAction
- {
- Throw, // Throw an exception
- Merge, // Create a list of all the evidence objects
- SelectNewObject // The newly added object wins
- }
-
-#if FEATURE_CAS_POLICY
- public Evidence()
- {
- m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>();
- m_evidenceLock = new ReaderWriterLock();
- }
-#endif // FEATURE_CAS_POLICY
-
- /// <summary>
- /// Create a deep copy of an evidence object
- /// </summary>
- public Evidence(Evidence evidence)
- {
- m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>();
-
- if (evidence != null)
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(evidence, EvidenceLockHolder.LockType.Reader))
- {
- foreach (KeyValuePair<Type, EvidenceTypeDescriptor> evidenceType in evidence.m_evidence)
- {
- EvidenceTypeDescriptor cloneDescriptor = evidenceType.Value;
- if (cloneDescriptor != null)
- {
- cloneDescriptor = cloneDescriptor.Clone();
- }
-
- m_evidence[evidenceType.Key] = cloneDescriptor;
- }
-
- m_target = evidence.m_target;
- m_locked = evidence.m_locked;
-#if FEATURE_SERIALIZATION
- m_deserializedTargetEvidence = evidence.m_deserializedTargetEvidence;
-#endif // FEATURE_SERIALIZATION
-
- // see code:System.Security.Policy.Evidence#BackpatchGeneratedEvidence
- if (evidence.Target != null)
- {
- m_cloneOrigin = new WeakReference(evidence);
- }
- }
- }
-
- // see code:System.Security.Policy.Evidence#EvidenceLock
- m_evidenceLock = new ReaderWriterLock();
- }
-
- [Obsolete("This constructor is obsolete. Please use the constructor which takes arrays of EvidenceBase instead.")]
- public Evidence(object[] hostEvidence, object[] assemblyEvidence)
- {
- m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>();
-
- // This is a legacy evidence entry point, so we add through the legacy add APIs in order to get
- // proper legacy wrapping and merge behavior.
-#pragma warning disable 618
- if (hostEvidence != null)
- {
- foreach (object hostEvidenceObject in hostEvidence)
- {
- AddHost(hostEvidenceObject);
- }
- }
-
- if (assemblyEvidence != null)
- {
- foreach (object assemblyEvidenceObject in assemblyEvidence)
- {
- AddAssembly(assemblyEvidenceObject);
- }
- }
-#pragma warning restore 618
-
- // see code:System.Security.Policy.Evidence#EvidenceLock
- m_evidenceLock = new ReaderWriterLock();
- }
-
- public Evidence(EvidenceBase[] hostEvidence, EvidenceBase[] assemblyEvidence)
- {
- m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>();
-
- if (hostEvidence != null)
- {
- foreach (EvidenceBase hostEvidenceObject in hostEvidence)
- {
- AddHostEvidence(hostEvidenceObject, GetEvidenceIndexType(hostEvidenceObject), DuplicateEvidenceAction.Throw);
- }
- }
-
- if (assemblyEvidence != null)
- {
- foreach (EvidenceBase assemblyEvidenceObject in assemblyEvidence)
- {
- AddAssemblyEvidence(assemblyEvidenceObject, GetEvidenceIndexType(assemblyEvidenceObject), DuplicateEvidenceAction.Throw);
- }
- }
-
- // see code:System.Security.Policy.Evidence#EvidenceLock
- m_evidenceLock = new ReaderWriterLock();
- }
-
- /// <summary>
- /// Create an empty evidence collection which will contain evidence for a specific assembly or
- /// AppDomain
- /// </summary>
- [SecuritySafeCritical]
- internal Evidence(IRuntimeEvidenceFactory target)
- {
- Contract.Assert(target != null);
-
- m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>();
- m_target = target;
-
- // Setup the types of evidence that the CLR can generate for a target as keys in the dictionary
- foreach (Type runtimeEvidenceType in RuntimeEvidenceTypes)
- {
- BCLDebug.Assert(typeof(EvidenceBase).IsAssignableFrom(runtimeEvidenceType), "All runtime evidence types should be EvidenceBases");
- m_evidence[runtimeEvidenceType] = null;
- }
-
- QueryHostForPossibleEvidenceTypes();
-
- // see code:System.Security.Policy.Evidence#EvidenceLock
- m_evidenceLock = new ReaderWriterLock();
- }
-
- internal static Type[] RuntimeEvidenceTypes
- {
- get
- {
- if (s_runtimeEvidenceTypes == null)
- {
- Type[] runtimeEvidenceTypes = new Type[]
- {
-#if FEATURE_CLICKONCE
- typeof(System.Runtime.Hosting.ActivationArguments),
-#endif // FEATURE_CLICKONCE
-#if FEATURE_CAS_POLICY
- typeof(ApplicationDirectory),
-#endif // FEATURE_CAS_POLICY
- typeof(ApplicationTrust),
-#if FEATURE_CAS_POLICY
- typeof(GacInstalled),
- typeof(Hash),
- typeof(Publisher),
-#endif // FEATURE_CAS_POLICY
- typeof(Site),
- typeof(StrongName),
- typeof(Url),
- typeof(Zone)
- };
-
-#if FEATURE_CAS_POLICY
- // We only supply permission request evidence in legacy CAS mode
- if (AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
- {
-#pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode
- int l = runtimeEvidenceTypes.Length;
- Array.Resize(ref runtimeEvidenceTypes, l+1);
- runtimeEvidenceTypes[l] = typeof(PermissionRequestEvidence);
-#pragma warning restore 618
- }
-#endif // FEATURE_CAS_POLICY
-
- s_runtimeEvidenceTypes = runtimeEvidenceTypes;
- }
-
- return s_runtimeEvidenceTypes;
- }
- }
-
- //
- // #EvidenceLock
- //
- // Evidence synchronization locking wrappers. In the case where the lock has not yet been created,
- // we know that we're in the process of constructing the evidence collection and therefore we can
- // act as though the evidence is locked. If there is a lock in place, then just delegate back to it.
- //
- // The nested EvidenceLockHolder and EvidenceUpgradeLockHolder utility classes can be used to wrap
- // these methods when acquiring and releasing the evidence lock.
- //
-
- // Millisecond timeout when waiting to acquire the evidence lock
- private const int LockTimeout = 5000;
-
- private bool IsReaderLockHeld
- {
- get { return m_evidenceLock == null || m_evidenceLock.IsReaderLockHeld; }
- }
-
- private bool IsWriterLockHeld
- {
- get { return m_evidenceLock == null || m_evidenceLock.IsWriterLockHeld; }
- }
-
- private void AcquireReaderLock()
- {
- Contract.Assert(m_evidenceLock == null || !IsReaderLockHeld);
-
- if (m_evidenceLock != null)
- {
- m_evidenceLock.AcquireReaderLock(LockTimeout);
- }
- }
-
- private void AcquireWriterlock()
- {
- Contract.Assert(m_evidenceLock == null || !IsWriterLockHeld);
-
- if (m_evidenceLock != null)
- {
- m_evidenceLock.AcquireWriterLock(LockTimeout);
- }
- }
-
- private void DowngradeFromWriterLock(ref LockCookie lockCookie)
- {
- Contract.Assert(IsWriterLockHeld);
- if (m_evidenceLock != null)
- {
- m_evidenceLock.DowngradeFromWriterLock(ref lockCookie);
- }
- }
-
- private LockCookie UpgradeToWriterLock()
- {
- Contract.Assert(IsReaderLockHeld);
- return m_evidenceLock != null ? m_evidenceLock.UpgradeToWriterLock(LockTimeout) : new LockCookie();
- }
-
- private void ReleaseReaderLock()
- {
- Contract.Assert(IsReaderLockHeld);
-
- if (m_evidenceLock != null)
- {
- m_evidenceLock.ReleaseReaderLock();
- }
- }
-
- private void ReleaseWriterLock()
- {
- Contract.Assert(IsWriterLockHeld);
-
- if (m_evidenceLock != null)
- {
- m_evidenceLock.ReleaseWriterLock();
- }
- }
-
- [Obsolete("This method is obsolete. Please use AddHostEvidence instead.")]
- [SecuritySafeCritical]
- public void AddHost(object id)
- {
- if (id == null)
- throw new ArgumentNullException("id");
- if (!id.GetType().IsSerializable)
- throw new ArgumentException(Environment.GetResourceString("Policy_EvidenceMustBeSerializable"), "id");
- Contract.EndContractBlock();
-
- if (m_locked)
- {
- new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
- }
-
- EvidenceBase evidence = WrapLegacyEvidence(id);
- Type evidenceIndex = GetEvidenceIndexType(evidence);
-
- // Whidbey allowed for multiple types of the same evidence, so if we're being called via the Whidbey
- // APIs, then allow the evidences to merge together.
- AddHostEvidence(evidence, evidenceIndex, DuplicateEvidenceAction.Merge);
- }
-
- [Obsolete("This method is obsolete. Please use AddAssemblyEvidence instead.")]
- public void AddAssembly(object id)
- {
- if (id == null)
- throw new ArgumentNullException("id");
- if (!id.GetType().IsSerializable)
- throw new ArgumentException(Environment.GetResourceString("Policy_EvidenceMustBeSerializable"), "id");
- Contract.EndContractBlock();
-
- EvidenceBase evidence = WrapLegacyEvidence(id);
- Type evidenceIndex = GetEvidenceIndexType(evidence);
-
- // Whidbey allowed for multiple types of the same evidence, so if we're being called via the Whidbey
- // APIs, then allow the evidences to merge together.
- AddAssemblyEvidence(evidence, evidenceIndex, DuplicateEvidenceAction.Merge);
- }
-
- /// <summary>
- /// Add a piece of evidence to the assembly supplied evidence list. This method will disallow adding
- /// evidence if there is already evidence of that type in the assembly list.
- /// </summary>
- [ComVisible(false)]
- public void AddAssemblyEvidence<T>(T evidence) where T : EvidenceBase
- {
- if (evidence == null)
- throw new ArgumentNullException("evidence");
- Contract.EndContractBlock();
-
- // Index the evidence under the type that the Add function was called with, unless we were given
- // a plain EvidenceBase or a wrapped legacy evidence. In that case, we need to index under a
- // more specific type.
- Type evidenceType = typeof(T);
- if (typeof(T) == typeof(EvidenceBase) || evidence is ILegacyEvidenceAdapter)
- {
- evidenceType = GetEvidenceIndexType(evidence);
- }
-
- AddAssemblyEvidence(evidence, evidenceType, DuplicateEvidenceAction.Throw);
- }
-
- private void AddAssemblyEvidence(EvidenceBase evidence, Type evidenceType, DuplicateEvidenceAction duplicateAction)
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer))
- {
- AddAssemblyEvidenceNoLock(evidence, evidenceType, duplicateAction);
- }
- }
-
- private void AddAssemblyEvidenceNoLock(EvidenceBase evidence, Type evidenceType, DuplicateEvidenceAction duplicateAction)
- {
- Contract.Assert(IsWriterLockHeld);
- Contract.Assert(evidence != null);
- Contract.Assert(evidenceType != null);
-
- // We need to make sure that any target supplied evidence is deserialized before adding to the
- // Assembly collection in order to preserve the semantics that the evidence objects supplied by
- // the target are the original versions and evidence objects added via the APIs are the duplicates.
