diff options
Diffstat (limited to 'src/mscorlib/src/System/Security/Policy')
10 files changed, 42 insertions, 2933 deletions
diff --git a/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs b/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs index 57b216e462..3d4e35adf4 100644 --- a/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs +++ b/src/mscorlib/src/System/Security/Policy/ApplicationTrust.cs @@ -2,20 +2,14 @@ // The .NET Foundation licenses this file to you under the MIT license. // See the LICENSE file in the project root for more information. -// - -// // // This class encapsulates security decisions about an application. // -namespace System.Security.Policy { +namespace System.Security.Policy +{ using System.Collections; using System.Collections.Generic; -#if FEATURE_CLICKONCE - using System.Deployment.Internal.Isolation; - using System.Deployment.Internal.Isolation.Manifest; -#endif using System.Globalization; using System.IO; using System.Runtime.InteropServices; @@ -40,14 +34,6 @@ namespace System.Security.Policy { [Serializable] public sealed class ApplicationTrust : EvidenceBase, ISecurityEncodable { -#if FEATURE_CLICKONCE - private ApplicationIdentity m_appId; - private bool m_appTrustedToRun; - private bool m_persist; - - private object m_extraInfo; - private SecurityElement m_elExtraInfo; -#endif private PolicyStatement m_psDefaultGrant; private IList<StrongName> m_fullTrustAssemblies; @@ -65,11 +51,6 @@ namespace System.Security.Policy { [NonSerialized] private int m_grantSetSpecialFlags; -#if FEATURE_CLICKONCE - public ApplicationTrust (ApplicationIdentity applicationIdentity) : this () { - ApplicationIdentity = applicationIdentity; - } -#endif public ApplicationTrust () : this (new PermissionSet(PermissionState.None)) { } @@ -83,7 +64,7 @@ namespace System.Security.Policy { public ApplicationTrust(PermissionSet defaultGrantSet, IEnumerable<StrongName> fullTrustAssemblies) { if (fullTrustAssemblies == null) { - throw new ArgumentNullException("fullTrustAssemblies"); + throw new ArgumentNullException(nameof(fullTrustAssemblies)); } InitDefaultGrantSet(defaultGrantSet); @@ -91,7 +72,7 @@ namespace System.Security.Policy { List<StrongName> fullTrustList = new List<StrongName>(); foreach (StrongName strongName in fullTrustAssemblies) { if (strongName == null) { - throw new ArgumentException(Environment.GetResourceString("Argument_NullFullTrustAssembly"), "fullTrustAssemblies"); + throw new ArgumentException(Environment.GetResourceString("Argument_NullFullTrustAssembly"), nameof(fullTrustAssemblies)); } fullTrustList.Add(new StrongName(strongName.PublicKey, strongName.Name, strongName.Version)); @@ -104,7 +85,7 @@ namespace System.Security.Policy { // IEnumerable virtual dispatches on startup when there are no fullTrustAssemblies (CoreCLR) private void InitDefaultGrantSet(PermissionSet defaultGrantSet) { if (defaultGrantSet == null) { - throw new ArgumentNullException("defaultGrantSet"); + throw new ArgumentNullException(nameof(defaultGrantSet)); } // Creating a PolicyStatement copies the incoming permission set, so we don't have to worry @@ -113,19 +94,6 @@ namespace System.Security.Policy { DefaultGrantSet = new PolicyStatement(defaultGrantSet); } -#if FEATURE_CLICKONCE - public ApplicationIdentity ApplicationIdentity { - get { - return m_appId; - } - set { - if (value == null) - throw new ArgumentNullException("value", Environment.GetResourceString("Argument_InvalidAppId")); - Contract.EndContractBlock(); - m_appId = value; - } - } -#endif public PolicyStatement DefaultGrantSet { get { if (m_psDefaultGrant == null) @@ -149,541 +117,10 @@ namespace System.Security.Policy { return m_fullTrustAssemblies; } } -#if FEATURE_CLICKONCE - public bool IsApplicationTrustedToRun { - get { - return m_appTrustedToRun; - } - set { - m_appTrustedToRun = value; - } - } - - public bool Persist { - get { - return m_persist; - } - set { - m_persist = value; - } - } - - public object ExtraInfo { - get { - if (m_elExtraInfo != null) { - m_extraInfo = ObjectFromXml(m_elExtraInfo); - m_elExtraInfo = null; - } - return m_extraInfo; - } - set { - m_elExtraInfo = null; - m_extraInfo = value; - } - } -#endif //FEATURE_CLICKONCE - -#if FEATURE_CAS_POLICY - public SecurityElement ToXml () { - SecurityElement elRoot = new SecurityElement("ApplicationTrust"); - elRoot.AddAttribute("version", "1"); - -#if FEATURE_CLICKONCE - if (m_appId != null) { - elRoot.AddAttribute("FullName", SecurityElement.Escape(m_appId.FullName)); - } - if (m_appTrustedToRun) { - elRoot.AddAttribute("TrustedToRun", "true"); - } - if (m_persist) { - elRoot.AddAttribute("Persist", "true"); - } -#endif // FEATURE_CLICKONCE - - if (m_psDefaultGrant != null) { - SecurityElement elDefaultGrant = new SecurityElement("DefaultGrant"); - elDefaultGrant.AddChild(m_psDefaultGrant.ToXml()); - elRoot.AddChild(elDefaultGrant); - } - if (m_fullTrustAssemblies.Count > 0) { - SecurityElement elFullTrustAssemblies = new SecurityElement("FullTrustAssemblies"); - foreach (StrongName fullTrustAssembly in m_fullTrustAssemblies) { - elFullTrustAssemblies.AddChild(fullTrustAssembly.ToXml()); - } - elRoot.AddChild(elFullTrustAssemblies); - } - -#if FEATURE_CLICKONCE - if (ExtraInfo != null) { - elRoot.AddChild(ObjectToXml("ExtraInfo", ExtraInfo)); - } -#endif // FEATURE_CLICKONCE - return elRoot; - } - - public void FromXml (SecurityElement element) { - if (element == null) - throw new ArgumentNullException("element"); - if (String.Compare(element.Tag, "ApplicationTrust", StringComparison.Ordinal) != 0) - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidXML")); - -#if FEATURE_CLICKONCE - m_appTrustedToRun = false; - string isAppTrustedToRun = element.Attribute("TrustedToRun"); - if (isAppTrustedToRun != null && String.Compare(isAppTrustedToRun, "true", StringComparison.Ordinal) == 0) { - m_appTrustedToRun = true; - } - - m_persist = false; - string persist = element.Attribute("Persist"); - if (persist != null && String.Compare(persist, "true", StringComparison.Ordinal) == 0) { - m_persist = true; - } - - m_appId = null; - string fullName = element.Attribute("FullName"); - if (fullName != null && fullName.Length > 0) { - m_appId = new ApplicationIdentity(fullName); - } -#endif // FEATURE_CLICKONCE - - m_psDefaultGrant = null; - m_grantSetSpecialFlags = 0; - SecurityElement elDefaultGrant = element.SearchForChildByTag("DefaultGrant"); - if (elDefaultGrant != null) { - SecurityElement elDefaultGrantPS = elDefaultGrant.SearchForChildByTag("PolicyStatement"); - if (elDefaultGrantPS != null) { - PolicyStatement ps = new PolicyStatement(null); - ps.FromXml(elDefaultGrantPS); - m_psDefaultGrant = ps; - m_grantSetSpecialFlags = SecurityManager.GetSpecialFlags(ps.PermissionSet, null); - } - } - - List<StrongName> fullTrustAssemblies = new List<StrongName>(); - SecurityElement elFullTrustAssemblies = element.SearchForChildByTag("FullTrustAssemblies"); - if (elFullTrustAssemblies != null && elFullTrustAssemblies.InternalChildren != null) { - IEnumerator enumerator = elFullTrustAssemblies.Children.GetEnumerator(); - while (enumerator.MoveNext()) { - StrongName fullTrustAssembly = new StrongName(); - fullTrustAssembly.FromXml(enumerator.Current as SecurityElement); - fullTrustAssemblies.Add(fullTrustAssembly); - } - } - - m_fullTrustAssemblies = fullTrustAssemblies.AsReadOnly(); - -#if FEATURE_CLICKONCE - m_elExtraInfo = element.SearchForChildByTag("ExtraInfo"); -#endif // FEATURE_CLICKONCE - } - -#if FEATURE_CLICKONCE - private static SecurityElement ObjectToXml (string tag, Object obj) { - BCLDebug.Assert(obj != null, "You need to pass in an object"); - - ISecurityEncodable encodableObj = obj as ISecurityEncodable; - - SecurityElement elObject; - if (encodableObj != null) { - elObject = encodableObj.ToXml(); - if (!elObject.Tag.Equals(tag)) - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidXML")); - } - MemoryStream stream = new MemoryStream(); - BinaryFormatter formatter = new BinaryFormatter(); - formatter.Serialize(stream, obj); - byte[] array = stream.ToArray(); - - elObject = new SecurityElement(tag); - elObject.AddAttribute("Data", Hex.EncodeHexString(array)); - return elObject; - } - - private static Object ObjectFromXml (SecurityElement elObject) { - BCLDebug.Assert(elObject != null, "You need to pass in a security element"); - - if (elObject.Attribute("class") != null) { - ISecurityEncodable encodableObj = XMLUtil.CreateCodeGroup(elObject) as ISecurityEncodable; - if (encodableObj != null) { - encodableObj.FromXml(elObject); - return encodableObj; - } - } - - string objectData = elObject.Attribute("Data"); - MemoryStream stream = new MemoryStream(Hex.DecodeHexString(objectData)); - BinaryFormatter formatter = new BinaryFormatter(); - return formatter.Deserialize(stream); - } -#endif // FEATURE_CLICKONCE -#endif // FEATURE_CAS_POLICY - -#pragma warning disable 618 - [SecurityPermission(SecurityAction.Demand, SerializationFormatter = true)] -#pragma warning restore 618 - [SecuritySafeCritical] public override EvidenceBase Clone() { return base.Clone(); } } - -#if FEATURE_CLICKONCE - [System.Security.SecurityCritical] // auto-generated_required - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class ApplicationTrustCollection : ICollection { - private const string ApplicationTrustProperty = "ApplicationTrust"; - private const string InstallerIdentifier = "{60051b8f-4f12-400a-8e50-dd05ebd438d1}"; - private static Guid ClrPropertySet = new Guid("c989bb7a-8385-4715-98cf-a741a8edb823"); - - // The CLR specific constant install reference. - private static object s_installReference = null; - private static StoreApplicationReference InstallReference { - get { - if (s_installReference == null) { - Interlocked.CompareExchange(ref s_installReference, - new StoreApplicationReference( - IsolationInterop.GUID_SXS_INSTALL_REFERENCE_SCHEME_OPAQUESTRING, - InstallerIdentifier, - null), - null); - } - return (StoreApplicationReference) s_installReference; - } - } - - private object m_appTrusts = null; - private ArrayList AppTrusts { - [System.Security.SecurityCritical] // auto-generated - get { - if (m_appTrusts == null) { - ArrayList appTrusts = new ArrayList(); - if (m_storeBounded) { - RefreshStorePointer(); - // enumerate the user store and populate the collection - StoreDeploymentMetadataEnumeration deplEnum = m_pStore.EnumInstallerDeployments(IsolationInterop.GUID_SXS_INSTALL_REFERENCE_SCHEME_OPAQUESTRING, InstallerIdentifier, ApplicationTrustProperty, null); - foreach (IDefinitionAppId defAppId in deplEnum) { - StoreDeploymentMetadataPropertyEnumeration metadataEnum = m_pStore.EnumInstallerDeploymentProperties(IsolationInterop.GUID_SXS_INSTALL_REFERENCE_SCHEME_OPAQUESTRING, InstallerIdentifier, ApplicationTrustProperty, defAppId); - foreach (StoreOperationMetadataProperty appTrustProperty in metadataEnum) { - string appTrustXml = appTrustProperty.Value; - if (appTrustXml != null && appTrustXml.Length > 0) { - SecurityElement seTrust = SecurityElement.FromString(appTrustXml); - ApplicationTrust appTrust = new ApplicationTrust(); - appTrust.FromXml(seTrust); - appTrusts.Add(appTrust); - } - } - } - } - Interlocked.CompareExchange(ref m_appTrusts, appTrusts, null); - } - return m_appTrusts as ArrayList; - } - } - - private bool m_storeBounded = false; - private Store m_pStore = null; // Component store interface pointer. - - // Only internal constructors are exposed. - [System.Security.SecurityCritical] // auto-generated - internal ApplicationTrustCollection () : this(false) {} - internal ApplicationTrustCollection (bool storeBounded) { - m_storeBounded = storeBounded; - } - - [System.Security.SecurityCritical] // auto-generated - private void RefreshStorePointer () { - // Refresh store pointer. - if (m_pStore != null) - Marshal.ReleaseComObject(m_pStore.InternalStore); - m_pStore = IsolationInterop.GetUserStore(); - } - - public int Count - { - [System.Security.SecuritySafeCritical] // overrides public transparent member - get { - return AppTrusts.Count; - } - } - - public ApplicationTrust this[int index] { - [System.Security.SecurityCritical] // auto-generated - get { - return AppTrusts[index] as ApplicationTrust; - } - } - - public ApplicationTrust this[string appFullName] { - [System.Security.SecurityCritical] // auto-generated - get { - ApplicationIdentity identity = new ApplicationIdentity(appFullName); - ApplicationTrustCollection appTrusts = Find(identity, ApplicationVersionMatch.MatchExactVersion); - if (appTrusts.Count > 0) - return appTrusts[0]; - return null; - } - } - - [System.Security.SecurityCritical] // auto-generated - private void CommitApplicationTrust(ApplicationIdentity applicationIdentity, string trustXml) { - StoreOperationMetadataProperty[] properties = new StoreOperationMetadataProperty[] { - new StoreOperationMetadataProperty(ClrPropertySet, ApplicationTrustProperty, trustXml) - }; - - IEnumDefinitionIdentity idenum = applicationIdentity.Identity.EnumAppPath(); - IDefinitionIdentity[] asbId = new IDefinitionIdentity[1]; - IDefinitionIdentity deplId = null; - if (idenum.Next(1, asbId) == 1) - deplId = asbId[0]; - - IDefinitionAppId defAppId = IsolationInterop.AppIdAuthority.CreateDefinition(); - defAppId.SetAppPath(1, new IDefinitionIdentity[] {deplId}); - defAppId.put_Codebase(applicationIdentity.CodeBase); - - using (StoreTransaction storeTxn = new StoreTransaction()) { - storeTxn.Add(new StoreOperationSetDeploymentMetadata(defAppId, InstallReference, properties)); - RefreshStorePointer(); - m_pStore.Transact(storeTxn.Operations); - } - - m_appTrusts = null; // reset the app trusts in the collection. - } - - [System.Security.SecurityCritical] // auto-generated - public int Add (ApplicationTrust trust) { - if (trust == null) - throw new ArgumentNullException("trust"); - if (trust.ApplicationIdentity == null) - throw new ArgumentException(Environment.GetResourceString("Argument_ApplicationTrustShouldHaveIdentity")); - Contract.EndContractBlock(); - - // Add the trust decision of the application to the fusion store. - if (m_storeBounded) { - CommitApplicationTrust(trust.ApplicationIdentity, trust.ToXml().ToString()); - return -1; - } else { - return AppTrusts.Add(trust); - } - } - - [System.Security.SecurityCritical] // auto-generated - public void AddRange (ApplicationTrust[] trusts) { - if (trusts == null) - throw new ArgumentNullException("trusts"); - Contract.EndContractBlock(); - - int i=0; - try { - for (; i<trusts.Length; i++) { - Add(trusts[i]); - } - } catch { - for (int j=0; j<i; j++) { - Remove(trusts[j]); - } - throw; - } - } - - [System.Security.SecurityCritical] // auto-generated - public void AddRange (ApplicationTrustCollection trusts) { - if (trusts == null) - throw new ArgumentNullException("trusts"); - Contract.EndContractBlock(); - - int i = 0; - try { - foreach (ApplicationTrust trust in trusts) { - Add(trust); - i++; - } - } catch { - for (int j=0; j<i; j++) { - Remove(trusts[j]); - } - throw; - } - } - - [System.Security.SecurityCritical] // auto-generated - public ApplicationTrustCollection Find (ApplicationIdentity applicationIdentity, ApplicationVersionMatch versionMatch) { - ApplicationTrustCollection collection = new ApplicationTrustCollection(false); - foreach (ApplicationTrust trust in this) { - if (CmsUtils.CompareIdentities(trust.ApplicationIdentity, applicationIdentity, versionMatch)) - collection.Add(trust); - } - return collection; - } - - [System.Security.SecurityCritical] // auto-generated - public void Remove (ApplicationIdentity applicationIdentity, ApplicationVersionMatch versionMatch) { - ApplicationTrustCollection collection = Find(applicationIdentity, versionMatch); - RemoveRange(collection); - } - - [System.Security.SecurityCritical] // auto-generated - public void Remove (ApplicationTrust trust) { - if (trust == null) - throw new ArgumentNullException("trust"); - if (trust.ApplicationIdentity == null) - throw new ArgumentException(Environment.GetResourceString("Argument_ApplicationTrustShouldHaveIdentity")); - Contract.EndContractBlock(); - - // Remove the trust decision of the application from the fusion store. - if (m_storeBounded) { - CommitApplicationTrust(trust.ApplicationIdentity, null); - } else { - AppTrusts.Remove(trust); - } - } - - [System.Security.SecurityCritical] // auto-generated - public void RemoveRange (ApplicationTrust[] trusts) { - if (trusts == null) - throw new ArgumentNullException("trusts"); - Contract.EndContractBlock(); - - int i=0; - try { - for (; i<trusts.Length; i++) { - Remove(trusts[i]); - } - } catch { - for (int j=0; j<i; j++) { - Add(trusts[j]); - } - throw; - } - } - - [System.Security.SecurityCritical] // auto-generated - public void RemoveRange (ApplicationTrustCollection trusts) { - if (trusts == null) - throw new ArgumentNullException("trusts"); - Contract.EndContractBlock(); - - int i = 0; - try { - foreach (ApplicationTrust trust in trusts) { - Remove(trust); - i++; - } - } catch { - for (int j=0; j<i; j++) { - Add(trusts[j]); - } - throw; - } - } - - [System.Security.SecurityCritical] // auto-generated - public void Clear() { - // remove all trust decisions in the collection. - ArrayList trusts = this.AppTrusts; - if (m_storeBounded) { - foreach (ApplicationTrust trust in trusts) { - if (trust.ApplicationIdentity == null) - throw new ArgumentException(Environment.GetResourceString("Argument_ApplicationTrustShouldHaveIdentity")); - - // Remove the trust decision of the application from the fusion store. - CommitApplicationTrust(trust.ApplicationIdentity, null); - } - } - trusts.Clear(); - } - - public ApplicationTrustEnumerator GetEnumerator() { - return new ApplicationTrustEnumerator(this); - } - - /// <internalonly/> - [System.Security.SecuritySafeCritical] // overrides public transparent member - IEnumerator IEnumerable.GetEnumerator() - { - return new ApplicationTrustEnumerator(this); - } - - /// <internalonly/> - [System.Security.SecuritySafeCritical] // overrides public transparent member - void ICollection.CopyTo(Array array, int index) { - if (array == null) - throw new ArgumentNullException("array"); - if (array.Rank != 1) - throw new ArgumentException(Environment.GetResourceString("Arg_RankMultiDimNotSupported")); - if (index < 0 || index >= array.Length) - throw new ArgumentOutOfRangeException("index", Environment.GetResourceString("ArgumentOutOfRange_Index")); - if (array.Length - index < this.Count) - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidOffLen")); - Contract.EndContractBlock(); - - for (int i=0; i < this.Count; i++) { - array.SetValue(this[i], index++); - } - } - - public void CopyTo (ApplicationTrust[] array, int index) { - ((ICollection)this).CopyTo(array, index); - } - - public bool IsSynchronized { - [System.Security.SecuritySafeCritical] // overrides public transparent member - get - { - return false; - } - } - - public object SyncRoot { - [System.Security.SecuritySafeCritical] // overrides public transparent member - get - { - return this; - } - } - } - - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class ApplicationTrustEnumerator : IEnumerator { - [System.Security.SecurityCritical] // auto-generated - private ApplicationTrustCollection m_trusts; - private int m_current; - - private ApplicationTrustEnumerator() {} - [System.Security.SecurityCritical] // auto-generated - internal ApplicationTrustEnumerator(ApplicationTrustCollection trusts) { - m_trusts = trusts; - m_current = -1; - } - - public ApplicationTrust Current { - [System.Security.SecuritySafeCritical] // auto-generated - get { - return m_trusts[m_current]; - } - } - - /// <internalonly/> - object IEnumerator.Current { - [System.Security.SecuritySafeCritical] // auto-generated - get { - return (object) m_trusts[m_current]; - } - } - - [System.Security.SecuritySafeCritical] // auto-generated - public bool MoveNext() { - if (m_current == ((int) m_trusts.Count - 1)) - return false; - m_current++; - return true; - } - - public void Reset() { - m_current = -1; - } - } -#endif // FEATURE_CLICKONCE } diff --git a/src/mscorlib/src/System/Security/Policy/Evidence.cs b/src/mscorlib/src/System/Security/Policy/Evidence.cs index 8bf8aa7e92..22479dff6c 100644 --- a/src/mscorlib/src/System/Security/Policy/Evidence.cs +++ b/src/mscorlib/src/System/Security/Policy/Evidence.cs @@ -2,28 +2,13 @@ // The .NET Foundation licenses this file to you under the MIT license. // See the LICENSE file in the project root for more information. -// - namespace System.Security.Policy { - using System; - using System.Collections; - using System.Collections.Generic; - using System.Configuration.Assemblies; - using System.Diagnostics.Contracts; - using System.IO; - using System.Reflection; - using System.Runtime.CompilerServices; using System.Runtime.InteropServices; - using System.Runtime.Remoting; #if FEATURE_SERIALIZATION using System.Runtime.Serialization; using System.Runtime.Serialization.Formatters.Binary; #endif // FEATURE_SERIALIZATION - using System.Security.Permissions; - using System.Security.Util; - using System.Threading; - using Microsoft.Win32.SafeHandles; /// <summary> /// The Evidence class keeps track of information that can be used to make security decisions about @@ -48,1856 +33,6 @@ namespace System.Security.Policy #endif [ComVisible(true)] public sealed class Evidence -#if FEATURE_CAS_POLICY - : ICollection -#endif // FEATURE_CAS_POLICY { -#if !FEATURE_CORECLR && FEATURE_RWLOCK -#if FEATURE_SERIALIZATION - [OptionalField(VersionAdded = 4)] - private Dictionary<Type, EvidenceTypeDescriptor> m_evidence; - - [OptionalField(VersionAdded = 4)] - private bool m_deserializedTargetEvidence; - - // These fields are only used to deserialize v2.0 serialized versions of Evidence. It will be null - // after the seriailzation process is complete, and should not be used. -#pragma warning disable 414 - private volatile ArrayList m_hostList; - private volatile ArrayList m_assemblyList; -#pragma warning restore 414 -#else // !FEATURE_SERIALIZATION - private Dictionary<Type, EvidenceTypeDescriptor> m_evidence; -#endif // FEATURE_SERIALIZATION - - [NonSerialized] - private ReaderWriterLock m_evidenceLock; - - [NonSerialized] - private uint m_version; - - [NonSerialized] - private IRuntimeEvidenceFactory m_target; - - private bool m_locked; - - // If this evidence collection is a clone where we may need to backpatch to the original, this will - // reference the collection it was cloned from. See - // code:System.Security.Policy.Evidence#BackpatchGeneratedEvidence - [NonSerialized] - private WeakReference m_cloneOrigin; - - private static volatile Type[] s_runtimeEvidenceTypes; - - /// <summary> - /// Set of actions that we could perform if we detect that we are attempting to add evidence - /// when we already have evidence of that type stored. - /// </summary> - private enum DuplicateEvidenceAction - { - Throw, // Throw an exception - Merge, // Create a list of all the evidence objects - SelectNewObject // The newly added object wins - } - -#if FEATURE_CAS_POLICY - public Evidence() - { - m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>(); - m_evidenceLock = new ReaderWriterLock(); - } -#endif // FEATURE_CAS_POLICY - - /// <summary> - /// Create a deep copy of an evidence object - /// </summary> - public Evidence(Evidence evidence) - { - m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>(); - - if (evidence != null) - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(evidence, EvidenceLockHolder.LockType.Reader)) - { - foreach (KeyValuePair<Type, EvidenceTypeDescriptor> evidenceType in evidence.m_evidence) - { - EvidenceTypeDescriptor cloneDescriptor = evidenceType.Value; - if (cloneDescriptor != null) - { - cloneDescriptor = cloneDescriptor.Clone(); - } - - m_evidence[evidenceType.Key] = cloneDescriptor; - } - - m_target = evidence.m_target; - m_locked = evidence.m_locked; -#if FEATURE_SERIALIZATION - m_deserializedTargetEvidence = evidence.m_deserializedTargetEvidence; -#endif // FEATURE_SERIALIZATION - - // see code:System.Security.Policy.Evidence#BackpatchGeneratedEvidence - if (evidence.Target != null) - { - m_cloneOrigin = new WeakReference(evidence); - } - } - } - - // see code:System.Security.Policy.Evidence#EvidenceLock - m_evidenceLock = new ReaderWriterLock(); - } - - [Obsolete("This constructor is obsolete. Please use the constructor which takes arrays of EvidenceBase instead.")] - public Evidence(object[] hostEvidence, object[] assemblyEvidence) - { - m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>(); - - // This is a legacy evidence entry point, so we add through the legacy add APIs in order to get - // proper legacy wrapping and merge behavior. -#pragma warning disable 618 - if (hostEvidence != null) - { - foreach (object hostEvidenceObject in hostEvidence) - { - AddHost(hostEvidenceObject); - } - } - - if (assemblyEvidence != null) - { - foreach (object assemblyEvidenceObject in assemblyEvidence) - { - AddAssembly(assemblyEvidenceObject); - } - } -#pragma warning restore 618 - - // see code:System.Security.Policy.Evidence#EvidenceLock - m_evidenceLock = new ReaderWriterLock(); - } - - public Evidence(EvidenceBase[] hostEvidence, EvidenceBase[] assemblyEvidence) - { - m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>(); - - if (hostEvidence != null) - { - foreach (EvidenceBase hostEvidenceObject in hostEvidence) - { - AddHostEvidence(hostEvidenceObject, GetEvidenceIndexType(hostEvidenceObject), DuplicateEvidenceAction.Throw); - } - } - - if (assemblyEvidence != null) - { - foreach (EvidenceBase assemblyEvidenceObject in assemblyEvidence) - { - AddAssemblyEvidence(assemblyEvidenceObject, GetEvidenceIndexType(assemblyEvidenceObject), DuplicateEvidenceAction.Throw); - } - } - - // see code:System.Security.Policy.Evidence#EvidenceLock - m_evidenceLock = new ReaderWriterLock(); - } - - /// <summary> - /// Create an empty evidence collection which will contain evidence for a specific assembly or - /// AppDomain - /// </summary> - [SecuritySafeCritical] - internal Evidence(IRuntimeEvidenceFactory target) - { - Contract.Assert(target != null); - - m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>(); - m_target = target; - - // Setup the types of evidence that the CLR can generate for a target as keys in the dictionary - foreach (Type runtimeEvidenceType in RuntimeEvidenceTypes) - { - BCLDebug.Assert(typeof(EvidenceBase).IsAssignableFrom(runtimeEvidenceType), "All runtime evidence types should be EvidenceBases"); - m_evidence[runtimeEvidenceType] = null; - } - - QueryHostForPossibleEvidenceTypes(); - - // see code:System.Security.Policy.Evidence#EvidenceLock - m_evidenceLock = new ReaderWriterLock(); - } - - internal static Type[] RuntimeEvidenceTypes - { - get - { - if (s_runtimeEvidenceTypes == null) - { - Type[] runtimeEvidenceTypes = new Type[] - { -#if FEATURE_CLICKONCE - typeof(System.Runtime.Hosting.ActivationArguments), -#endif // FEATURE_CLICKONCE -#if FEATURE_CAS_POLICY - typeof(ApplicationDirectory), -#endif // FEATURE_CAS_POLICY - typeof(ApplicationTrust), -#if FEATURE_CAS_POLICY - typeof(GacInstalled), - typeof(Hash), - typeof(Publisher), -#endif // FEATURE_CAS_POLICY - typeof(Site), - typeof(StrongName), - typeof(Url), - typeof(Zone) - }; - -#if FEATURE_CAS_POLICY - // We only supply permission request evidence in legacy CAS mode - if (AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled) - { -#pragma warning disable 618 // We need to generate PermissionRequestEvidence in compatibility mode - int l = runtimeEvidenceTypes.Length; - Array.Resize(ref runtimeEvidenceTypes, l+1); - runtimeEvidenceTypes[l] = typeof(PermissionRequestEvidence); -#pragma warning restore 618 - } -#endif // FEATURE_CAS_POLICY - - s_runtimeEvidenceTypes = runtimeEvidenceTypes; - } - - return s_runtimeEvidenceTypes; - } - } - - // - // #EvidenceLock - // - // Evidence synchronization locking wrappers. In the case where the lock has not yet been created, - // we know that we're in the process of constructing the evidence collection and therefore we can - // act as though the evidence is locked. If there is a lock in place, then just delegate back to it. - // - // The nested EvidenceLockHolder and EvidenceUpgradeLockHolder utility classes can be used to wrap - // these methods when acquiring and releasing the evidence lock. - // - - // Millisecond timeout when waiting to acquire the evidence lock - private const int LockTimeout = 5000; - - private bool IsReaderLockHeld - { - get { return m_evidenceLock == null || m_evidenceLock.IsReaderLockHeld; } - } - - private bool IsWriterLockHeld - { - get { return m_evidenceLock == null || m_evidenceLock.IsWriterLockHeld; } - } - - private void AcquireReaderLock() - { - Contract.Assert(m_evidenceLock == null || !IsReaderLockHeld); - - if (m_evidenceLock != null) - { - m_evidenceLock.AcquireReaderLock(LockTimeout); - } - } - - private void AcquireWriterlock() - { - Contract.Assert(m_evidenceLock == null || !IsWriterLockHeld); - - if (m_evidenceLock != null) - { - m_evidenceLock.AcquireWriterLock(LockTimeout); - } - } - - private void DowngradeFromWriterLock(ref LockCookie lockCookie) - { - Contract.Assert(IsWriterLockHeld); - if (m_evidenceLock != null) - { - m_evidenceLock.DowngradeFromWriterLock(ref lockCookie); - } - } - - private LockCookie UpgradeToWriterLock() - { - Contract.Assert(IsReaderLockHeld); - return m_evidenceLock != null ? m_evidenceLock.UpgradeToWriterLock(LockTimeout) : new LockCookie(); - } - - private void ReleaseReaderLock() - { - Contract.Assert(IsReaderLockHeld); - - if (m_evidenceLock != null) - { - m_evidenceLock.ReleaseReaderLock(); - } - } - - private void ReleaseWriterLock() - { - Contract.Assert(IsWriterLockHeld); - - if (m_evidenceLock != null) - { - m_evidenceLock.ReleaseWriterLock(); - } - } - - [Obsolete("This method is obsolete. Please use AddHostEvidence instead.")] - [SecuritySafeCritical] - public void AddHost(object id) - { - if (id == null) - throw new ArgumentNullException("id"); - if (!id.GetType().IsSerializable) - throw new ArgumentException(Environment.GetResourceString("Policy_EvidenceMustBeSerializable"), "id"); - Contract.EndContractBlock(); - - if (m_locked) - { - new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand(); - } - - EvidenceBase evidence = WrapLegacyEvidence(id); - Type evidenceIndex = GetEvidenceIndexType(evidence); - - // Whidbey allowed for multiple types of the same evidence, so if we're being called via the Whidbey - // APIs, then allow the evidences to merge together. - AddHostEvidence(evidence, evidenceIndex, DuplicateEvidenceAction.Merge); - } - - [Obsolete("This method is obsolete. Please use AddAssemblyEvidence instead.")] - public void AddAssembly(object id) - { - if (id == null) - throw new ArgumentNullException("id"); - if (!id.GetType().IsSerializable) - throw new ArgumentException(Environment.GetResourceString("Policy_EvidenceMustBeSerializable"), "id"); - Contract.EndContractBlock(); - - EvidenceBase evidence = WrapLegacyEvidence(id); - Type evidenceIndex = GetEvidenceIndexType(evidence); - - // Whidbey allowed for multiple types of the same evidence, so if we're being called via the Whidbey - // APIs, then allow the evidences to merge together. - AddAssemblyEvidence(evidence, evidenceIndex, DuplicateEvidenceAction.Merge); - } - - /// <summary> - /// Add a piece of evidence to the assembly supplied evidence list. This method will disallow adding - /// evidence if there is already evidence of that type in the assembly list. - /// </summary> - [ComVisible(false)] - public void AddAssemblyEvidence<T>(T evidence) where T : EvidenceBase - { - if (evidence == null) - throw new ArgumentNullException("evidence"); - Contract.EndContractBlock(); - - // Index the evidence under the type that the Add function was called with, unless we were given - // a plain EvidenceBase or a wrapped legacy evidence. In that case, we need to index under a - // more specific type. - Type evidenceType = typeof(T); - if (typeof(T) == typeof(EvidenceBase) || evidence is ILegacyEvidenceAdapter) - { - evidenceType = GetEvidenceIndexType(evidence); - } - - AddAssemblyEvidence(evidence, evidenceType, DuplicateEvidenceAction.Throw); - } - - private void AddAssemblyEvidence(EvidenceBase evidence, Type evidenceType, DuplicateEvidenceAction duplicateAction) - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer)) - { - AddAssemblyEvidenceNoLock(evidence, evidenceType, duplicateAction); - } - } - - private void AddAssemblyEvidenceNoLock(EvidenceBase evidence, Type evidenceType, DuplicateEvidenceAction duplicateAction) - { - Contract.Assert(IsWriterLockHeld); - Contract.Assert(evidence != null); - Contract.Assert(evidenceType != null); - - // We need to make sure that any target supplied evidence is deserialized before adding to the - // Assembly collection in order to preserve the semantics that the evidence objects supplied by - // the target are the original versions and evidence objects added via the APIs are the duplicates. - DeserializeTargetEvidence(); - - EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(evidenceType, true); - - ++m_version; - if (descriptor.AssemblyEvidence == null) - { - descriptor.AssemblyEvidence = evidence; - } - else - { - descriptor.AssemblyEvidence = HandleDuplicateEvidence(descriptor.AssemblyEvidence, - evidence, - duplicateAction); - } - } - - /// <summary> - /// Add a piece of evidence to the host supplied evidence list. This method will disallow adding - /// evidence if there is already evidence of that type in the host list. - /// </summary> - [ComVisible(false)] - public void AddHostEvidence<T>(T evidence) where T : EvidenceBase - { - if (evidence == null) - throw new ArgumentNullException("evidence"); - Contract.EndContractBlock(); - - // Index the evidence under the type that the Add function was called with, unless we were given - // a plain EvidenceBase or a wrapped legacy evidence. In that case, we need to index under a - // more specific type. - Type evidenceType = typeof(T); - if (typeof(T) == typeof(EvidenceBase) || evidence is ILegacyEvidenceAdapter) - { - evidenceType = GetEvidenceIndexType(evidence); - } - - AddHostEvidence(evidence, evidenceType, DuplicateEvidenceAction.Throw); - } - - [SecuritySafeCritical] - private void AddHostEvidence(EvidenceBase evidence, Type evidenceType, DuplicateEvidenceAction duplicateAction) - { - Contract.Assert(evidence != null); - Contract.Assert(evidenceType != null); - - if (Locked) - { - new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand(); - } - - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer)) - { - AddHostEvidenceNoLock(evidence, evidenceType, duplicateAction); - } - } - - /// <summary> - /// Add evidence to the host