- DeserializeTargetEvidence();
-
- EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(evidenceType, true);
-
- ++m_version;
- if (descriptor.AssemblyEvidence == null)
- {
- descriptor.AssemblyEvidence = evidence;
- }
- else
- {
- descriptor.AssemblyEvidence = HandleDuplicateEvidence(descriptor.AssemblyEvidence,
- evidence,
- duplicateAction);
- }
- }
-
- /// <summary>
- /// Add a piece of evidence to the host supplied evidence list. This method will disallow adding
- /// evidence if there is already evidence of that type in the host list.
- /// </summary>
- [ComVisible(false)]
- public void AddHostEvidence<T>(T evidence) where T : EvidenceBase
- {
- if (evidence == null)
- throw new ArgumentNullException("evidence");
- Contract.EndContractBlock();
-
- // Index the evidence under the type that the Add function was called with, unless we were given
- // a plain EvidenceBase or a wrapped legacy evidence. In that case, we need to index under a
- // more specific type.
- Type evidenceType = typeof(T);
- if (typeof(T) == typeof(EvidenceBase) || evidence is ILegacyEvidenceAdapter)
- {
- evidenceType = GetEvidenceIndexType(evidence);
- }
-
- AddHostEvidence(evidence, evidenceType, DuplicateEvidenceAction.Throw);
- }
-
- [SecuritySafeCritical]
- private void AddHostEvidence(EvidenceBase evidence, Type evidenceType, DuplicateEvidenceAction duplicateAction)
- {
- Contract.Assert(evidence != null);
- Contract.Assert(evidenceType != null);
-
- if (Locked)
- {
- new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
- }
-
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer))
- {
- AddHostEvidenceNoLock(evidence, evidenceType, duplicateAction);
- }
- }
-
- /// <summary>
- /// Add evidence to the host supplied evidence collection without acquiring the evidence lock or
- /// checking to make sure that the caller has permission to bypass locked evidence.
- /// </summary>
- private void AddHostEvidenceNoLock(EvidenceBase evidence, Type evidenceType, DuplicateEvidenceAction duplicateAction)
- {
- Contract.Assert(IsWriterLockHeld);
- Contract.Assert(evidence != null);
- Contract.Assert(evidenceType != null);
-
- EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(evidenceType, true);
-
- ++m_version;
- if (descriptor.HostEvidence == null)
- {
- descriptor.HostEvidence = evidence;
- }
- else
- {
- descriptor.HostEvidence = HandleDuplicateEvidence(descriptor.HostEvidence,
- evidence,
- duplicateAction);
- }
- }
-
- /// <summary>
- /// Ask the host for the types of evidence that it might provide if it is asked.
- ///
- /// This should only be called when setting up the Evidence collection to interact with the
- /// host, and should not be used once that connection is established and the evidence has been
- /// made available to user code.
- /// </summary>
- [SecurityCritical]
- private void QueryHostForPossibleEvidenceTypes()
- {
-#if FEATURE_CAS_POLICY
- Contract.Assert(IsWriterLockHeld);
-
- // First check to see if we have a HostSecurityManager
- if (AppDomain.CurrentDomain.DomainManager != null)
- {
- HostSecurityManager hsm = AppDomain.CurrentDomain.DomainManager.HostSecurityManager;
- if (hsm != null)
- {
- Type[] hostSuppliedTypes = null;
-
- AppDomain targetDomain = m_target.Target as AppDomain;
- Assembly targetAssembly = m_target.Target as Assembly;
-
- //
- // If the HostSecurityManager wants to supply evidence for the type of target that we have,
- // then ask it what types of evidence it might supply.
- //
-
- if (targetAssembly != null &&
- (hsm.Flags & HostSecurityManagerOptions.HostAssemblyEvidence) == HostSecurityManagerOptions.HostAssemblyEvidence)
- {
- hostSuppliedTypes = hsm.GetHostSuppliedAssemblyEvidenceTypes(targetAssembly);
- }
- else if (targetDomain != null &&
- (hsm.Flags & HostSecurityManagerOptions.HostAppDomainEvidence) == HostSecurityManagerOptions.HostAppDomainEvidence)
- {
- hostSuppliedTypes = hsm.GetHostSuppliedAppDomainEvidenceTypes();
- }
-
- //
- // Finally, mark the descriptor for each of the types that the host can supply to indicate
- // we should ask the host to generate them if we're asked.
- //
-
- if (hostSuppliedTypes != null)
- {
- foreach (Type hostEvidenceType in hostSuppliedTypes)
- {
- EvidenceTypeDescriptor evidenceDescriptor = GetEvidenceTypeDescriptor(hostEvidenceType, true);
- evidenceDescriptor.HostCanGenerate = true;
- }
- }
- }
- }
-#endif // FEATURE_CAS_POLICY
- }
-
- internal bool IsUnmodified
- {
- get { return m_version == 0; }
- }
-
- /// <summary>
- /// Set or check to see if the evidence is locked. Locked evidence cannot have its host supplied
- /// evidence list be modified without a successful demand for ControlEvidence. Any code can lock
- /// evidence, but only code with ControlEvidence may unlock it.
- ///
- /// This lock is not the same as the synchronization lock that gates access to the evidence collection.
- /// </summary>
- public bool Locked
- {
- get
- {
- return m_locked;
- }
-
- [SecuritySafeCritical]
- set
- {
- if (!value)
- {
- new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
-
- m_locked = false;
- }
- else
- {
- m_locked = true;
- }
- }
- }
-
- /// <summary>
- /// Target of any delay generated evidence objects
- /// </summary>
- internal IRuntimeEvidenceFactory Target
- {
- get { return m_target; }
-
- //
- // There are two retargeting scenarios supported:
- //
- // 1. A PEFileEvidenceFactory is being upgraded to an AssemblyEvidenceFactory and we don't want
- // to throw away any already generated evidence.
- // 2. A detached evidence collection is being applied to an AppDomain and that domain has a
- // HostSecurityManager. In that case, we want to attach the target to the AppDomain to
- // allow the HostSecurityManager to get callbacks for delay generated evidence.
- //
-
- [SecurityCritical]
- set
- {
-#if FEATURE_CAS_POLICY
- Contract.Assert((m_target != null && m_target is PEFileEvidenceFactory && value != null && value is AssemblyEvidenceFactory) ||
- (m_target == null && value != null && value is AppDomainEvidenceFactory),
- "Evidence retargeting should only be from PEFile -> Assembly or detached -> AppDomain.");
-#endif // FEATURE_CAS_POLICY
-
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer))
- {
- m_target = value;
-
- // Since we've updated what we're pointing at, we need to query the host to determine what
- // types of evidence that it can generate for this new target.
- QueryHostForPossibleEvidenceTypes();
- }
- }
- }
-
- /// <summary>
- /// Get the type that would be used to index into the evidence dictionary for this object
- /// </summary>
- private static Type GetEvidenceIndexType(EvidenceBase evidence)
- {
- Contract.Assert(evidence != null);
-
- //
- // Legacy wrapper evidence types should be indexed via the type of evidence that they're wrapping
- // so check to see if we have one of those; otherwise just return the type itself.
- //
-
- ILegacyEvidenceAdapter adapter = evidence as ILegacyEvidenceAdapter;
- return adapter == null ? evidence.GetType() : adapter.EvidenceType;
- }
-
- /// <summary>
- /// Get the type descriptor for a specific type of evidence. This method should be used instead
- /// of accessing the dictionary directly as it will handle the case where a new descriptor needs
- /// to be created.
- /// </summary>
- internal EvidenceTypeDescriptor GetEvidenceTypeDescriptor(Type evidenceType)
- {
- return GetEvidenceTypeDescriptor(evidenceType, false);
- }
-
- /// <summary>
- /// Get the type descriptor for a specific type of evidence, optionally creating a descriptor if
- /// we did not yet know about this type of evidence. This method should be used instead of
- /// accessing the dictionary directly as it will handle the case where a new descriptor needs
- /// to be created.
- /// </summary>
- private EvidenceTypeDescriptor GetEvidenceTypeDescriptor(Type evidenceType, bool addIfNotExist)
- {
- Contract.Assert(IsReaderLockHeld || IsWriterLockHeld);
- Contract.Assert(evidenceType != null);
-
- // If we don't know about the type being indexed and we don't want to add it then exit out
- EvidenceTypeDescriptor descriptor = null;
- if (!m_evidence.TryGetValue(evidenceType, out descriptor) && !addIfNotExist)
- {
- return null;
- }
-
- // If we haven't yet created a descriptor for this type then create one now
- if (descriptor == null)
- {
- descriptor = new EvidenceTypeDescriptor();
-#if _DEBUG
- descriptor.SetEvidenceType(evidenceType);
-#endif // _DEBUG
-
- bool upgradedLock = false;
- LockCookie upgradeCookie = new LockCookie();
- try
- {
- if (!IsWriterLockHeld)
- {
- upgradeCookie = UpgradeToWriterLock();
- upgradedLock = true;
- }
-
- m_evidence[evidenceType] = descriptor;
- }
- finally
- {
- if (upgradedLock)
- DowngradeFromWriterLock(ref upgradeCookie);
- }
- }
-
- return descriptor;
- }
-
- /// <summary>
- /// This method is called if a piece of evidence is added but another piece of evidence of the same
- /// type already existed. We have different strategies depending on compatibility concerns of the
- /// calling code.
- /// </summary>
- private static EvidenceBase HandleDuplicateEvidence(EvidenceBase original,
- EvidenceBase duplicate,
- DuplicateEvidenceAction action)
- {
- Contract.Assert(original != null);
- Contract.Assert(duplicate != null);
- Contract.Assert(original.GetType() == duplicate.GetType() || original.GetType() == typeof(LegacyEvidenceList));
-
- switch (action)
- {
- // Throw - duplicate evidence is not allowed (Arrowhead behavior), so throw an exception
- case DuplicateEvidenceAction.Throw:
- throw new InvalidOperationException(Environment.GetResourceString("Policy_DuplicateEvidence", duplicate.GetType().FullName));
-
- // SelectNewObject - MergeWithNoDuplicates behavior - the duplicate object wins
- case DuplicateEvidenceAction.SelectNewObject:
- return duplicate;
-
- // Merge - compat behavior. Merge the old and new evidence into a list so that both may exist
- case DuplicateEvidenceAction.Merge:
-
- LegacyEvidenceList list = original as LegacyEvidenceList;
- if (list == null)
- {
- list = new LegacyEvidenceList();
- list.Add(original);
- }
-
- list.Add(duplicate);
- return list;
-
- default:
- BCLDebug.Assert(false, "Uknown DuplicateEvidenceAction");
- return null;
- }
- }
-
- /// <summary>
- /// Wrap evidence we recieved through a legacy API to ensure that it is stored in an EvidenceBase
- /// </summary>
- private static EvidenceBase WrapLegacyEvidence(object evidence)
- {
- Contract.Assert(evidence != null);
-
- EvidenceBase wrappedEvidence = evidence as EvidenceBase;
- if (wrappedEvidence == null)
- {
- wrappedEvidence = new LegacyEvidenceWrapper(evidence);
- }
-
- return wrappedEvidence;
- }
-
- /// <summary>
- /// Upwrap evidence stored in a legacy adapter.
- ///
- /// This is only necessary for the case where multiple objects derived from EvidenceBase is
- /// are added via the legacy APIs and are then retrieved via GetHostEvidence. This may occur if
- /// a legacy application adds CLR supplied evidence types via the old APIs and a new application
- /// consumes the resulting evidence.
- /// </summary>
- private static object UnwrapEvidence(EvidenceBase evidence)
- {
- ILegacyEvidenceAdapter adapter = evidence as ILegacyEvidenceAdapter;
- return adapter == null ? evidence : adapter.EvidenceObject;
- }
-
- /// <summary>
- /// Merge two evidence collections together. Note that this will cause all of the lazily
- /// generated evidence for the input collection to be generated, as well as causing any lazily
- /// generated evidence that both collections share to be generated in the target.
- /// </summary>
- [SecuritySafeCritical]
- public void Merge(Evidence evidence)
- {
- if (evidence == null)
- {
- return;
- }
-
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer))
- {
- bool checkedLock = false;
- IEnumerator hostEnumerator = evidence.GetHostEnumerator();
- while (hostEnumerator.MoveNext())
- {
- if (Locked && !checkedLock)
- {
- new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
- checkedLock = true;
- }
-
- // If we could potentially have evidence of the type about to be merged into our host list,
- // then make sure that we generate that evidence before merging. This will prevent the
- // newly merged evidence from masking the value that we would have generated on our own.
- Type hostEvidenceType = hostEnumerator.Current.GetType();
- if (m_evidence.ContainsKey(hostEvidenceType))
- {
- GetHostEvidenceNoLock(hostEvidenceType);
- }
-
- EvidenceBase hostEvidence = WrapLegacyEvidence(hostEnumerator.Current);
- AddHostEvidenceNoLock(hostEvidence,
- GetEvidenceIndexType(hostEvidence),
- DuplicateEvidenceAction.Merge);
- }
-
- // Add each piece of assembly evidence. We don't need to deserialize our copy of the
- // evidence because AddAssemblyEvidenceNoLock will do this for us.
- IEnumerator assemblyEnumerator = evidence.GetAssemblyEnumerator();
- while (assemblyEnumerator.MoveNext())
- {
- EvidenceBase assemblyEvidence = WrapLegacyEvidence(assemblyEnumerator.Current);
- AddAssemblyEvidenceNoLock(assemblyEvidence,
- GetEvidenceIndexType(assemblyEvidence),
- DuplicateEvidenceAction.Merge);
- }
- }
- }
-
- /// <summary>
- /// Same as merge, except only one instance of any one evidence type is allowed. When duplicates
- /// are found, the evidence in the input argument will have priority. Note this will force the
- /// entire input evidence to be generated, and does not check for locked evidence
- /// </summary>
- internal void MergeWithNoDuplicates(Evidence evidence)
- {
- if (evidence == null)
- {
- return;
- }
-
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer))
- {
- IEnumerator hostEnumerator = evidence.GetHostEnumerator();
- while (hostEnumerator.MoveNext())
- {
- EvidenceBase hostEvidence = WrapLegacyEvidence(hostEnumerator.Current);
- AddHostEvidenceNoLock(hostEvidence,
- GetEvidenceIndexType(hostEvidence),
- DuplicateEvidenceAction.SelectNewObject);
- }
-
- IEnumerator assemblyEnumerator = evidence.GetAssemblyEnumerator();
- while (assemblyEnumerator.MoveNext())
- {
- EvidenceBase assemblyEvidence = WrapLegacyEvidence(assemblyEnumerator.Current);
- AddAssemblyEvidenceNoLock(assemblyEvidence,
- GetEvidenceIndexType(assemblyEvidence),
- DuplicateEvidenceAction.SelectNewObject);
- }
- }
- }
-
-#if FEATURE_SERIALIZATION
- /// <summary>
- /// Do a full serialization of the evidence, which requires that we generate all of the evidence
- /// we can and disconnect ourselves from the host and source assembly.
- /// </summary>
- [ComVisible(false)]
- [OnSerializing]
- [SecurityCritical]
- [PermissionSet(SecurityAction.Assert, Unrestricted = true)]
- private void OnSerializing(StreamingContext context)
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- // First, force all of the host evidence that might be lazily generated to be created
- foreach (Type evidenceType in new List<Type>(m_evidence.Keys))
- {
- GetHostEvidenceNoLock(evidenceType);
- }
-
- // Also ensure that all serialized assembly evidence has been created
- DeserializeTargetEvidence();
- }
-
- // Fill in legacy evidence lists. We can't guarantee thread-safety here using locks
- // because we can't put a lock in the serialization code that will read the lists.
- // The best we can do is prevent another thread from seeing a half-populated list.
- // Therefore, we assign the lists after we've populated them fully (and declare them volatile.)
- ArrayList hostList = new ArrayList();
- IEnumerator hostEnumerator = GetHostEnumerator();
- while (hostEnumerator.MoveNext())
- {
- hostList.Add(hostEnumerator.Current);
- }
- m_hostList = hostList;
-
- ArrayList assemblyList = new ArrayList();
- IEnumerator assemblyEnumerator = GetAssemblyEnumerator();
- while (assemblyEnumerator.MoveNext())
- {
- assemblyList.Add(assemblyEnumerator.Current);
- }
- m_assemblyList = assemblyList;
- }
-
- /// <summary>
- /// Finish deserializing legacy evidence
- /// </summary>
- [ComVisible(false)]
- [OnDeserialized]
- [SecurityCritical]
- private void OnDeserialized(StreamingContext context)
- {
- // Look at host and assembly evidence lists only if we serialized using Whidbey.
- if (m_evidence == null)
- {
- m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>();
-
- // Whidbey evidence may need to be wrapped or added to a LegacyEvidenceList, so we go
- // through the legacy APIs to add them.
-#pragma warning disable 618
- if (m_hostList != null)
- {
- foreach (object evidenceObject in m_hostList)
- {
- if (evidenceObject != null)
- {
- AddHost(evidenceObject);
- }
- }
-
- m_hostList = null;
- }
-
- if (m_assemblyList != null)
- {
- foreach (object evidenceObject in m_assemblyList)
- {
- if (evidenceObject != null)
- {
- AddAssembly(evidenceObject);
- }
- }
-
- m_assemblyList = null;
- }
-#pragma warning restore 618
- }
-
- // see code:System.Security.Policy.Evidence#EvidenceLock
- m_evidenceLock = new ReaderWriterLock();
- }
-#endif // FEATURE_SERIALIZATION
-
- /// <summary>
- /// Load any serialized evidence out of the target assembly into our evidence collection.
- ///
- /// We allow entry to this method with only a reader lock held, since most of the time we will
- /// not need to write to the evidence dictionary. If we haven't yet deserialized the target
- /// evidence, then we will upgrade to a writer lock at that point.
- /// </summary>
- private void DeserializeTargetEvidence()
- {
-#if FEATURE_SERIALIZATION
- Contract.Assert(IsReaderLockHeld || IsWriterLockHeld);
-
- if (m_target != null && !m_deserializedTargetEvidence)
- {
- bool upgradedLock = false;
- LockCookie lockCookie = new LockCookie();
- try
- {
- if (!IsWriterLockHeld)
- {
- lockCookie = UpgradeToWriterLock();
- upgradedLock = true;
- }
-
- // Set this to true here because AddAssemblyEvidenceNoLock will attempt to reenter this
- // method creating possible infinite recursion.
- m_deserializedTargetEvidence = true;
-
- foreach (EvidenceBase targetEvidence in m_target.GetFactorySuppliedEvidence())
- {
- AddAssemblyEvidenceNoLock(targetEvidence, GetEvidenceIndexType(targetEvidence), DuplicateEvidenceAction.Throw);
- }
- }
- finally
- {
- if (upgradedLock)
- DowngradeFromWriterLock(ref lockCookie);
- }
- }
-#endif // FEATURE_SERIALIZATION
- }
-
-#if FEATURE_SERIALIZATION
- /// <summary>
- /// Serialize out raw evidence objects which have already been generated, ignoring any evidence
- /// which might be present but has not yet been created for this assembly.
- ///
- /// This is used for indexing into the security policy cache, since we know that once policy is
- /// resolved, the relevent membership conditions will have checked for any applicable evidence
- /// and therefore after poliyc resolution this evidence collection will contain any evidence
- /// objects necessary to arrive at its grant set.
- /// </summary>
- [SecurityCritical]
- internal byte[] RawSerialize()
- {
- try
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- // Filter out any evidence which is not yet generated
- Dictionary<Type, EvidenceBase> generatedEvidence = new Dictionary<Type, EvidenceBase>();
- foreach (KeyValuePair<Type, EvidenceTypeDescriptor> evidenceType in m_evidence)
- {
- if (evidenceType.Value != null && evidenceType.Value.HostEvidence != null)
- {
- generatedEvidence[evidenceType.Key] = evidenceType.Value.HostEvidence;
- }
- }
-
- using (MemoryStream serializationStream = new MemoryStream())
- {
- BinaryFormatter formatter = new BinaryFormatter();
- formatter.Serialize(serializationStream, generatedEvidence);
- return serializationStream.ToArray();
- }
- }
- }
- catch (SecurityException)
- {
- // We're running in a context where it's not safe to serialize the evidence out. In this case
- // Simply decline to cache the result of the policy evaluation
- return null;
- }
- }
-#endif // FEATURE_SERIALIZATION
-
- //
- // ICollection implementation. All ICollection interface members are potentially much more
- // expensive in Arrowhead then they were downlevel. They should not be used if the standard Get and
- // Add methods will work instead.
- //
-
- [Obsolete("Evidence should not be treated as an ICollection. Please use the GetHostEnumerator and GetAssemblyEnumerator methods rather than using CopyTo.")]