supplied evidence collection without acquiring the evidence lock or - /// checking to make sure that the caller has permission to bypass locked evidence. - /// </summary> - private void AddHostEvidenceNoLock(EvidenceBase evidence, Type evidenceType, DuplicateEvidenceAction duplicateAction) - { - Contract.Assert(IsWriterLockHeld); - Contract.Assert(evidence != null); - Contract.Assert(evidenceType != null); - - EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(evidenceType, true); - - ++m_version; - if (descriptor.HostEvidence == null) - { - descriptor.HostEvidence = evidence; - } - else - { - descriptor.HostEvidence = HandleDuplicateEvidence(descriptor.HostEvidence, - evidence, - duplicateAction); - } - } - - /// <summary> - /// Ask the host for the types of evidence that it might provide if it is asked. - /// - /// This should only be called when setting up the Evidence collection to interact with the - /// host, and should not be used once that connection is established and the evidence has been - /// made available to user code. - /// </summary> - [SecurityCritical] - private void QueryHostForPossibleEvidenceTypes() - { -#if FEATURE_CAS_POLICY - Contract.Assert(IsWriterLockHeld); - - // First check to see if we have a HostSecurityManager - if (AppDomain.CurrentDomain.DomainManager != null) - { - HostSecurityManager hsm = AppDomain.CurrentDomain.DomainManager.HostSecurityManager; - if (hsm != null) - { - Type[] hostSuppliedTypes = null; - - AppDomain targetDomain = m_target.Target as AppDomain; - Assembly targetAssembly = m_target.Target as Assembly; - - // - // If the HostSecurityManager wants to supply evidence for the type of target that we have, - // then ask it what types of evidence it might supply. - // - - if (targetAssembly != null && - (hsm.Flags & HostSecurityManagerOptions.HostAssemblyEvidence) == HostSecurityManagerOptions.HostAssemblyEvidence) - { - hostSuppliedTypes = hsm.GetHostSuppliedAssemblyEvidenceTypes(targetAssembly); - } - else if (targetDomain != null && - (hsm.Flags & HostSecurityManagerOptions.HostAppDomainEvidence) == HostSecurityManagerOptions.HostAppDomainEvidence) - { - hostSuppliedTypes = hsm.GetHostSuppliedAppDomainEvidenceTypes(); - } - - // - // Finally, mark the descriptor for each of the types that the host can supply to indicate - // we should ask the host to generate them if we're asked. - // - - if (hostSuppliedTypes != null) - { - foreach (Type hostEvidenceType in hostSuppliedTypes) - { - EvidenceTypeDescriptor evidenceDescriptor = GetEvidenceTypeDescriptor(hostEvidenceType, true); - evidenceDescriptor.HostCanGenerate = true; - } - } - } - } -#endif // FEATURE_CAS_POLICY - } - - internal bool IsUnmodified - { - get { return m_version == 0; } - } - - /// <summary> - /// Set or check to see if the evidence is locked. Locked evidence cannot have its host supplied - /// evidence list be modified without a successful demand for ControlEvidence. Any code can lock - /// evidence, but only code with ControlEvidence may unlock it. - /// - /// This lock is not the same as the synchronization lock that gates access to the evidence collection. - /// </summary> - public bool Locked - { - get - { - return m_locked; - } - - [SecuritySafeCritical] - set - { - if (!value) - { - new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand(); - - m_locked = false; - } - else - { - m_locked = true; - } - } - } - - /// <summary> - /// Target of any delay generated evidence objects - /// </summary> - internal IRuntimeEvidenceFactory Target - { - get { return m_target; } - - // - // There are two retargeting scenarios supported: - // - // 1. A PEFileEvidenceFactory is being upgraded to an AssemblyEvidenceFactory and we don't want - // to throw away any already generated evidence. - // 2. A detached evidence collection is being applied to an AppDomain and that domain has a - // HostSecurityManager. In that case, we want to attach the target to the AppDomain to - // allow the HostSecurityManager to get callbacks for delay generated evidence. - // - - [SecurityCritical] - set - { -#if FEATURE_CAS_POLICY - Contract.Assert((m_target != null && m_target is PEFileEvidenceFactory && value != null && value is AssemblyEvidenceFactory) || - (m_target == null && value != null && value is AppDomainEvidenceFactory), - "Evidence retargeting should only be from PEFile -> Assembly or detached -> AppDomain."); -#endif // FEATURE_CAS_POLICY - - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer)) - { - m_target = value; - - // Since we've updated what we're pointing at, we need to query the host to determine what - // types of evidence that it can generate for this new target. - QueryHostForPossibleEvidenceTypes(); - } - } - } - - /// <summary> - /// Get the type that would be used to index into the evidence dictionary for this object - /// </summary> - private static Type GetEvidenceIndexType(EvidenceBase evidence) - { - Contract.Assert(evidence != null); - - // - // Legacy wrapper evidence types should be indexed via the type of evidence that they're wrapping - // so check to see if we have one of those; otherwise just return the type itself. - // - - ILegacyEvidenceAdapter adapter = evidence as ILegacyEvidenceAdapter; - return adapter == null ? evidence.GetType() : adapter.EvidenceType; - } - - /// <summary> - /// Get the type descriptor for a specific type of evidence. This method should be used instead - /// of accessing the dictionary directly as it will handle the case where a new descriptor needs - /// to be created. - /// </summary> - internal EvidenceTypeDescriptor GetEvidenceTypeDescriptor(Type evidenceType) - { - return GetEvidenceTypeDescriptor(evidenceType, false); - } - - /// <summary> - /// Get the type descriptor for a specific type of evidence, optionally creating a descriptor if - /// we did not yet know about this type of evidence. This method should be used instead of - /// accessing the dictionary directly as it will handle the case where a new descriptor needs - /// to be created. - /// </summary> - private EvidenceTypeDescriptor GetEvidenceTypeDescriptor(Type evidenceType, bool addIfNotExist) - { - Contract.Assert(IsReaderLockHeld || IsWriterLockHeld); - Contract.Assert(evidenceType != null); - - // If we don't know about the type being indexed and we don't want to add it then exit out - EvidenceTypeDescriptor descriptor = null; - if (!m_evidence.TryGetValue(evidenceType, out descriptor) && !addIfNotExist) - { - return null; - } - - // If we haven't yet created a descriptor for this type then create one now - if (descriptor == null) - { - descriptor = new EvidenceTypeDescriptor(); -#if _DEBUG - descriptor.SetEvidenceType(evidenceType); -#endif // _DEBUG - - bool upgradedLock = false; - LockCookie upgradeCookie = new LockCookie(); - try - { - if (!IsWriterLockHeld) - { - upgradeCookie = UpgradeToWriterLock(); - upgradedLock = true; - } - - m_evidence[evidenceType] = descriptor; - } - finally - { - if (upgradedLock) - DowngradeFromWriterLock(ref upgradeCookie); - } - } - - return descriptor; - } - - /// <summary> - /// This method is called if a piece of evidence is added but another piece of evidence of the same - /// type already existed. We have different strategies depending on compatibility concerns of the - /// calling code. - /// </summary> - private static EvidenceBase HandleDuplicateEvidence(EvidenceBase original, - EvidenceBase duplicate, - DuplicateEvidenceAction action) - { - Contract.Assert(original != null); - Contract.Assert(duplicate != null); - Contract.Assert(original.GetType() == duplicate.GetType() || original.GetType() == typeof(LegacyEvidenceList)); - - switch (action) - { - // Throw - duplicate evidence is not allowed (Arrowhead behavior), so throw an exception - case DuplicateEvidenceAction.Throw: - throw new InvalidOperationException(Environment.GetResourceString("Policy_DuplicateEvidence", duplicate.GetType().FullName)); - - // SelectNewObject - MergeWithNoDuplicates behavior - the duplicate object wins - case DuplicateEvidenceAction.SelectNewObject: - return duplicate; - - // Merge - compat behavior. Merge the old and new evidence into a list so that both may exist - case DuplicateEvidenceAction.Merge: - - LegacyEvidenceList list = original as LegacyEvidenceList; - if (list == null) - { - list = new LegacyEvidenceList(); - list.Add(original); - } - - list.Add(duplicate); - return list; - - default: - BCLDebug.Assert(false, "Uknown DuplicateEvidenceAction"); - return null; - } - } - - /// <summary> - /// Wrap evidence we recieved through a legacy API to ensure that it is stored in an EvidenceBase - /// </summary> - private static EvidenceBase WrapLegacyEvidence(object evidence) - { - Contract.Assert(evidence != null); - - EvidenceBase wrappedEvidence = evidence as EvidenceBase; - if (wrappedEvidence == null) - { - wrappedEvidence = new LegacyEvidenceWrapper(evidence); - } - - return wrappedEvidence; - } - - /// <summary> - /// Upwrap evidence stored in a legacy adapter. - /// - /// This is only necessary for the case where multiple objects derived from EvidenceBase is - /// are added via the legacy APIs and are then retrieved via GetHostEvidence. This may occur if - /// a legacy application adds CLR supplied evidence types via the old APIs and a new application - /// consumes the resulting evidence. - /// </summary> - private static object UnwrapEvidence(EvidenceBase evidence) - { - ILegacyEvidenceAdapter adapter = evidence as ILegacyEvidenceAdapter; - return adapter == null ? evidence : adapter.EvidenceObject; - } - - /// <summary> - /// Merge two evidence collections together. Note that this will cause all of the lazily - /// generated evidence for the input collection to be generated, as well as causing any lazily - /// generated evidence that both collections share to be generated in the target. - /// </summary> - [SecuritySafeCritical] - public void Merge(Evidence evidence) - { - if (evidence == null) - { - return; - } - - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer)) - { - bool checkedLock = false; - IEnumerator hostEnumerator = evidence.GetHostEnumerator(); - while (hostEnumerator.MoveNext()) - { - if (Locked && !checkedLock) - { - new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand(); - checkedLock = true; - } - - // If we could potentially have evidence of the type about to be merged into our host list, - // then make sure that we generate that evidence before merging. This will prevent the - // newly merged evidence from masking the value that we would have generated on our own. - Type hostEvidenceType = hostEnumerator.Current.GetType(); - if (m_evidence.ContainsKey(hostEvidenceType)) - { - GetHostEvidenceNoLock(hostEvidenceType); - } - - EvidenceBase hostEvidence = WrapLegacyEvidence(hostEnumerator.Current); - AddHostEvidenceNoLock(hostEvidence, - GetEvidenceIndexType(hostEvidence), - DuplicateEvidenceAction.Merge); - } - - // Add each piece of assembly evidence. We don't need to deserialize our copy of the - // evidence because AddAssemblyEvidenceNoLock will do this for us. - IEnumerator assemblyEnumerator = evidence.GetAssemblyEnumerator(); - while (assemblyEnumerator.MoveNext()) - { - EvidenceBase assemblyEvidence = WrapLegacyEvidence(assemblyEnumerator.Current); - AddAssemblyEvidenceNoLock(assemblyEvidence, - GetEvidenceIndexType(assemblyEvidence), - DuplicateEvidenceAction.Merge); - } - } - } - - /// <summary> - /// Same as merge, except only one instance of any one evidence type is allowed. When duplicates - /// are found, the evidence in the input argument will have