- public void CopyTo(Array array, int index)
- {
- if (array == null)
- throw new ArgumentNullException("array");
- if (index < 0 || index > array.Length - Count)
- throw new ArgumentOutOfRangeException("index");
- Contract.EndContractBlock();
-
- int currentIndex = index;
-
- IEnumerator hostEnumerator = GetHostEnumerator();
- while (hostEnumerator.MoveNext())
- {
- array.SetValue(hostEnumerator.Current, currentIndex);
- ++currentIndex;
- }
-
- IEnumerator assemblyEnumerator = GetAssemblyEnumerator();
- while (assemblyEnumerator.MoveNext())
- {
- array.SetValue(assemblyEnumerator.Current, currentIndex);
- ++currentIndex;
- }
- }
-
- public IEnumerator GetHostEnumerator()
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- return new EvidenceEnumerator(this, EvidenceEnumerator.Category.Host);
- }
- }
-
- public IEnumerator GetAssemblyEnumerator()
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- DeserializeTargetEvidence();
- return new EvidenceEnumerator(this, EvidenceEnumerator.Category.Assembly);
- }
- }
-
- /// <summary>
- /// Get an enumerator that can iterate over the raw evidence objects stored for the assembly
- /// </summary>
- internal RawEvidenceEnumerator GetRawAssemblyEvidenceEnumerator()
- {
- Contract.Assert(IsReaderLockHeld);
- DeserializeTargetEvidence();
- return new RawEvidenceEnumerator(this, new List<Type>(m_evidence.Keys), false);
- }
-
- /// <summary>
- /// Get an enumerator that can iterate over the raw evidence objects stored for the host
- /// </summary>
- /// <returns></returns>
- internal RawEvidenceEnumerator GetRawHostEvidenceEnumerator()
- {
- Contract.Assert(IsReaderLockHeld);
- return new RawEvidenceEnumerator(this, new List<Type>(m_evidence.Keys), true);
- }
-
- [Obsolete("GetEnumerator is obsolete. Please use GetAssemblyEnumerator and GetHostEnumerator instead.")]
- public IEnumerator GetEnumerator()
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- return new EvidenceEnumerator(this, EvidenceEnumerator.Category.Host | EvidenceEnumerator.Category.Assembly);
- }
- }
-
- /// <summary>
- /// Get a specific type of assembly supplied evidence
- /// </summary>
- [ComVisible(false)]
- public T GetAssemblyEvidence<T>() where T : EvidenceBase
- {
- return UnwrapEvidence(GetAssemblyEvidence(typeof(T))) as T;
- }
-
- internal EvidenceBase GetAssemblyEvidence(Type type)
- {
- Contract.Assert(type != null);
-
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- return GetAssemblyEvidenceNoLock(type);
- }
- }
-
- private EvidenceBase GetAssemblyEvidenceNoLock(Type type)
- {
- Contract.Assert(IsReaderLockHeld || IsWriterLockHeld);
- Contract.Assert(type != null);
-
- DeserializeTargetEvidence();
- EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(type);
- if (descriptor != null)
- {
- return descriptor.AssemblyEvidence;
- }
-
- return null;
- }
-
- /// <summary>
- /// Get a specific type of host supplied evidence
- /// </summary>
- [ComVisible(false)]
- public T GetHostEvidence<T>() where T : EvidenceBase
- {
- return UnwrapEvidence(GetHostEvidence(typeof(T))) as T;
- }
-
- /// <summary>
- /// Get a specific type of evidence from the host which may not have been verified yet. If the
- /// evidence was not verified, then don't mark it as being used yet.
- /// </summary>
- internal T GetDelayEvaluatedHostEvidence<T>() where T : EvidenceBase, IDelayEvaluatedEvidence
- {
- return UnwrapEvidence(GetHostEvidence(typeof(T), false)) as T;
- }
-
- internal EvidenceBase GetHostEvidence(Type type)
- {
- Contract.Assert(type != null);
-
- return GetHostEvidence(type, true);
- }
-
- [SecuritySafeCritical]
- private EvidenceBase GetHostEvidence(Type type, bool markDelayEvaluatedEvidenceUsed)
- {
- Contract.Assert(type != null);
-
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- EvidenceBase evidence = GetHostEvidenceNoLock(type);
-
- if (markDelayEvaluatedEvidenceUsed)
- {
- IDelayEvaluatedEvidence delayEvidence = evidence as IDelayEvaluatedEvidence;
- if (delayEvidence != null)
- {
- delayEvidence.MarkUsed();
- }
- }
-
- return evidence;
- }
- }
-
- /// <summary>
- /// Get host supplied evidence from the collection
- ///
- /// We attempt to find host evdience in the following order:
- ///
- /// 1. Already generated or explicitly supplied evidence
- /// 2. Evidence supplied by the CLR host
- /// 3. Evidence supplied by the CLR itself
- /// </summary>
- [SecurityCritical]
- private EvidenceBase GetHostEvidenceNoLock(Type type)
- {
- Contract.Assert(IsReaderLockHeld || IsWriterLockHeld);
- Contract.Assert(type != null);
-
- EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(type);
-
- // If the evidence descriptor doesn't exist for the host evidence type than the evidence doesn't
- // exist and neither the host nor the runtime can produce it.
- if (descriptor == null)
- {
- return null;
- }
-
- // If the evidence has already been generated or if it was explicitly provided then return that
- if (descriptor.HostEvidence != null)
- {
- return descriptor.HostEvidence;
- }
-
- // If we have a target, then the host or the runtime might be able to generate this type of
- // evidence on demand.
- if (m_target != null && !descriptor.Generated)
- {
- using (EvidenceUpgradeLockHolder lockHolder = new EvidenceUpgradeLockHolder(this))
- {
- // Make sure that we don't attempt to generate this type of evidencea again if we fail to
- // generate it now.
- descriptor.Generated = true;
-
- EvidenceBase generatedEvidence = GenerateHostEvidence(type, descriptor.HostCanGenerate);
- if (generatedEvidence != null)
- {
- descriptor.HostEvidence = generatedEvidence;
-
- //
- // #BackpatchGeneratedEvidence
- //
- // If we were cloned from another evidence collection propigate any generated evidence
- // back to the original collection. Since Assembly and AppDomain both clone their
- // evidence before giving it to users, this prevents us from having to regenerate
- // evidence types on each clone that gets created. Note that we do not want to do this
- // backpatching if the origin already has evidence of this type or if it has had
- // this type of evidence removed from its collection.
- //
-
- Evidence cloneOrigin = m_cloneOrigin != null ? m_cloneOrigin.Target as Evidence : null;
- if (cloneOrigin != null)
- {
- BCLDebug.Assert(cloneOrigin.Target != null && cloneOrigin.Target == Target,
- "Attempt to backpatch evidence to a collection with a different target.");
-
- using (EvidenceLockHolder cloneLockHolder = new EvidenceLockHolder(cloneOrigin, EvidenceLockHolder.LockType.Writer))
- {
- EvidenceTypeDescriptor cloneDescriptor = cloneOrigin.GetEvidenceTypeDescriptor(type);
- if (cloneDescriptor != null && cloneDescriptor.HostEvidence == null)
- {
- cloneDescriptor.HostEvidence = generatedEvidence.Clone() as EvidenceBase;
- }
- }
- }
-
- }
-
- return generatedEvidence;
- }
- }
-
- // The evidence could not be generated and was not found
- return null;
- }
-
- /// <summary>
- /// Attempt to generate host evidence on demand via calls to the runtime host or the evidence facotry
- /// </summary>
- [SecurityCritical]
- private EvidenceBase GenerateHostEvidence(Type type, bool hostCanGenerate)
- {
- Contract.Assert(type != null);
- Contract.Assert(IsWriterLockHeld);
-
-#if FEATURE_CAS_POLICY
- // First let the host generate the evidence if it can.
- if (hostCanGenerate)
- {
- AppDomain targetDomain = m_target.Target as AppDomain;
- Assembly targetAssembly = m_target.Target as Assembly;
-
- EvidenceBase hostEvidence = null;
- if (targetDomain != null)
- {
- hostEvidence = AppDomain.CurrentDomain.HostSecurityManager.GenerateAppDomainEvidence(type);
- }
- else if (targetAssembly != null)
- {
- hostEvidence = AppDomain.CurrentDomain.HostSecurityManager.GenerateAssemblyEvidence(type, targetAssembly);
- }
-
- // If the host generated the evidence, verify that it generated the evidence we expected
- // and use that.
- if (hostEvidence != null)
- {
- if (!type.IsAssignableFrom(hostEvidence.GetType()))
- {
- string hostType = AppDomain.CurrentDomain.HostSecurityManager.GetType().FullName;
- string recievedType = hostEvidence.GetType().FullName;
- string requestedType = type.FullName;
-
- throw new InvalidOperationException(Environment.GetResourceString("Policy_IncorrectHostEvidence", hostType, recievedType, requestedType));
- }
-
- return hostEvidence;
- }
- }
-#endif // FEATURE_CAS_POLICY
-
- // Finally, check to see if the CLR can generate the evidence
- return m_target.GenerateEvidence(type);
- }
-
- [Obsolete("Evidence should not be treated as an ICollection. Please use GetHostEnumerator and GetAssemblyEnumerator to iterate over the evidence to collect a count.")]
- public int Count
- {
- get
- {
- int count = 0;
-
- IEnumerator hostEvidence = GetHostEnumerator();
- while (hostEvidence.MoveNext())
- {
- ++count;
- }
-
- IEnumerator assemblyEvidence = GetAssemblyEnumerator();
- while (assemblyEvidence.MoveNext())
- {
- ++count;
- }
-
- return count;
- }
- }
-
- /// <summary>
- /// Get the number of pieces of evidence which are currently generated, without causing any
- /// lazily generated evidence to be created.
- /// </summary>
- [ComVisible(false)]
- internal int RawCount
- {
- get
- {
- int count = 0;
-
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- foreach (Type evidenceType in new List<Type>(m_evidence.Keys))
- {
- EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(evidenceType);
-
- if (descriptor != null)
- {
- if (descriptor.AssemblyEvidence != null)
- {
- ++count;
- }
- if (descriptor.HostEvidence != null)
- {
- ++count;
- }
- }
- }
- }
-
- return count;
- }
- }
-
- public Object SyncRoot
- {
- get { return this; }
- }
-
- public bool IsSynchronized
- {
- get { return true; }
- }
-
- public bool IsReadOnly
- {
- get { return false; }
- }
-
-#if FEATURE_CAS_POLICY
- [ComVisible(false)]
- public Evidence Clone()
- {
- return new Evidence(this);
- }
-#endif // FEATURE_CAS_POLICY
-
- [ComVisible(false)]
- [SecuritySafeCritical]
- public void Clear()
- {
- if (Locked)
- {
- new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
- }
-
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer))
- {
- ++m_version;
- m_evidence.Clear();
- }
- }
-
- [ComVisible(false)]
- [SecuritySafeCritical]
- public void RemoveType(Type t)
- {
- if (t == null)
- throw new ArgumentNullException("t");
- Contract.EndContractBlock();
-
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer))
- {
- EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(t);
- if (descriptor != null)
- {
- ++m_version;
-
- // If we've locked this evidence collection, we need to do the lock check in the case that
- // either we have host evidence, or that the host might generate it, since removing the
- // evidence will cause us to bypass the host's ability to ever generate the evidence.