priority. Note this will force the - /// entire input evidence to be generated, and does not check for locked evidence - /// </summary> - internal void MergeWithNoDuplicates(Evidence evidence) - { - if (evidence == null) - { - return; - } - - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer)) - { - IEnumerator hostEnumerator = evidence.GetHostEnumerator(); - while (hostEnumerator.MoveNext()) - { - EvidenceBase hostEvidence = WrapLegacyEvidence(hostEnumerator.Current); - AddHostEvidenceNoLock(hostEvidence, - GetEvidenceIndexType(hostEvidence), - DuplicateEvidenceAction.SelectNewObject); - } - - IEnumerator assemblyEnumerator = evidence.GetAssemblyEnumerator(); - while (assemblyEnumerator.MoveNext()) - { - EvidenceBase assemblyEvidence = WrapLegacyEvidence(assemblyEnumerator.Current); - AddAssemblyEvidenceNoLock(assemblyEvidence, - GetEvidenceIndexType(assemblyEvidence), - DuplicateEvidenceAction.SelectNewObject); - } - } - } - -#if FEATURE_SERIALIZATION - /// <summary> - /// Do a full serialization of the evidence, which requires that we generate all of the evidence - /// we can and disconnect ourselves from the host and source assembly. - /// </summary> - [ComVisible(false)] - [OnSerializing] - [SecurityCritical] - [PermissionSet(SecurityAction.Assert, Unrestricted = true)] - private void OnSerializing(StreamingContext context) - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - // First, force all of the host evidence that might be lazily generated to be created - foreach (Type evidenceType in new List<Type>(m_evidence.Keys)) - { - GetHostEvidenceNoLock(evidenceType); - } - - // Also ensure that all serialized assembly evidence has been created - DeserializeTargetEvidence(); - } - - // Fill in legacy evidence lists. We can't guarantee thread-safety here using locks - // because we can't put a lock in the serialization code that will read the lists. - // The best we can do is prevent another thread from seeing a half-populated list. - // Therefore, we assign the lists after we've populated them fully (and declare them volatile.) - ArrayList hostList = new ArrayList(); - IEnumerator hostEnumerator = GetHostEnumerator(); - while (hostEnumerator.MoveNext()) - { - hostList.Add(hostEnumerator.Current); - } - m_hostList = hostList; - - ArrayList assemblyList = new ArrayList(); - IEnumerator assemblyEnumerator = GetAssemblyEnumerator(); - while (assemblyEnumerator.MoveNext()) - { - assemblyList.Add(assemblyEnumerator.Current); - } - m_assemblyList = assemblyList; - } - - /// <summary> - /// Finish deserializing legacy evidence - /// </summary> - [ComVisible(false)] - [OnDeserialized] - [SecurityCritical] - private void OnDeserialized(StreamingContext context) - { - // Look at host and assembly evidence lists only if we serialized using Whidbey. - if (m_evidence == null) - { - m_evidence = new Dictionary<Type, EvidenceTypeDescriptor>(); - - // Whidbey evidence may need to be wrapped or added to a LegacyEvidenceList, so we go - // through the legacy APIs to add them. -#pragma warning disable 618 - if (m_hostList != null) - { - foreach (object evidenceObject in m_hostList) - { - if (evidenceObject != null) - { - AddHost(evidenceObject); - } - } - - m_hostList = null; - } - - if (m_assemblyList != null) - { - foreach (object evidenceObject in m_assemblyList) - { - if (evidenceObject != null) - { - AddAssembly(evidenceObject); - } - } - - m_assemblyList = null; - } -#pragma warning restore 618 - } - - // see code:System.Security.Policy.Evidence#EvidenceLock - m_evidenceLock = new ReaderWriterLock(); - } -#endif // FEATURE_SERIALIZATION - - /// <summary> - /// Load any serialized evidence out of the target assembly into our evidence collection. - /// - /// We allow entry to this method with only a reader lock held, since most of the time we will - /// not need to write to the evidence dictionary. If we haven't yet deserialized the target - /// evidence, then we will upgrade to a writer lock at that point. - /// </summary> - private void DeserializeTargetEvidence() - { -#if FEATURE_SERIALIZATION - Contract.Assert(IsReaderLockHeld || IsWriterLockHeld); - - if (m_target != null && !m_deserializedTargetEvidence) - { - bool upgradedLock = false; - LockCookie lockCookie = new LockCookie(); - try - { - if (!IsWriterLockHeld) - { - lockCookie = UpgradeToWriterLock(); - upgradedLock = true; - } - - // Set this to true here because AddAssemblyEvidenceNoLock will attempt to reenter this - // method creating possible infinite recursion. - m_deserializedTargetEvidence = true; - - foreach (EvidenceBase targetEvidence in m_target.GetFactorySuppliedEvidence()) - { - AddAssemblyEvidenceNoLock(targetEvidence, GetEvidenceIndexType(targetEvidence), DuplicateEvidenceAction.Throw); - } - } - finally - { - if (upgradedLock) - DowngradeFromWriterLock(ref lockCookie); - } - } -#endif // FEATURE_SERIALIZATION - } - -#if FEATURE_SERIALIZATION - /// <summary> - /// Serialize out raw evidence objects which have already been generated, ignoring any evidence - /// which might be present but has not yet been created for this assembly. - /// - /// This is used for indexing into the security policy cache, since we know that once policy is - /// resolved, the relevent membership conditions will have checked for any applicable evidence - /// and therefore after poliyc resolution this evidence collection will contain any evidence - /// objects necessary to arrive at its grant set. - /// </summary> - [SecurityCritical] - internal byte[] RawSerialize() - { - try - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - // Filter out any evidence which is not yet generated - Dictionary<Type, EvidenceBase> generatedEvidence = new Dictionary<Type, EvidenceBase>(); - foreach (KeyValuePair<Type, EvidenceTypeDescriptor> evidenceType in m_evidence) - { - if (evidenceType.Value != null && evidenceType.Value.HostEvidence != null) - { - generatedEvidence[evidenceType.Key] = evidenceType.Value.HostEvidence; - } - } - - using (MemoryStream serializationStream = new MemoryStream()) - { - BinaryFormatter formatter = new BinaryFormatter(); - formatter.Serialize(serializationStream, generatedEvidence); - return serializationStream.ToArray(); - } - } - } - catch (SecurityException) - { - // We're running in a context where it's not safe to serialize the evidence out. In this case - // Simply decline to cache the result of the policy evaluation - return null; - } - } -#endif // FEATURE_SERIALIZATION - - // - // ICollection implementation. All ICollection interface members are potentially much more - // expensive in Arrowhead then they were downlevel. They should not be used if the standard Get and - // Add methods will work instead. - // - - [Obsolete("Evidence should not be treated as an ICollection. Please use the GetHostEnumerator and GetAssemblyEnumerator methods rather than using CopyTo.")] - public void CopyTo(Array array, int index) - { - if (array == null) - throw new ArgumentNullException("array"); - if (index < 0 || index > array.Length - Count) - throw new ArgumentOutOfRangeException("index"); - Contract.EndContractBlock(); - - int currentIndex = index; - - IEnumerator hostEnumerator = GetHostEnumerator(); - while (hostEnumerator.MoveNext()) - { - array.SetValue(hostEnumerator.Current, currentIndex); - ++currentIndex; - } - - IEnumerator assemblyEnumerator = GetAssemblyEnumerator(); - while (assemblyEnumerator.MoveNext()) - { - array.SetValue(assemblyEnumerator.Current, currentIndex); - ++currentIndex; - } - } - - public IEnumerator GetHostEnumerator() - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - return new EvidenceEnumerator(this, EvidenceEnumerator.Category.Host); - } - } - - public IEnumerator GetAssemblyEnumerator() - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - DeserializeTargetEvidence(); - return new EvidenceEnumerator(this, EvidenceEnumerator.Category.Assembly); - } - } - - /// <summary> - /// Get an enumerator that can iterate over the raw evidence objects stored for the assembly - /// </summary> - internal RawEvidenceEnumerator GetRawAssemblyEvidenceEnumerator() - { - Contract.Assert(IsReaderLockHeld); - DeserializeTargetEvidence(); - return new RawEvidenceEnumerator(this, new List<Type>(m_evidence.Keys), false); - } - - /// <summary> - /// Get an enumerator that can iterate over the raw evidence objects stored for the host - /// </summary> - /// <returns></returns> - internal RawEvidenceEnumerator GetRawHostEvidenceEnumerator() - { - Contract.Assert(IsReaderLockHeld); - return new RawEvidenceEnumerator(this, new List<Type>(m_evidence.Keys), true); - } - - [Obsolete("GetEnumerator is obsolete. Please use GetAssemblyEnumerator and GetHostEnumerator instead.")] - public IEnumerator GetEnumerator() - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - return new EvidenceEnumerator(this, EvidenceEnumerator.Category.Host | EvidenceEnumerator.Category.Assembly); - } - } - - /// <summary> - /// Get a specific type of assembly supplied evidence - /// </summary> - [ComVisible(false)] - public T GetAssemblyEvidence<T>() where T : EvidenceBase - { - return UnwrapEvidence(GetAssemblyEvidence(typeof(T))) as T; - } - - internal EvidenceBase GetAssemblyEvidence(Type type) - { - Contract.Assert(type != null); - - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - return GetAssemblyEvidenceNoLock(type); - } - } - - private EvidenceBase GetAssemblyEvidenceNoLock(Type type) - { - Contract.Assert(IsReaderLockHeld || IsWriterLockHeld); - Contract.Assert(type != null); - - DeserializeTargetEvidence(); - EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(type); - if (descriptor != null) - { - return descriptor.AssemblyEvidence; - } - - return null; - } - - /// <summary> - /// Get a specific type of host supplied evidence - /// </summary> - [ComVisible(false)] - public T GetHostEvidence<T>() where T : EvidenceBase - { - return UnwrapEvidence(GetHostEvidence(typeof(T))) as T; - } - - /// <summary> - /// Get a specific type of evidence from the host which may not have been verified yet. If the - /// evidence was not verified, then don't mark it as being used yet. - /// </summary> - internal T GetDelayEvaluatedHostEvidence<T>() where T : EvidenceBase, IDelayEvaluatedEvidence - { - return UnwrapEvidence(GetHostEvidence(typeof(T), false)) as T; - } - - internal EvidenceBase GetHostEvidence(Type type) - { - Contract.Assert(type != null); - - return GetHostEvidence(type, true); - } - - [SecuritySafeCritical] - private EvidenceBase GetHostEvidence(Type type, bool markDelayEvaluatedEvidenceUsed) - { - Contract.Assert(type != null); - - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - EvidenceBase evidence = GetHostEvidenceNoLock(type); - - if (markDelayEvaluatedEvidenceUsed) - { - IDelayEvaluatedEvidence delayEvidence = evidence as IDelayEvaluatedEvidence; - if (delayEvidence != null) - { - delayEvidence.MarkUsed(); - } - } - - return evidence; - } - } - - /// <summary> - /// Get host supplied evidence from the collection - /// - /// We attempt to find host evdience in the following order: - /// - /// 1. Already generated or explicitly supplied evidence - /// 2. Evidence supplied by the CLR host - /// 3. Evidence supplied by the CLR itself - /// </summary> - [SecurityCritical] - private EvidenceBase GetHostEvidenceNoLock(Type type) - { - Contract.Assert(IsReaderLockHeld || IsWriterLockHeld); - Contract.Assert(type != null); - - EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(type); - - // If the evidence descriptor doesn't exist for the host evidence type than the evidence doesn't - // exist