- if (Locked && (descriptor.HostEvidence != null || descriptor.HostCanGenerate))
- {
- new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
- }
-
- m_evidence.Remove(t);
- }
- }
- }
-
- /// <summary>
- /// Mark all of the already generated evidence in the collection as having been used during a
- /// policy evaluation.
- /// </summary>
- internal void MarkAllEvidenceAsUsed()
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- foreach (KeyValuePair<Type, EvidenceTypeDescriptor> evidenceType in m_evidence)
- {
- if (evidenceType.Value != null)
- {
- IDelayEvaluatedEvidence hostEvidence = evidenceType.Value.HostEvidence as IDelayEvaluatedEvidence;
- if (hostEvidence != null)
- {
- hostEvidence.MarkUsed();
- }
-
- IDelayEvaluatedEvidence assemblyEvidence = evidenceType.Value.AssemblyEvidence as IDelayEvaluatedEvidence;
- if (assemblyEvidence != null)
- {
- assemblyEvidence.MarkUsed();
- }
- }
- }
- }
- }
-
-#if FEATURE_CAS_POLICY
- /// <summary>
- /// Determine if delay evaluated strong name evidence is contained in this collection, and if so
- /// if it was used during policy evaluation.
- ///
- /// This method is called from the VM in SecurityPolicy::WasStrongNameEvidenceUsed
- /// This class should be used as an adapter layer to allow the public facing EvidenceEnumerator to
- /// be able to get the evidence values out of an Evidence class. It is tightly coupled with the
- /// internal data structures holding the evidence objects in the Evidence class.
- /// </summary>
- private bool WasStrongNameEvidenceUsed()
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader))
- {
- EvidenceTypeDescriptor snTypeDescriptor = GetEvidenceTypeDescriptor(typeof(StrongName));
- if (snTypeDescriptor != null)
- {
- IDelayEvaluatedEvidence snEvidence = snTypeDescriptor.HostEvidence as IDelayEvaluatedEvidence;
- return snEvidence != null && snEvidence.WasUsed;
- }
-
- return false;
- }
- }
-#endif // FEATURE_CAS_POLICY
-
- /// <summary>
- /// Utility class to wrap acquiring a lock onto the evidence collection
- /// </summary>
- private class EvidenceLockHolder : IDisposable
- {
- private Evidence m_target;
- private LockType m_lockType;
-
- public enum LockType
- {
- Reader,
- Writer
- }
-
- public EvidenceLockHolder(Evidence target, LockType lockType)
- {
- Contract.Assert(target != null);
- Contract.Assert(lockType == LockType.Reader || lockType == LockType.Writer);
-
- m_target = target;
- m_lockType = lockType;
-
- if (m_lockType == LockType.Reader)
- {
- m_target.AcquireReaderLock();
- }
- else
- {
- m_target.AcquireWriterlock();
- }
- }
-
- public void Dispose()
- {
- if (m_lockType == LockType.Reader && m_target.IsReaderLockHeld)
- {
- m_target.ReleaseReaderLock();
- }
- else if (m_lockType == LockType.Writer && m_target.IsWriterLockHeld)
- {
- m_target.ReleaseWriterLock();
- }
- }
- }
-
- /// <summary>
- /// Utility class to wrap upgrading an acquired reader lock to a writer lock and then
- /// downgrading it back to a reader lock.
- /// </summary>
- private class EvidenceUpgradeLockHolder : IDisposable
- {
- private Evidence m_target;
- private LockCookie m_cookie;
-
- public EvidenceUpgradeLockHolder(Evidence target)
- {
- Contract.Assert(target != null);
-
- m_target = target;
- m_cookie = m_target.UpgradeToWriterLock();
- }
-
- public void Dispose()
- {
- if (m_target.IsWriterLockHeld)
- {
- m_target.DowngradeFromWriterLock(ref m_cookie);
- }
- }
- }
-
- /// <summary>
- /// Enumerator that iterates directly over the evidence type map, returning back the evidence objects
- /// that are contained in it. This enumerator will generate any lazy evaluated evidence it finds,
- /// but it does not attempt to deal with legacy evidence adapters.
- ///
- /// This class should be used as an adapter layer to allow the public facing EvidenceEnumerator to
- /// be able to get the evidence values out of an Evidence class. It is tightly coupled with the
- /// internal data structures holding the evidence objects in the Evidence class.
- /// </summary>
- internal sealed class RawEvidenceEnumerator : IEnumerator<EvidenceBase>
- {
- private Evidence m_evidence;
- private bool m_hostEnumerator; // true to enumerate host evidence, false to enumerate assembly evidence
- private uint m_evidenceVersion;
-
- private Type[] m_evidenceTypes;
- private int m_typeIndex;
- private EvidenceBase m_currentEvidence;
-
- private static volatile List<Type> s_expensiveEvidence;
-
- public RawEvidenceEnumerator(Evidence evidence, IEnumerable<Type> evidenceTypes, bool hostEnumerator)
- {
- Contract.Assert(evidence != null);
- Contract.Assert(evidenceTypes != null);
-
- m_evidence = evidence;
- m_hostEnumerator = hostEnumerator;
- m_evidenceTypes = GenerateEvidenceTypes(evidence, evidenceTypes, hostEnumerator);
- m_evidenceVersion = evidence.m_version;
-
- Reset();
- }
-
- public EvidenceBase Current
- {
- get
- {
- if (m_evidence.m_version != m_evidenceVersion)
- throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumFailedVersion"));
-
- return m_currentEvidence;
- }
- }
-
- object IEnumerator.Current
- {
- get
- {
- if (m_evidence.m_version != m_evidenceVersion)
- throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumFailedVersion"));
-
- return m_currentEvidence;
- }
- }
-
- /// <summary>
- /// List of types of evidence that we would like to avoid generating if possible
- /// </summary>
- private static List<Type> ExpensiveEvidence
- {
- get
- {
- if (s_expensiveEvidence == null)
- {
- List<Type> expensiveEvidence = new List<Type>();
-#if FEATURE_CAS_POLICY
- expensiveEvidence.Add(typeof(Hash));
- expensiveEvidence.Add(typeof(Publisher));
-#endif // FEATURE_CAS_POLICY
- s_expensiveEvidence = expensiveEvidence;
-
-#if _DEBUG
- List<Type> runtimeTypes = new List<Type>(Evidence.RuntimeEvidenceTypes);
- foreach (Type expensiveType in s_expensiveEvidence)
- {
- BCLDebug.Assert(runtimeTypes.Contains(expensiveType),
- "Evidence type not generated by the runtime found in expensive evidence type list");
- }
-#endif // _DEBUG
- }
-
- return s_expensiveEvidence;
- }
- }
-
- public void Dispose()
- {
- return;
- }
-
- /// <summary>
- /// Generate the array of types of evidence that could have values for
- /// </summary>
- private static Type[] GenerateEvidenceTypes(Evidence evidence,
- IEnumerable<Type> evidenceTypes,
- bool hostEvidence)
- {
- Contract.Assert(evidence != null);
- Contract.Assert(evidenceTypes != null);
-
- //
- // Sort the evidence being generated into three categories, which we enumerate in order:
- // 1. Evidence which has already been generated
- // 2. Evidence which is relatively inexpensive to generate
- // 3. Evidence which is expensive to generate.
- //
- // This allows us to be as efficient as possible in case the user of the enumerator stops the
- // enumeration before we step up to the next more expensive category.
- //
-
- List<Type> alreadyGeneratedList = new List<Type>();
- List<Type> inexpensiveList = new List<Type>();
- List<Type> expensiveList = new List<Type>(ExpensiveEvidence.Count);
-
- // Iterate over the evidence types classifying into the three groups. We need to copy the list
- // here since GetEvidenceTypeDescriptor will potentially update the evidence dictionary, which
- // evidenceTypes iterates over.
- foreach (Type evidenceType in evidenceTypes)
- {
- EvidenceTypeDescriptor descriptor = evidence.GetEvidenceTypeDescriptor(evidenceType);
- BCLDebug.Assert(descriptor != null, "descriptor != null");
-
- bool alreadyGenerated = (hostEvidence && descriptor.HostEvidence != null) ||
- (!hostEvidence && descriptor.AssemblyEvidence != null);
-
- if (alreadyGenerated)
- {
- alreadyGeneratedList.Add(evidenceType);
- }
- else if (ExpensiveEvidence.Contains(evidenceType))
- {
- expensiveList.Add(evidenceType);
- }
- else
- {
- inexpensiveList.Add(evidenceType);
- }
- }
-
- Type[] enumerationTypes = new Type[alreadyGeneratedList.Count + inexpensiveList.Count + expensiveList.Count];
- alreadyGeneratedList.CopyTo(enumerationTypes, 0);
- inexpensiveList.CopyTo(enumerationTypes, alreadyGeneratedList.Count);
- expensiveList.CopyTo(enumerationTypes, alreadyGeneratedList.Count + inexpensiveList.Count);
-
- return enumerationTypes;
- }
-
- [SecuritySafeCritical]
- public bool MoveNext()
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(m_evidence, EvidenceLockHolder.LockType.Reader))
- {
- if (m_evidence.m_version != m_evidenceVersion)
- throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumFailedVersion"));
-
- m_currentEvidence = null;
-
- // Iterate over the possible types of evidence that we could have until we find one that
- // really exists, or we run out of posibilities.
- do
- {
- ++m_typeIndex;
-
- if (m_typeIndex < m_evidenceTypes.Length)
- {
- if (m_hostEnumerator)
- {
- m_currentEvidence = m_evidence.GetHostEvidenceNoLock(m_evidenceTypes[m_typeIndex]);
- }
- else
- {
- m_currentEvidence = m_evidence.GetAssemblyEvidenceNoLock(m_evidenceTypes[m_typeIndex]);
- }
- }
- }
- while (m_typeIndex < m_evidenceTypes.Length && m_currentEvidence == null);
- }
-
- return m_currentEvidence != null;
- }
-
- public void Reset()
- {
- if (m_evidence.m_version != m_evidenceVersion)
- throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumFailedVersion"));
-
- m_typeIndex = -1;
- m_currentEvidence = null;
- }
- }
-
- private sealed class EvidenceEnumerator : IEnumerator
- {
- private Evidence m_evidence;
- private Category m_category;
- private Stack m_enumerators;
-
- private object m_currentEvidence;
-
- [Flags]
- internal enum Category
- {
- Host = 0x1, // Enumerate only host supplied evidence
- Assembly = 0x2 // Enumerate only assembly supplied evidence
- }
-
- internal EvidenceEnumerator(Evidence evidence, Category category)
- {
- Contract.Assert(evidence != null);
- Contract.Assert(evidence.IsReaderLockHeld);
-
- m_evidence = evidence;
- m_category = category;
- ResetNoLock();
- }
-
- public bool MoveNext()
- {
- IEnumerator currentEnumerator = CurrentEnumerator;
-
- // No more enumerators means we can't go any further
- if (currentEnumerator == null)
- {
- m_currentEvidence = null;
- return false;
- }
-
- // See if the current enumerator can continue
- if (currentEnumerator.MoveNext())
- {
- //
- // If we've found an adapter for legacy evidence, we need to unwrap it for it to be the
- // current enumerator's value. For wrapped evidence, this is a simple unwrap, for a list of
- // evidence, we need to make that the current enumerator and get its first value.