and neither the host nor the runtime can produce it. - if (descriptor == null) - { - return null; - } - - // If the evidence has already been generated or if it was explicitly provided then return that - if (descriptor.HostEvidence != null) - { - return descriptor.HostEvidence; - } - - // If we have a target, then the host or the runtime might be able to generate this type of - // evidence on demand. - if (m_target != null && !descriptor.Generated) - { - using (EvidenceUpgradeLockHolder lockHolder = new EvidenceUpgradeLockHolder(this)) - { - // Make sure that we don't attempt to generate this type of evidencea again if we fail to - // generate it now. - descriptor.Generated = true; - - EvidenceBase generatedEvidence = GenerateHostEvidence(type, descriptor.HostCanGenerate); - if (generatedEvidence != null) - { - descriptor.HostEvidence = generatedEvidence; - - // - // #BackpatchGeneratedEvidence - // - // If we were cloned from another evidence collection propigate any generated evidence - // back to the original collection. Since Assembly and AppDomain both clone their - // evidence before giving it to users, this prevents us from having to regenerate - // evidence types on each clone that gets created. Note that we do not want to do this - // backpatching if the origin already has evidence of this type or if it has had - // this type of evidence removed from its collection. - // - - Evidence cloneOrigin = m_cloneOrigin != null ? m_cloneOrigin.Target as Evidence : null; - if (cloneOrigin != null) - { - BCLDebug.Assert(cloneOrigin.Target != null && cloneOrigin.Target == Target, - "Attempt to backpatch evidence to a collection with a different target."); - - using (EvidenceLockHolder cloneLockHolder = new EvidenceLockHolder(cloneOrigin, EvidenceLockHolder.LockType.Writer)) - { - EvidenceTypeDescriptor cloneDescriptor = cloneOrigin.GetEvidenceTypeDescriptor(type); - if (cloneDescriptor != null && cloneDescriptor.HostEvidence == null) - { - cloneDescriptor.HostEvidence = generatedEvidence.Clone() as EvidenceBase; - } - } - } - - } - - return generatedEvidence; - } - } - - // The evidence could not be generated and was not found - return null; - } - - /// <summary> - /// Attempt to generate host evidence on demand via calls to the runtime host or the evidence facotry - /// </summary> - [SecurityCritical] - private EvidenceBase GenerateHostEvidence(Type type, bool hostCanGenerate) - { - Contract.Assert(type != null); - Contract.Assert(IsWriterLockHeld); - -#if FEATURE_CAS_POLICY - // First let the host generate the evidence if it can. - if (hostCanGenerate) - { - AppDomain targetDomain = m_target.Target as AppDomain; - Assembly targetAssembly = m_target.Target as Assembly; - - EvidenceBase hostEvidence = null; - if (targetDomain != null) - { - hostEvidence = AppDomain.CurrentDomain.HostSecurityManager.GenerateAppDomainEvidence(type); - } - else if (targetAssembly != null) - { - hostEvidence = AppDomain.CurrentDomain.HostSecurityManager.GenerateAssemblyEvidence(type, targetAssembly); - } - - // If the host generated the evidence, verify that it generated the evidence we expected - // and use that. - if (hostEvidence != null) - { - if (!type.IsAssignableFrom(hostEvidence.GetType())) - { - string hostType = AppDomain.CurrentDomain.HostSecurityManager.GetType().FullName; - string recievedType = hostEvidence.GetType().FullName; - string requestedType = type.FullName; - - throw new InvalidOperationException(Environment.GetResourceString("Policy_IncorrectHostEvidence", hostType, recievedType, requestedType)); - } - - return hostEvidence; - } - } -#endif // FEATURE_CAS_POLICY - - // Finally, check to see if the CLR can generate the evidence - return m_target.GenerateEvidence(type); - } - - [Obsolete("Evidence should not be treated as an ICollection. Please use GetHostEnumerator and GetAssemblyEnumerator to iterate over the evidence to collect a count.")] - public int Count - { - get - { - int count = 0; - - IEnumerator hostEvidence = GetHostEnumerator(); - while (hostEvidence.MoveNext()) - { - ++count; - } - - IEnumerator assemblyEvidence = GetAssemblyEnumerator(); - while (assemblyEvidence.MoveNext()) - { - ++count; - } - - return count; - } - } - - /// <summary> - /// Get the number of pieces of evidence which are currently generated, without causing any - /// lazily generated evidence to be created. - /// </summary> - [ComVisible(false)] - internal int RawCount - { - get - { - int count = 0; - - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - foreach (Type evidenceType in new List<Type>(m_evidence.Keys)) - { - EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(evidenceType); - - if (descriptor != null) - { - if (descriptor.AssemblyEvidence != null) - { - ++count; - } - if (descriptor.HostEvidence != null) - { - ++count; - } - } - } - } - - return count; - } - } - - public Object SyncRoot - { - get { return this; } - } - - public bool IsSynchronized - { - get { return true; } - } - - public bool IsReadOnly - { - get { return false; } - } - -#if FEATURE_CAS_POLICY - [ComVisible(false)] - public Evidence Clone() - { - return new Evidence(this); - } -#endif // FEATURE_CAS_POLICY - - [ComVisible(false)] - [SecuritySafeCritical] - public void Clear() - { - if (Locked) - { - new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand(); - } - - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer)) - { - ++m_version; - m_evidence.Clear(); - } - } - - [ComVisible(false)] - [SecuritySafeCritical] - public void RemoveType(Type t) - { - if (t == null) - throw new ArgumentNullException("t"); - Contract.EndContractBlock(); - - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Writer)) - { - EvidenceTypeDescriptor descriptor = GetEvidenceTypeDescriptor(t); - if (descriptor != null) - { - ++m_version; - - // If we've locked this evidence collection, we need to do the lock check in the case that - // either we have host evidence, or that the host might generate it, since removing the - // evidence will cause us to bypass the host's ability to ever generate the evidence. - if (Locked && (descriptor.HostEvidence != null || descriptor.HostCanGenerate)) - { - new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand(); - } - - m_evidence.Remove(t); - } - } - } - - /// <summary> - /// Mark all of the already generated evidence in the collection as having been used during a - /// policy evaluation. - /// </summary> - internal void MarkAllEvidenceAsUsed() - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - foreach (KeyValuePair<Type, EvidenceTypeDescriptor> evidenceType in m_evidence) - { - if (evidenceType.Value != null) - { - IDelayEvaluatedEvidence hostEvidence = evidenceType.Value.HostEvidence as IDelayEvaluatedEvidence; - if (hostEvidence != null) - { - hostEvidence.MarkUsed(); - } - - IDelayEvaluatedEvidence assemblyEvidence = evidenceType.Value.AssemblyEvidence as IDelayEvaluatedEvidence; - if (assemblyEvidence != null) - { - assemblyEvidence.MarkUsed(); - } - } - } - } - } - -#if FEATURE_CAS_POLICY - /// <summary> - /// Determine if delay evaluated strong name evidence is contained in this collection, and if so - /// if it was used during policy evaluation. - /// - /// This method is called from the VM in SecurityPolicy::WasStrongNameEvidenceUsed - /// This class should be used as an adapter layer to allow the public facing EvidenceEnumerator to - /// be able to get the evidence values out of an Evidence class. It is tightly coupled with the - /// internal data structures holding the evidence objects in the Evidence class. - /// </summary> - private bool WasStrongNameEvidenceUsed() - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(this, EvidenceLockHolder.LockType.Reader)) - { - EvidenceTypeDescriptor snTypeDescriptor = GetEvidenceTypeDescriptor(typeof(StrongName)); - if (snTypeDescriptor != null) - { - IDelayEvaluatedEvidence snEvidence = snTypeDescriptor.HostEvidence as IDelayEvaluatedEvidence; - return snEvidence != null && snEvidence.WasUsed; - } - - return false; - } - } -#endif // FEATURE_CAS_POLICY - - /// <summary> - /// Utility class to wrap acquiring a lock onto the evidence collection - /// </summary> - private class EvidenceLockHolder : IDisposable - { - private Evidence m_target; - private LockType m_lockType; - - public enum LockType - { - Reader, - Writer - } - - public EvidenceLockHolder(Evidence target, LockType lockType) - { - Contract.Assert(target != null); - Contract.Assert(lockType == LockType.Reader || lockType == LockType.Writer); - - m_target = target; - m_lockType = lockType; - - if (m_lockType == LockType.Reader) - { - m_target.AcquireReaderLock(); - } - else - { - m_target.AcquireWriterlock(); - } - } - - public void Dispose() - { - if (m_lockType == LockType.Reader && m_target.IsReaderLockHeld) - { - m_target.ReleaseReaderLock(); - } - else if (m_lockType == LockType.Writer && m_target.IsWriterLockHeld) - { - m_target.ReleaseWriterLock(); - } - } - } - - /// <summary> - /// Utility class to wrap upgrading an acquired reader lock to a writer lock and then - /// downgrading it back to a reader lock. - /// </summary> - private class EvidenceUpgradeLockHolder : IDisposable - { - private Evidence m_target; - private LockCookie m_cookie; - - public EvidenceUpgradeLockHolder(Evidence target) - { - Contract.Assert(target != null); - - m_target = target; - m_cookie = m_target.UpgradeToWriterLock(); - } - - public void Dispose() - { - if (m_target.IsWriterLockHeld) - { - m_target.DowngradeFromWriterLock(ref m_cookie); - } - } - } - - /// <summary> - /// Enumerator that iterates directly over the evidence type map, returning back the evidence objects - /// that are contained in it. This enumerator will generate any lazy evaluated evidence it finds, - /// but it does not attempt to deal with legacy evidence adapters. - /// - /// This class should be used as an adapter layer to allow the public facing EvidenceEnumerator to - /// be able to get the evidence values out of an Evidence class. It is tightly coupled with the - /// internal data structures holding the evidence objects in the Evidence class. - /// </summary> - internal sealed class RawEvidenceEnumerator : IEnumerator<EvidenceBase> - { - private Evidence m_evidence; - private bool m_hostEnumerator; // true to enumerate host evidence, false to enumerate assembly evidence - private uint m_evidenceVersion; - - private Type[] m_evidenceTypes; - private int m_typeIndex; - private EvidenceBase m_currentEvidence; - - private static volatile List<Type> s_expensiveEvidence; - - public RawEvidenceEnumerator(Evidence evidence, IEnumerable<Type> evidenceTypes, bool hostEnumerator) - { - Contract.Assert(evidence != null); - Contract.Assert(evidenceTypes != null); - - m_evidence = evidence; - m_hostEnumerator = hostEnumerator; - m_evidenceTypes = GenerateEvidenceTypes(evidence, evidenceTypes, hostEnumerator); - m_evidenceVersion = evidence.m_version; - - Reset(); - } - - public EvidenceBase Current - { - get - { - if (m_evidence.m_version != m_evidenceVersion) - throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumFailedVersion")); - - return m_currentEvidence; - } - } - - object IEnumerator.Current - { - get - { - if (m_evidence.m_version != m_evidenceVersion) - throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumFailedVersion")); - - return m_currentEvidence; - } - } - - /// <summary> - /// List of types of evidence that we would like to avoid generating if possible - /// </summary> - private static List<Type> ExpensiveEvidence - { - get - { - if (s_expensiveEvidence == null) - { - List<Type> expensiveEvidence = new List<Type>(); -#if FEATURE_CAS_POLICY - expensiveEvidence.Add(typeof(Hash)); - expensiveEvidence.Add(typeof(Publisher)); -#endif // FEATURE_CAS_POLICY - s_expensiveEvidence = expensiveEvidence; - -#if _DEBUG - List<Type> runtimeTypes = new List<Type>(Evidence.RuntimeEvidenceTypes); - foreach (Type expensiveType in s_expensiveEvidence) - { - BCLDebug.Assert(runtimeTypes.Contains(expensiveType), - "Evidence type not generated by the runtime found in expensive evidence type list"); - } -#endif // _DEBUG - } - - return s_expensiveEvidence; - } - } - - public void Dispose() - { - return; - } - - /// <summary> - /// Generate the array of types of evidence that could have values for - /// </summary> - private static Type[] GenerateEvidenceTypes(Evidence evidence, - IEnumerable<Type> evidenceTypes, - bool hostEvidence) - { - Contract.Assert(evidence != null); - Contract.Assert(evidenceTypes != null); - - // - // Sort the evidence being generated into three categories, which we enumerate in order: - // 1. Evidence which has already been generated - // 2. Evidence which is relatively inexpensive to generate - // 3. Evidence which is expensive to generate. - // - // This allows us to be as efficient as possible in case the user of the enumerator stops the - // enumeration before we step up to the next more expensive category. - // - - List<Type> alreadyGeneratedList = new List<Type>(); - List<Type> inexpensiveList = new List<Type>(); - List<Type> expensiveList = new List<Type>(ExpensiveEvidence.Count); - - // Iterate over the evidence types classifying into the three groups. We need to copy the list - // here since GetEvidenceTypeDescriptor will potentially update the evidence dictionary, which - // evidenceTypes iterates over. - foreach (Type evidenceType in evidenceTypes) - { - EvidenceTypeDescriptor descriptor = evidence.GetEvidenceTypeDescriptor(evidenceType); - BCLDebug.Assert(descriptor != null, "descriptor != null"); - - bool alreadyGenerated = (hostEvidence && descriptor.HostEvidence != null) || - (!hostEvidence && descriptor.AssemblyEvidence != null); - - if (alreadyGenerated) - { - alreadyGeneratedList.Add(evidenceType); - } - else if (ExpensiveEvidence.Contains(evidenceType)) - { - expensiveList.Add(evidenceType); - } - else - { - inexpensiveList.Add(evidenceType); - } - } - - Type[] enumerationTypes = new Type[alreadyGeneratedList.Count + inexpensiveList.Count + expensiveList.Count]; - alreadyGeneratedList.CopyTo(enumerationTypes, 0); - inexpensiveList.CopyTo(enumerationTypes, alreadyGeneratedList.Count); - expensiveList.CopyTo(enumerationTypes, alreadyGeneratedList.Count + inexpensiveList.Count); - - return enumerationTypes; - } - - [SecuritySafeCritical] - public bool MoveNext() - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(m_evidence, EvidenceLockHolder.LockType.Reader)) - { - if (m_evidence.m_version != m_evidenceVersion) - throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumFailedVersion")); - - m_currentEvidence = null; - - // Iterate over the possible types of evidence that we could have until we find one that - // really exists, or we run out of posibilities. - do - { - ++m_typeIndex; - - if (m_typeIndex < m_evidenceTypes.Length) - { - if (m_hostEnumerator) - { - m_currentEvidence = m_evidence.GetHostEvidenceNoLock(m_evidenceTypes[m_typeIndex]); - } - else - { - m_currentEvidence = m_evidence.GetAssemblyEvidenceNoLock(m_evidenceTypes[m_typeIndex]); - } - } - } - while (m_typeIndex < m_evidenceTypes.Length && m_currentEvidence == null); - } - - return m_currentEvidence != null; - } - - public void Reset() - { - if (m_evidence.m_version != m_evidenceVersion) - throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumFailedVersion")); - - m_typeIndex = -1; - m_currentEvidence = null; - } - } - - private sealed class EvidenceEnumerator : IEnumerator - { - private Evidence m_evidence; - private Category m_category; - private Stack m_enumerators; - - private object m_currentEvidence; - - [Flags] - internal enum Category - { - Host = 0x1, // Enumerate only host supplied evidence - Assembly = 0x2 // Enumerate only assembly supplied evidence - } - - internal EvidenceEnumerator(Evidence evidence, Category category) - { - Contract.Assert(evidence != null); - Contract.Assert(evidence.IsReaderLockHeld); - - m_evidence = evidence; - m_category = category; - ResetNoLock(); - } - - public bool MoveNext() - { - IEnumerator currentEnumerator = CurrentEnumerator; - - // No more enumerators means we can't go any further - if (currentEnumerator == null) - { - m_currentEvidence = null; - return false; - } - - // See if the current enumerator can continue - if (currentEnumerator.MoveNext()) - { - // - // If we've found an adapter for legacy evidence, we need to unwrap it for it to be the - // current enumerator's value. For wrapped evidence, this is a simple unwrap, for a list of - // evidence, we need to make that the current enumerator and get its first value. - // - - LegacyEvidenceWrapper legacyWrapper = currentEnumerator.Current as LegacyEvidenceWrapper; - LegacyEvidenceList legacyList = currentEnumerator.Current as LegacyEvidenceList; - - if (legacyWrapper != null) - { - m_currentEvidence = legacyWrapper.EvidenceObject; - } - else if (legacyList != null) - { - IEnumerator legacyListEnumerator = legacyList.GetEnumerator(); - m_enumerators.Push(legacyListEnumerator); - MoveNext(); - } - else - { - m_currentEvidence = currentEnumerator.Current; - } - - BCLDebug.Assert(m_currentEvidence != null, "m_currentEvidence != null"); - return true; - } - else - { - // If we've reached the end of the current enumerator, move to the next one and try again - m_enumerators.Pop(); - return MoveNext(); - } - } - - public object Current - { - get { return m_currentEvidence; } - } - - private IEnumerator CurrentEnumerator - { - get - { - return m_enumerators.Count > 0 ? m_enumerators.Peek() as IEnumerator : null; - } - } - - public void Reset() - { - using (EvidenceLockHolder lockHolder = new EvidenceLockHolder(m_evidence, EvidenceLockHolder.LockType.Reader)) - { - ResetNoLock(); - } - } - - private void ResetNoLock() - { - Contract.Assert(m_evidence != null); - Contract.Assert(m_evidence.IsReaderLockHeld); - - m_currentEvidence = null; - m_enumerators = new Stack(); - - if ((m_category & Category.Host) == Category.Host) - { - m_enumerators.Push(m_evidence.GetRawHostEvidenceEnumerator()); - } - if ((m_category & Category.Assembly) == Category.Assembly) - { - m_enumerators.Push(m_evidence.GetRawAssemblyEvidenceEnumerator()); - } - } - } -#endif //!FEATURE_CORECLR && FEATURE_RWLOCK } } diff --git a/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs b/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs index f142ebea2a..7fef1ded3c 100644 --- a/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs +++ b/src/mscorlib/src/System/Security/Policy/EvidenceBase.cs @@ -7,6 +7,7 @@ using System; using System.Collections; using System.Collections.Generic; +using System.Diagnostics; using System.Diagnostics.Contracts; using System.IO; using System.Runtime.InteropServices; @@ -22,9 +23,6 @@ namespace System.Security.Policy /// </summary> [ComVisible(true)] [Serializable] -#pragma warning disable 618 - [PermissionSet(SecurityAction.InheritanceDemand, Unrestricted = true)] -#pragma warning restore 618 public abstract class EvidenceBase { protected EvidenceBase() @@ -44,11 +42,6 @@ namespace System.Security.Policy /// Since legacy evidence objects would be cloned by being serialized, the default implementation /// of EvidenceBase will do the same. /// </remarks> -#pragma warning disable 618 - [SecurityPermission(SecurityAction.Assert, SerializationFormatter = true)] - [PermissionSet(SecurityAction.InheritanceDemand, Unrestricted = true)] -#pragma warning restore 618 - [SecuritySafeCritical] public virtual EvidenceBase Clone() { #if FEATURE_SERIALIZATION @@ -86,9 +79,9 @@ namespace System.Security.Policy internal LegacyEvidenceWrapper(object legacyEvidence) { - Contract.Assert(legacyEvidence != null); - Contract.Assert(legacyEvidence.GetType() != typeof(EvidenceBase), "Attempt to wrap an EvidenceBase in a LegacyEvidenceWrapper"); - Contract.Assert(legacyEvidence.GetType().IsSerializable, "legacyEvidence.GetType().IsSerializable"); + Debug.Assert(legacyEvidence != null); + Debug.Assert(legacyEvidence.GetType() != typeof(EvidenceBase), "Attempt to wrap an EvidenceBase in a LegacyEvidenceWrapper"); + Debug.Assert(legacyEvidence.GetType().IsSerializable, "legacyEvidence.GetType().IsSerializable"); m_legacyEvidence = legacyEvidence; } @@ -113,10 +106,6 @@ namespace System.Security.Policy return m_legacyEvidence.GetHashCode(); } -#pragma warning disable 618 - [SecurityPermission(SecurityAction.Demand, SerializationFormatter = true)] -#pragma warning restore 618 - [SecuritySafeCritical] public override EvidenceBase Clone() { return base.Clone(); @@ -153,7 +142,7 @@ namespace System.Security.Policy { get { - Contract.Assert(m_legacyEvidenceList.Count > 0, "No items in LegacyEvidenceList, cannot tell what type they are"); + Debug.Assert(m_legacyEvidenceList.Count > 0, "No items in LegacyEvidenceList, cannot tell what type they are"); ILegacyEvidenceAdapter adapter = m_legacyEvidenceList[0] as ILegacyEvidenceAdapter; return adapter == null ? m_legacyEvidenceList[0].GetType() : adapter.EvidenceType; @@ -162,10 +151,10 @@ namespace System.Security.Policy public void Add(EvidenceBase evidence) { - Contract.Assert(evidence != null); - Contract.Assert(m_legacyEvidenceList.Count == 0 || EvidenceType == evidence.GetType() || (evidence is LegacyEvidenceWrapper && (evidence as LegacyEvidenceWrapper).EvidenceType == EvidenceType), + Debug.Assert(evidence != null); + Debug.Assert(m_legacyEvidenceList.Count == 0 || EvidenceType == evidence.GetType() || (evidence is LegacyEvidenceWrapper && (evidence as LegacyEvidenceWrapper).EvidenceType == EvidenceType), "LegacyEvidenceList must be homogeonous"); - Contract.Assert(evidence.GetType() != typeof(LegacyEvidenceList), + Debug.Assert(evidence.GetType() != typeof(LegacyEvidenceList), "Attempt to add a legacy evidence list to another legacy evidence list"); m_legacyEvidenceList.Add(evidence); @@ -181,10 +170,6 @@ namespace System.Security.Policy return m_legacyEvidenceList.GetEnumerator(); } -#pragma warning disable 618 - [SecurityPermission(SecurityAction.Demand, SerializationFormatter = true)] -#pragma warning restore 618 - [SecuritySafeCritical] public override EvidenceBase Clone() { return base.Clone(); diff --git a/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs b/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs index bccf39218b..8deb145102 100644 --- a/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs +++ b/src/mscorlib/src/System/Security/Policy/EvidenceTypeDescriptor.cs @@ -41,7 +41,7 @@ namespace System.Security.Policy /// </summary> private EvidenceTypeDescriptor(EvidenceTypeDescriptor descriptor) { - Contract.Assert(descriptor != null); + Debug.Assert(descriptor != null); m_hostCanGenerate = descriptor.m_hostCanGenerate; @@ -68,9 +68,9 @@ namespace System.Security.Policy set { - Contract.Assert(value != null); + Debug.Assert(value != null); #if _DEBUG - Contract.Assert(CheckEvidenceType(value), "Incorrect type of AssemblyEvidence set"); + Debug.Assert(CheckEvidenceType(value), "Incorrect type of AssemblyEvidence set"); #endif m_assemblyEvidence = value; } @@ -85,7 +85,7 @@ namespace System.Security.Policy set { - Contract.Assert(value, "Attempt to clear the Generated flag"); + Debug.Assert(value, "Attempt