- //
-
- LegacyEvidenceWrapper legacyWrapper = currentEnumerator.Current as LegacyEvidenceWrapper;
- LegacyEvidenceList legacyList = currentEnumerator.Current as LegacyEvidenceList;
-
- if (legacyWrapper != null)
- {
- m_currentEvidence = legacyWrapper.EvidenceObject;
- }
- else if (legacyList != null)
- {
- IEnumerator legacyListEnumerator = legacyList.GetEnumerator();
- m_enumerators.Push(legacyListEnumerator);
- MoveNext();
- }
- else
- {
- m_currentEvidence = currentEnumerator.Current;
- }
-
- BCLDebug.Assert(m_currentEvidence != null, "m_currentEvidence != null");
- return true;
- }
- else
- {
- // If we've reached the end of the current enumerator, move to the next one and try again
- m_enumerators.Pop();
- return MoveNext();
- }
- }
-
- public object Current
- {
- get { return m_currentEvidence; }
- }
-
- private IEnumerator CurrentEnumerator
- {
- get
- {
- return m_enumerators.Count > 0 ? m_enumerators.Peek() as IEnumerator : null;
- }
- }
-
- public void Reset()
- {
- using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(m_evidence, EvidenceLockHolder.LockType.Reader))
- {
- ResetNoLock();
- }
- }
-
- private void ResetNoLock()
- {
- Contract.Assert(m_evidence != null);
- Contract.Assert(m_evidence.IsReaderLockHeld);
-
- m_currentEvidence = null;
- m_enumerators = new Stack();
-
- if ((m_category & Category.Host) == Category.Host)
- {
- m_enumerators.Push(m_evidence.GetRawHostEvidenceEnumerator());
- }
- if ((m_category & Category.Assembly) == Category.Assembly)
- {
- m_enumerators.Push(m_evidence.GetRawAssemblyEvidenceEnumerator());
- }
- }
- }
-#endif //!FEATURE_CORECLR && FEATURE_RWLOCK
}
}
diff --git a/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs b/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs
index f142ebea2a..7fef1ded3c 100644
--- a/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs
+++ b/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs
@@ -7,6 +7,7 @@
using System;
using System.Collections;
using System.Collections.Generic;
+using System.Diagnostics;
using System.Diagnostics.Contracts;
using System.IO;
using System.Runtime.InteropServices;
@@ -22,9 +23,6 @@ namespace System.Security.Policy
/// </summary>
[ComVisible(true)]
[Serializable]
-#pragma warning disable 618
- [PermissionSet(SecurityAction.InheritanceDemand, Unrestricted = true)]
-#pragma warning restore 618
public abstract class EvidenceBase
{
protected EvidenceBase()
@@ -44,11 +42,6 @@ namespace System.Security.Policy
/// Since legacy evidence objects would be cloned by being serialized, the default implementation
/// of EvidenceBase will do the same.
/// </remarks>
-#pragma warning disable 618
- [SecurityPermission(SecurityAction.Assert, SerializationFormatter = true)]
- [PermissionSet(SecurityAction.InheritanceDemand, Unrestricted = true)]
-#pragma warning restore 618
- [SecuritySafeCritical]
public virtual EvidenceBase Clone()
{
#if FEATURE_SERIALIZATION
@@ -86,9 +79,9 @@ namespace System.Security.Policy
internal LegacyEvidenceWrapper(object legacyEvidence)
{
- Contract.Assert(legacyEvidence != null);
- Contract.Assert(legacyEvidence.GetType() != typeof(EvidenceBase), "Attempt to wrap an EvidenceBase in a LegacyEvidenceWrapper");
- Contract.Assert(legacyEvidence.GetType().IsSerializable, "legacyEvidence.GetType().IsSerializable");
+ Debug.Assert(legacyEvidence != null);
+ Debug.Assert(legacyEvidence.GetType() != typeof(EvidenceBase), "Attempt to wrap an EvidenceBase in a LegacyEvidenceWrapper");
+ Debug.Assert(legacyEvidence.GetType().IsSerializable, "legacyEvidence.GetType().IsSerializable");
m_legacyEvidence = legacyEvidence;
}
@@ -113,10 +106,6 @@ namespace System.Security.Policy
return m_legacyEvidence.GetHashCode();
}
-#pragma warning disable 618
- [SecurityPermission(SecurityAction.Demand, SerializationFormatter = true)]
-#pragma warning restore 618
- [SecuritySafeCritical]
public override EvidenceBase Clone()
{
return base.Clone();
@@ -153,7 +142,7 @@ namespace System.Security.Policy
{
get
{
- Contract.Assert(m_legacyEvidenceList.Count > 0, "No items in LegacyEvidenceList, cannot tell what type they are");
+ Debug.Assert(m_legacyEvidenceList.Count > 0, "No items in LegacyEvidenceList, cannot tell what type they are");
ILegacyEvidenceAdapter adapter = m_legacyEvidenceList[0] as ILegacyEvidenceAdapter;
return adapter == null ? m_legacyEvidenceList[0].GetType() : adapter.EvidenceType;
@@ -162,10 +151,10 @@ namespace System.Security.Policy
public void Add(EvidenceBase evidence)
{
- Contract.Assert(evidence != null);
- Contract.Assert(m_legacyEvidenceList.Count == 0 || EvidenceType == evidence.GetType() || (evidence is LegacyEvidenceWrapper && (evidence as LegacyEvidenceWrapper).EvidenceType == EvidenceType),
+ Debug.Assert(evidence != null);
+ Debug.Assert(m_legacyEvidenceList.Count == 0 || EvidenceType == evidence.GetType() || (evidence is LegacyEvidenceWrapper && (evidence as LegacyEvidenceWrapper).EvidenceType == EvidenceType),
"LegacyEvidenceList must be homogeonous");
- Contract.Assert(evidence.GetType() != typeof(LegacyEvidenceList),
+ Debug.Assert(evidence.GetType() != typeof(LegacyEvidenceList),
"Attempt to add a legacy evidence list to another legacy evidence list");
m_legacyEvidenceList.Add(evidence);
@@ -181,10 +170,6 @@ namespace System.Security.Policy
return m_legacyEvidenceList.GetEnumerator();
}
-#pragma warning disable 618
- [SecurityPermission(SecurityAction.Demand, SerializationFormatter = true)]
-#pragma warning restore 618
- [SecuritySafeCritical]
public override EvidenceBase Clone()
{
return base.Clone();
diff --git a/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs b/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs
index bccf39218b..8deb145102 100644
--- a/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs
+++ b/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs
@@ -41,7 +41,7 @@ namespace System.Security.Policy
/// </summary>
private EvidenceTypeDescriptor(EvidenceTypeDescriptor descriptor)
{
- Contract.Assert(descriptor != null);
+ Debug.Assert(descriptor != null);
m_hostCanGenerate = descriptor.m_hostCanGenerate;
@@ -68,9 +68,9 @@ namespace System.Security.Policy
set
{
- Contract.Assert(value != null);
+ Debug.Assert(value != null);
#if _DEBUG
- Contract.Assert(CheckEvidenceType(value), "Incorrect type of AssemblyEvidence set");
+ Debug.Assert(CheckEvidenceType(value), "Incorrect type of AssemblyEvidence set");
#endif
m_assemblyEvidence = value;
}
@@ -85,7 +85,7 @@ namespace System.Security.Policy
set
{
- Contract.Assert(value, "Attempt to clear the Generated flag");
+ Debug.Assert(value, "Attempt to clear the Generated flag");
m_generated = value;
}
}
@@ -99,7 +99,7 @@ namespace System.Security.Policy
set
{
- Contract.Assert(value, "Attempt to clear HostCanGenerate flag");
+ Debug.Assert(value, "Attempt to clear HostCanGenerate flag");
m_hostCanGenerate = value;
}
}
@@ -113,9 +113,9 @@ namespace System.Security.Policy
set
{
- Contract.Assert(value != null);
+ Debug.Assert(value != null);
#if _DEBUG
- Contract.Assert(CheckEvidenceType(value), "Incorrect type of HostEvidence set");
+ Debug.Assert(CheckEvidenceType(value), "Incorrect type of HostEvidence set");
#endif
m_hostEvidence = value;
}
@@ -127,7 +127,7 @@ namespace System.Security.Policy
/// </summary>
private bool CheckEvidenceType(EvidenceBase evidence)
{
- Contract.Assert(evidence != null);
+ Debug.Assert(evidence != null);
ILegacyEvidenceAdapter legacyAdapter = evidence as ILegacyEvidenceAdapter;
Type storedType = legacyAdapter == null ? evidence.GetType() : legacyAdapter.EvidenceType;
@@ -150,8 +150,8 @@ namespace System.Security.Policy
/// </summary>
internal void SetEvidenceType(Type evidenceType)
{
- Contract.Assert(evidenceType != null);
- Contract.Assert(m_evidenceType == null, "Attempt to reset evidence type");
+ Debug.Assert(evidenceType != null);
+ Debug.Assert(m_evidenceType == null, "Attempt to reset evidence type");
m_evidenceType = evidenceType;
}
diff --git a/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs b/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs
index 5bd36485db..8f8c07c9e4 100644
--- a/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs
+++ b/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs
@@ -18,7 +18,6 @@ namespace System.Security.Policy {
/// </summary>
bool IsVerified
{
- [System.Security.SecurityCritical]
get;
}
diff --git a/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs b/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs
index 72c07d1246..9b58ece9f1 100644
--- a/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs
+++ b/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs
@@ -35,14 +35,6 @@ namespace System.Security.Policy {
// The PermissionSet associated with this policy
internal PermissionSet m_permSet;
-#if FEATURE_CAS_POLICY
- // Evidence which was not verified but which was required to generate this policy statement.
- // This is not serialized, since once we serialize we lose the ability to verify the evidence,
- // meaning that restoring this state is meaningless.
- [NonSerialized]
- private List<IDelayEvaluatedEvidence> m_dependentEvidence;
-#endif
-
// The bitfield of inheritance properties associated with this policy
internal PolicyStatementAttribute m_attributes;
@@ -144,20 +136,13 @@ namespace System.Security.Policy {
}
}
}
-
+
public PolicyStatement Copy()
{
- PolicyStatement copy = new PolicyStatement(m_permSet, Attributes, true); // The PolicyStatement .ctor will copy the permission set
-#if FEATURE_CAS_POLICY
- if (HasDependentEvidence)
- {
- copy.m_dependentEvidence = new List<IDelayEvaluatedEvidence>(m_dependentEvidence);
- }
-#endif
-
- return copy;
+ // The PolicyStatement .ctor will copy the permission set
+ return new PolicyStatement(m_permSet, Attributes, true);
}
-
+
public String AttributeString
{
get
@@ -199,44 +184,6 @@ namespace System.Security.Policy {
return (flag & (int)m_attributes) != 0;
}
-#if FEATURE_CAS_POLICY
- /// <summary>
- /// Gets all of the delay evaluated evidence which needs to be verified before this policy can
- /// be used.
- /// </summary>
- internal IEnumerable<IDelayEvaluatedEvidence> DependentEvidence
- {
- get
- {
- BCLDebug.Assert(HasDependentEvidence, "HasDependentEvidence");
- return m_dependentEvidence.AsReadOnly();
- }
- }
-
- /// <summary>
- /// Determine if this policy dependent upon the evaluation of any delay evaluated evidence
- /// </summary>
- internal bool HasDependentEvidence
- {
- get { return m_dependentEvidence != null && m_dependentEvidence.Count > 0; }
- }
-
- /// <summary>
- /// Add evidence which this policy statement is depending upon being verified to be valid.
- /// </summary>
- internal void AddDependentEvidence(IDelayEvaluatedEvidence dependentEvidence)
- {
- BCLDebug.Assert(dependentEvidence != null, "dependentEvidence != null");
-
- if (m_dependentEvidence == null)
- {
- m_dependentEvidence = new List<IDelayEvaluatedEvidence>();
- }
-
- m_dependentEvidence.Add(dependentEvidence);
- }
-#endif
-
/// <summary>
/// Union a child policy statement into this policy statement
/// </summary>
@@ -249,27 +196,6 @@ namespace System.Security.Policy {
throw new PolicyException(Environment.GetResourceString( "Policy_MultipleExclusive" ));
}
-#if FEATURE_CAS_POLICY
- // If our code group generated a grant set based upon unverified evidence, or it generated a grant
- // set strictly less than that of a child group based upon unverified evidence, we need to keep
- // track of any unverified evidence our child group has.
- if (childPolicy.HasDependentEvidence)
- {
- bool childEvidenceNeedsVerification = m_permSet.IsSubsetOf(childPolicy.GetPermissionSetNoCopy()) &&
- !childPolicy.GetPermissionSetNoCopy().IsSubsetOf(m_permSet);
-
- if (HasDependentEvidence || childEvidenceNeedsVerification)
- {
- if (m_dependentEvidence == null)
- {
- m_dependentEvidence = new List<IDelayEvaluatedEvidence>();
- }
-
- m_dependentEvidence.AddRange(childPolicy.DependentEvidence);
- }
- }
-#endif
-
// We need to merge together our grant set and attributes. The result of this merge is
// dependent upon if we're merging a child marked exclusive or not. If the child is not
// exclusive, we need to union in its grant set and or in its attributes. However, if the child
@@ -287,226 +213,6 @@ namespace System.Security.Policy {
}
}
-#if FEATURE_CAS_POLICY
-
- public SecurityElement ToXml()
- {
- return ToXml( null );
- }
-
- public void FromXml( SecurityElement et )
- {
- FromXml( et, null );
- }
-
- public SecurityElement ToXml( PolicyLevel level )
- {
- return ToXml( level, false );
- }
-
- internal SecurityElement ToXml( PolicyLevel level, bool useInternal )
- {
- SecurityElement e = new SecurityElement( "PolicyStatement" );
- e.AddAttribute( "version", "1" );
- if (m_attributes != PolicyStatementAttribute.Nothing)
- e.AddAttribute( "Attributes", XMLUtil.BitFieldEnumToString( typeof( PolicyStatementAttribute ), m_attributes ) );
-
- lock (this)
- {
- if (m_permSet != null)
- {
- if (m_permSet is NamedPermissionSet)
- {
- // If the named permission set exists in the parent level of this
- // policy struct, then just save the name of the permission set.
- // Otherwise, serialize it like normal.
-
- NamedPermissionSet namedPermSet = (NamedPermissionSet)m_permSet;
- if (level != null && level.GetNamedPermissionSet( namedPermSet.Name ) != null)
- {
- e.AddAttribute( "PermissionSetName", namedPermSet.Name );
- }
- else
- {
- if (useInternal)
- e.AddChild( namedPermSet.InternalToXml() );
- else
- e.AddChild( namedPermSet.ToXml() );
- }
- }
- else
- {
- if (useInternal)
- e.AddChild( m_permSet.InternalToXml() );
- else
- e.AddChild( m_permSet.ToXml() );
- }
- }
- }
-
- return e;
- }
-
- [System.Security.SecuritySafeCritical] // auto-generated
- public void FromXml( SecurityElement et, PolicyLevel level )
- {
- FromXml( et, level, false );
- }
-
- [System.Security.SecurityCritical] // auto-generated
- internal void FromXml( SecurityElement et, PolicyLevel level, bool allowInternalOnly )
- {
- if (et == null)
- throw new ArgumentNullException( "et" );
-
- if (!et.Tag.Equals( "PolicyStatement" ))
- throw new ArgumentException( String.Format( CultureInfo.CurrentCulture, Environment.GetResourceString( "Argument_InvalidXMLElement" ), "PolicyStatement", this.GetType().FullName ) );
- Contract.EndContractBlock();
-
- m_attributes = (PolicyStatementAttribute) 0;
-
- String strAttributes = et.Attribute( "Attributes" );
-
- if (strAttributes != null)
- m_attributes = (PolicyStatementAttribute)Enum.Parse( typeof( PolicyStatementAttribute ), strAttributes );
-
- lock (this)
- {
- m_permSet = null;
-
- if (level != null)
- {
- String permSetName = et.Attribute( "PermissionSetName" );
-
- if (permSetName != null)
- {
- m_permSet = level.GetNamedPermissionSetInternal( permSetName );
-
- if (m_permSet == null)
- m_permSet = new PermissionSet( PermissionState.None );
- }
- }
-
-
- if (m_permSet == null)
- {
- // There is no provided level, it is not a named permission set, or
- // the named permission set doesn't exist in the provided level,
- // so just create the class through reflection and decode normally.
-
- SecurityElement e = et.SearchForChildByTag( "PermissionSet" );
-
- if (e != null)
- {
- String className = e.Attribute( "class" );
-
- if (className != null && (className.Equals( "NamedPermissionSet" ) ||
- className.Equals( "System.Security.NamedPermissionSet" )))
- m_permSet = new NamedPermissionSet( "DefaultName", PermissionState.None );
- else
- m_permSet = new PermissionSet( PermissionState.None );
-
- try
- {
- m_permSet.FromXml( e, allowInternalOnly, true );
- }
- catch
- {
- // ignore any exceptions from the decode process.
- // Note: we go ahead and use the permission set anyway. This should be safe since
- // the decode process should never give permission beyond what a proper decode would have
- // given.
- }
- }
- else
- {
- throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidXML" ) );
- }
- }
-
- if (m_permSet == null)
- m_permSet = new PermissionSet( PermissionState.None );
- }
- }
-
-
- [System.Security.SecurityCritical] // auto-generated
- internal void FromXml( SecurityDocument doc, int position, PolicyLevel level, bool allowInternalOnly )
- {
- if (doc == null)
- throw new ArgumentNullException( "doc" );
- Contract.EndContractBlock();
-
- if (!doc.GetTagForElement( position ).Equals( "PolicyStatement" ))
- throw new ArgumentException( String.Format( CultureInfo.CurrentCulture, Environment.GetResourceString( "Argument_InvalidXMLElement" ), "PolicyStatement", this.GetType().FullName ) );
-
- m_attributes = (PolicyStatementAttribute) 0;
-
- String strAttributes = doc.GetAttributeForElement( position, "Attributes" );
-
- if (strAttributes != null)
- m_attributes = (PolicyStatementAttribute)Enum.Parse( typeof( PolicyStatementAttribute ), strAttributes );
-
- lock (this)
- {
- m_permSet = null;
-
- if (level != null)
- {
- String permSetName = doc.GetAttributeForElement( position, "PermissionSetName" );
-
- if (permSetName != null)
- {
- m_permSet = level.GetNamedPermissionSetInternal( permSetName );
-
- if (m_permSet == null)
- m_permSet = new PermissionSet( PermissionState.None );
- }
- }
-
-
- if (m_permSet == null)
- {
- // There is no provided level, it is not a named permission set, or
- // the named permission set doesn't exist in the provided level,
- // so just create the class through reflection and decode normally.
-
- ArrayList childPositions = doc.GetChildrenPositionForElement( position );
- int positionPermissionSet = -1;
-
- for (int i = 0; i < childPositions.Count; ++i)
- {
- if (doc.GetTagForElement( (int)childPositions[i] ).Equals( "PermissionSet" ))
- {
- positionPermissionSet = (int)childPositions[i];
- }
- }
-
- if (positionPermissionSet != -1)
- {
- String className = doc.GetAttributeForElement( positionPermissionSet, "class" );
-
- if (className != null && (className.Equals( "NamedPermissionSet" ) ||
- className.Equals( "System.Security.NamedPermissionSet" )))
- m_permSet = new NamedPermissionSet( "DefaultName", PermissionState.None );
- else
- m_permSet = new PermissionSet( PermissionState.None );
-
- m_permSet.FromXml( doc, positionPermissionSet, allowInternalOnly );
- }
- else
- {
- throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidXML" ) );
- }
- }
-
- if (m_permSet == null)
- m_permSet = new PermissionSet( PermissionState.None );
- }
- }
-#endif // FEATURE_CAS_POLICY
-
-
[System.Runtime.InteropServices.ComVisible(false)]
public override bool Equals( Object obj )
{
diff --git a/src/mscorlib/src/System/Security/Policy/Site.cs b/src/mscorlib/src/System/Security/Policy/Site.cs
index e7c6cd3d83..14a95e1666 100644
--- a/src/mscorlib/src/System/Security/Policy/Site.cs
+++ b/src/mscorlib/src/System/Security/Policy/Site.cs
@@ -10,6 +10,7 @@
//
using System;
+using System.Diagnostics;
using System.Diagnostics.Contracts;
using System.Globalization;
using System.Security.Permissions;
@@ -26,7 +27,7 @@ namespace System.Security.Policy
public Site(String name)
{
if (name == null)
- throw new ArgumentNullException("name");
+ throw new ArgumentNullException(nameof(name));
Contract.EndContractBlock();
m_name = new SiteString( name );
@@ -34,7 +35,7 @@ namespace System.Security.Policy
private Site(SiteString name)
{
- Contract.Assert(name != null);
+ Debug.Assert(name != null);
m_name = name;
}
@@ -94,30 +95,6 @@ namespace System.Security.Policy
return Clone();
}
-#if FEATURE_CAS_POLICY
- internal SecurityElement ToXml()
- {
- SecurityElement elem = new SecurityElement( "System.Security.Policy.Site" );
- // If you hit this assert then most likely you are trying to change the name of this class.
- // This is ok as long as you change the hard coded string above and change the assert below.
- Contract.Assert( this.GetType().FullName.Equals( "System.Security.Policy.Site" ), "Class name changed!" );
-
- elem.AddAttribute( "version", "1" );
-
- if(m_name != null)
- elem.AddChild( new SecurityElement( "Name", m_name.ToString() ) );
-
- return elem;
- }
-#endif // FEATURE_CAS_POLICY
-
-#if FEATURE_CAS_POLICY
- public override String ToString()
- {
- return ToXml().ToString();
- }
-#endif // FEATURE_CAS_POLICY
-
// INormalizeForIsolatedStorage is not implemented for startup perf
// equivalent to INormalizeForIsolatedStorage.Normalize()
internal Object Normalize()
diff --git a/src/mscorlib/src/System/Security/Policy/StrongName.cs b/src/mscorlib/src/System/Security/Policy/StrongName.cs
index c49f2b0674..999b478ba7 100644
--- a/src/mscorlib/src/System/Security/Policy/StrongName.cs
+++ b/src/mscorlib/src/System/Security/Policy/StrongName.cs
@@ -42,20 +42,20 @@ namespace System.Security.Policy {
internal StrongName(StrongNamePublicKeyBlob blob, String name, Version version, Assembly assembly)
{
if (name == null)
- throw new ArgumentNullException("name");
+ throw new ArgumentNullException(nameof(name));
if (String.IsNullOrEmpty(name))
throw new ArgumentException(Environment.GetResourceString("Argument_EmptyStrongName"));
if (blob == null)
- throw new ArgumentNullException("blob");
+ throw new ArgumentNullException(nameof(blob));
if (version == null)
- throw new ArgumentNullException("version");
+ throw new ArgumentNullException(nameof(version));
Contract.EndContractBlock();
RuntimeAssembly rtAssembly = assembly as RuntimeAssembly;
if (assembly != null && rtAssembly == null)
- throw new ArgumentException(Environment.GetResourceString("Argument_MustBeRuntimeAssembly"), "assembly");
+ throw new ArgumentException(Environment.GetResourceString("Argument_MustBeRuntimeAssembly"), nameof(assembly));
m_publicKeyBlob = blob;
m_name = name;
@@ -89,14 +89,9 @@ namespace System.Security.Policy {
bool IDelayEvaluatedEvidence.IsVerified
{
- [System.Security.SecurityCritical] // auto-generated
get
{
-#if FEATURE_CAS_POLICY
- return m_assembly != null ? m_assembly.IsStrongNameVerified : true;
-#else // !FEATURE_CAS_POLICY
return true;
-#endif // FEATURE_CAS_POLICY
}
}
@@ -133,52 +128,6 @@ namespace System.Security.Policy {
return Clone();
}
-#if FEATURE_CAS_POLICY
- internal SecurityElement ToXml()
- {
- SecurityElement root = new SecurityElement( "StrongName" );
- root.AddAttribute( "version", "1" );
-
- if (m_publicKeyBlob != null)
- root.AddAttribute( "Key", System.Security.Util.Hex.EncodeHexString( m_publicKeyBlob.PublicKey ) );
-
- if (m_name != null)
- root.AddAttribute( "Name", m_name );
-
- if (m_version != null)
- root.AddAttribute( "Version", m_version.ToString() );
-
- return root;
- }
-
- internal void FromXml (SecurityElement element)
- {
- if (element == null)
- throw new ArgumentNullException("element");
- if (String.Compare(element.Tag, "StrongName", StringComparison.Ordinal) != 0)
- throw new ArgumentException(Environment.GetResourceString("Argument_InvalidXML"));
- Contract.EndContractBlock();
-
- m_publicKeyBlob = null;
- m_version = null;
-
- string key = element.Attribute("Key");
- if (key != null)
- m_publicKeyBlob = new StrongNamePublicKeyBlob(System.Security.Util.Hex.DecodeHexString(key));
-
- m_name = element.Attribute("Name");
-
- string version = element.Attribute("Version");
- if (version != null)
- m_version = new Version(version);
- }
-
- public override String ToString()
- {
- return ToXml().ToString();
- }
-#endif // FEATURE_CAS_POLICY
-
public override bool Equals( Object o )
{
StrongName that = (o as StrongName);
diff --git a/src/mscorlib/src/System/Security/Policy/URL.cs b/src/mscorlib/src/System/Security/Policy/URL.cs
index d3ad4f8724..3541124ac6 100644
--- a/src/mscorlib/src/System/Security/Policy/URL.cs
+++ b/src/mscorlib/src/System/Security/Policy/URL.cs
@@ -14,6 +14,7 @@ namespace System.Security.Policy {
using System.Security.Util;
using UrlIdentityPermission = System.Security.Permissions.UrlIdentityPermission;
using System.Runtime.Serialization;
+ using System.Diagnostics;
using System.Diagnostics.Contracts;
[Serializable]
@@ -25,7 +26,7 @@ namespace System.Security.Policy {
internal Url( String name, bool parsed )
{
if (name == null)
- throw new ArgumentNullException( "name" );
+ throw new ArgumentNullException( nameof(name) );
Contract.EndContractBlock();
m_url = new URLString( name, parsed );
@@ -34,7 +35,7 @@ namespace System.Security.Policy {
public Url( String name )
{
if (name == null)
- throw new ArgumentNullException( "name" );
+ throw new ArgumentNullException( nameof(name) );
Contract.EndContractBlock();
m_url = new URLString( name );
@@ -42,7 +43,7 @@ namespace System.Security.Policy {
private Url(Url url)
{
- Contract.Assert(url != null);
+ Debug.Assert(url != null);
m_url = url.m_url;
}
@@ -87,28 +88,6 @@ namespace System.Security.Policy {
return Clone();
}
-#if FEATURE_CAS_POLICY
- internal SecurityElement ToXml()
- {
- SecurityElement root = new SecurityElement( "System.Security.Policy.Url" );
- // If you hit this assert then most likely you are trying to change the name of this class.
- // This is ok as long as you change the hard coded string above and change the assert below.
- Contract.Assert( this.GetType().FullName.Equals( "System.Security.Policy.Url" ), "Class name changed!" );
-
- root.AddAttribute( "version", "1" );
-
- if (m_url != null)
- root.AddChild( new SecurityElement( "Url", m_url.ToString() ) );
-
- return root;
- }
-
- public override String ToString()
- {
- return ToXml().ToString();
- }
-#endif // FEATURE_CAS_POLICY
-
// INormalizeForIsolatedStorage is not implemented for startup perf
// equivalent to INormalizeForIsolatedStorage.Normalize()
internal Object Normalize()
diff --git a/src/mscorlib/src/System/Security/Policy/Zone.cs b/src/mscorlib/src/System/Security/Policy/Zone.cs
index c999abe340..a9f5d84aeb 100644
--- a/src/mscorlib/src/System/Security/Policy/Zone.cs
+++ b/src/mscorlib/src/System/Security/Policy/Zone.cs
@@ -9,23 +9,21 @@
// Zone is an IIdentity representing Internet/Intranet/MyComputer etc.
//
-namespace System.Security.Policy {
+namespace System.Security.Policy
+{
using System.Security.Util;
using ZoneIdentityPermission = System.Security.Permissions.ZoneIdentityPermission;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
using System.Runtime.Versioning;
using System.Runtime.Serialization;
+ using System.Diagnostics;
using System.Diagnostics.Contracts;
[Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
public sealed class Zone : EvidenceBase, IIdentityPermissionFactory
{
-#if FEATURE_CAS_POLICY
- [OptionalField(VersionAdded = 2)]
- private String m_url;
-#endif // FEATURE_CAS_POLICY
private SecurityZone m_zone;
private static readonly String[] s_names =
@@ -42,36 +40,10 @@ namespace System.Security.Policy {
private Zone(Zone zone)
{
- Contract.Assert(zone != null);
-
-#if FEATURE_CAS_POLICY
- m_url = zone.m_url;
-#endif // FEATURE_CAS_POLICY
+ Debug.Assert(zone != null);
m_zone = zone.m_zone;
}
-#if FEATURE_CAS_POLICY
- private Zone(String url)
- {
- m_url = url;
- m_zone = SecurityZone.NoZone;
- }
-
- public static Zone CreateFromUrl( String url )
- {
- if (url == null)
- throw new ArgumentNullException( "url" );
- Contract.EndContractBlock();
-
- return new Zone( url );
- }
-
- [System.Security.SecurityCritical] // auto-generated
- [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
- [SuppressUnmanagedCodeSecurity]
- private extern static SecurityZone _CreateFromUrl( String url );
-#endif // FEATURE_CAS_POLICY
-
public IPermission CreateIdentityPermission( Evidence evidence )
{
return new ZoneIdentityPermission( SecurityZone );
@@ -79,14 +51,8 @@ namespace System.Security.Policy {
public SecurityZone SecurityZone
{
- [System.Security.SecuritySafeCritical] // auto-generated
get
{
-#if FEATURE_CAS_POLICY
- if (m_url != null)
- m_zone = _CreateFromUrl( m_url );
-#endif // FEATURE_CAS_POLICY
-
return m_zone;
}
}
@@ -117,30 +83,6 @@ namespace System.Security.Policy {
return Clone();
}
-#if FEATURE_CAS_POLICY
- internal SecurityElement ToXml()
- {
- SecurityElement elem = new SecurityElement( "System.Security.Policy.Zone" );
- // If you hit this assert then most likely you are trying to change the name of this class.
- // This is ok as long as you change the hard coded string above and change the assert below.
- Contract.Assert( this.GetType().FullName.Equals( "System.Security.Policy.Zone" ), "Class name changed!" );
-
- elem.AddAttribute( "version", "1" );
- if (SecurityZone != SecurityZone.NoZone)
- elem.AddChild( new SecurityElement( "Zone", s_names[(int)SecurityZone] ) );
- else
- elem.AddChild( new SecurityElement( "Zone", s_names[s_names.Length-1] ) );
- return elem;
- }
-#endif // FEATURE_CAS_POLICY
-
-#if FEATURE_CAS_POLICY
- public override String ToString()
- {
- return ToXml().ToString();
- }
-#endif // FEATURE_CAS_POLICY
-
// INormalizeForIsolatedStorage is not implemented for startup perf
// equivalent to INormalizeForIsolatedStorage.Normalize()
internal Object Normalize()