to clear the Generated flag"); m_generated = value; } } @@ -99,7 +99,7 @@ namespace System.Security.Policy set { - Contract.Assert(value, "Attempt to clear HostCanGenerate flag"); + Debug.Assert(value, "Attempt to clear HostCanGenerate flag"); m_hostCanGenerate = value; } } @@ -113,9 +113,9 @@ namespace System.Security.Policy set { - Contract.Assert(value != null); + Debug.Assert(value != null); #if _DEBUG - Contract.Assert(CheckEvidenceType(value), "Incorrect type of HostEvidence set"); + Debug.Assert(CheckEvidenceType(value), "Incorrect type of HostEvidence set"); #endif m_hostEvidence = value; } @@ -127,7 +127,7 @@ namespace System.Security.Policy /// </summary> private bool CheckEvidenceType(EvidenceBase evidence) { - Contract.Assert(evidence != null); + Debug.Assert(evidence != null); ILegacyEvidenceAdapter legacyAdapter = evidence as ILegacyEvidenceAdapter; Type storedType = legacyAdapter == null ? evidence.GetType() : legacyAdapter.EvidenceType; @@ -150,8 +150,8 @@ namespace System.Security.Policy /// </summary> internal void SetEvidenceType(Type evidenceType) { - Contract.Assert(evidenceType != null); - Contract.Assert(m_evidenceType == null, "Attempt to reset evidence type"); + Debug.Assert(evidenceType != null); + Debug.Assert(m_evidenceType == null, "Attempt to reset evidence type"); m_evidenceType = evidenceType; } diff --git a/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs b/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs index 5bd36485db..8f8c07c9e4 100644 --- a/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs +++ b/src/mscorlib/src/System/Security/Policy/IDelayEvaluatedEvidence.cs @@ -18,7 +18,6 @@ namespace System.Security.Policy { /// </summary> bool IsVerified { - [System.Security.SecurityCritical] get; } diff --git a/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs b/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs index 72c07d1246..9b58ece9f1 100644 --- a/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs +++ b/src/mscorlib/src/System/Security/Policy/PolicyStatement.cs @@ -35,14 +35,6 @@ namespace System.Security.Policy { // The PermissionSet associated with this policy internal PermissionSet m_permSet; -#if FEATURE_CAS_POLICY - // Evidence which was not verified but which was required to generate this policy statement. - // This is not serialized, since once we serialize we lose the ability to verify the evidence, - // meaning that restoring this state is meaningless. - [NonSerialized] - private List<IDelayEvaluatedEvidence> m_dependentEvidence; -#endif - // The bitfield of inheritance properties associated with this policy internal PolicyStatementAttribute m_attributes; @@ -144,20 +136,13 @@ namespace System.Security.Policy { } } } - + public PolicyStatement Copy() { - PolicyStatement copy = new PolicyStatement(m_permSet, Attributes, true); // The PolicyStatement .ctor will copy the permission set -#if FEATURE_CAS_POLICY - if (HasDependentEvidence) - { - copy.m_dependentEvidence = new List<IDelayEvaluatedEvidence>(m_dependentEvidence); - } -#endif - - return copy; + // The PolicyStatement .ctor will copy the permission set + return new PolicyStatement(m_permSet, Attributes, true); } - + public String AttributeString { get @@ -199,44 +184,6 @@ namespace System.Security.Policy { return (flag & (int)m_attributes) != 0; } -#if FEATURE_CAS_POLICY - /// <summary> - /// Gets all of the delay evaluated evidence which needs to be verified before this policy can - /// be used. - /// </summary> - internal IEnumerable<IDelayEvaluatedEvidence> DependentEvidence - { - get - { - BCLDebug.Assert(HasDependentEvidence, "HasDependentEvidence"); - return m_dependentEvidence.AsReadOnly(); - } - } - - /// <summary> - /// Determine if this policy dependent upon the evaluation of any delay evaluated evidence - /// </summary> - internal bool HasDependentEvidence - { - get { return m_dependentEvidence != null && m_dependentEvidence.Count > 0; } - } - - /// <summary> - /// Add evidence which this policy statement is depending upon being verified to be valid. - /// </summary> - internal void AddDependentEvidence(IDelayEvaluatedEvidence dependentEvidence) - { - BCLDebug.Assert(dependentEvidence != null, "dependentEvidence != null"); - - if (m_dependentEvidence == null) - { - m_dependentEvidence = new List<IDelayEvaluatedEvidence>(); - } - - m_dependentEvidence.Add(dependentEvidence); - } -#endif - /// <summary> /// Union a child policy statement into this policy statement /// </summary> @@ -249,27 +196,6 @@ namespace System.Security.Policy { throw new PolicyException(Environment.GetResourceString( "Policy_MultipleExclusive" )); } -#if FEATURE_CAS_POLICY - // If our code group generated a grant set based upon unverified evidence, or it generated a grant - // set strictly less than that of a child group based upon unverified evidence, we need to keep - // track of any unverified evidence our child group has. - if (childPolicy.HasDependentEvidence) - { - bool childEvidenceNeedsVerification = m_permSet.IsSubsetOf(childPolicy.GetPermissionSetNoCopy()) && - !childPolicy.GetPermissionSetNoCopy().IsSubsetOf(m_permSet); - - if (HasDependentEvidence || childEvidenceNeedsVerification) - { - if (m_dependentEvidence == null) - { - m_dependentEvidence = new List<IDelayEvaluatedEvidence>(); - } - - m_dependentEvidence.AddRange(childPolicy.DependentEvidence); - } - } -#endif - // We need to merge together our grant set and attributes. The result of this merge is // dependent upon if we're merging a child marked exclusive or not. If the child is not // exclusive, we need to union in its grant set and or in its attributes. However, if the child @@ -287,226 +213,6 @@ namespace System.Security.Policy { } } -#if FEATURE_CAS_POLICY - - public SecurityElement ToXml() - { - return ToXml( null ); - } - - public void FromXml( SecurityElement et ) - { - FromXml( et, null ); - } - - public SecurityElement ToXml( PolicyLevel level ) - { - return ToXml( level, false ); - } - - internal SecurityElement ToXml( PolicyLevel level, bool useInternal ) - { - SecurityElement e = new SecurityElement( "PolicyStatement" ); - e.AddAttribute( "version", "1" ); - if (m_attributes != PolicyStatementAttribute.Nothing) - e.AddAttribute( "Attributes", XMLUtil.BitFieldEnumToString( typeof( PolicyStatementAttribute ), m_attributes ) ); - - lock (this) - { - if (m_permSet != null) - { - if (m_permSet is NamedPermissionSet) - { - // If the named permission set exists in the parent level of this - // policy struct, then just save the name of the permission set. - // Otherwise, serialize it like normal. - - NamedPermissionSet namedPermSet = (NamedPermissionSet)m_permSet; - if (level != null && level.GetNamedPermissionSet( namedPermSet.Name ) != null) - { - e.AddAttribute( "PermissionSetName", namedPermSet.Name ); - } - else - { - if (useInternal) - e.AddChild( namedPermSet.InternalToXml() ); - else - e.AddChild( namedPermSet.ToXml() ); - } - } - else - { - if (useInternal) - e.AddChild( m_permSet.InternalToXml() ); - else - e.AddChild( m_permSet.ToXml() ); - } - } - } - - return e; - } - - [System.Security.SecuritySafeCritical] // auto-generated - public void FromXml( SecurityElement et, PolicyLevel level ) - { - FromXml( et, level, false ); - } - - [System.Security.SecurityCritical] // auto-generated - internal void FromXml( SecurityElement et, PolicyLevel level, bool allowInternalOnly ) - { - if (et == null) - throw new ArgumentNullException( "et" ); - - if (!et.Tag.Equals( "PolicyStatement" )) - throw new ArgumentException( String.Format( CultureInfo.CurrentCulture, Environment.GetResourceString( "Argument_InvalidXMLElement" ), "PolicyStatement", this.GetType().FullName ) ); - Contract.EndContractBlock(); - - m_attributes = (PolicyStatementAttribute) 0; - - String strAttributes = et.Attribute( "Attributes" ); - - if (strAttributes != null) - m_attributes = (PolicyStatementAttribute)Enum.Parse( typeof( PolicyStatementAttribute ), strAttributes ); - - lock (this) - { - m_permSet = null; - - if (level != null) - { - String permSetName = et.Attribute( "PermissionSetName" ); - - if (permSetName != null) - { - m_permSet = level.GetNamedPermissionSetInternal( permSetName ); - - if (m_permSet == null) - m_permSet = new PermissionSet( PermissionState.None ); - } - } - - - if (m_permSet == null) - { - // There is no provided level, it is not a named permission set, or - // the named permission set doesn't exist in the provided level, - // so just create the class through reflection and decode normally. - - SecurityElement e = et.SearchForChildByTag( "PermissionSet" ); - - if (e != null) - { - String className = e.Attribute( "class" ); - - if (className != null && (className.Equals( "NamedPermissionSet" ) || - className.Equals( "System.Security.NamedPermissionSet" ))) - m_permSet = new NamedPermissionSet( "DefaultName", PermissionState.None ); - else - m_permSet = new PermissionSet( PermissionState.None ); - - try - { - m_permSet.FromXml( e, allowInternalOnly, true ); - } - catch - { - // ignore any exceptions from the decode process. - // Note: we go ahead and use the permission set anyway. This should be safe since - // the decode process should never give permission beyond what a proper decode would have - // given. - } - } - else - { - throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidXML" ) ); - } - } - - if (m_permSet == null) - m_permSet = new PermissionSet( PermissionState.None ); - } - } - - - [System.Security.SecurityCritical] // auto-generated - internal void FromXml( SecurityDocument doc, int position, PolicyLevel level, bool allowInternalOnly ) - { - if (doc == null) - throw new ArgumentNullException( "doc" ); - Contract.EndContractBlock(); - - if (!doc.GetTagForElement( position ).Equals( "PolicyStatement" )) - throw new ArgumentException( String.Format( CultureInfo.CurrentCulture, Environment.GetResourceString( "Argument_InvalidXMLElement" ), "PolicyStatement", this.GetType().FullName ) ); - - m_attributes = (PolicyStatementAttribute) 0; - - String strAttributes = doc.GetAttributeForElement( position, "Attributes" ); - - if (strAttributes != null) - m_attributes = (PolicyStatementAttribute)Enum.Parse( typeof( PolicyStatementAttribute ), strAttributes ); - - lock (this) - { - m_permSet = null; - - if (level != null) - { - String permSetName = doc.GetAttributeForElement( position, "PermissionSetName" ); - - if (permSetName != null) - { - m_permSet = level.GetNamedPermissionSetInternal( permSetName ); - - if (m_permSet == null) - m_permSet = new PermissionSet( PermissionState.None ); - } - } - - - if (m_permSet == null) - { - // There is no provided level, it is not a named permission set, or - // the named permission set doesn't exist in the provided level, - // so just create the class through reflection and decode normally. - - ArrayList childPositions = doc.GetChildrenPositionForElement( position ); - int positionPermissionSet = -1; - - for (int i = 0; i < childPositions.Count; ++i) - { - if (doc.GetTagForElement( (int)childPositions[i] ).Equals( "PermissionSet" )) - { - positionPermissionSet = (int)childPositions[i]; - } - } - - if (positionPermissionSet != -1) - { - String className = doc.GetAttributeForElement( positionPermissionSet, "class" ); - - if (className != null && (className.Equals( "NamedPermissionSet" ) || - className.Equals( "System.Security.NamedPermissionSet" ))) - m_permSet = new NamedPermissionSet( "DefaultName", PermissionState.None ); - else - m_permSet = new PermissionSet( PermissionState.None ); - - m_permSet.FromXml( doc, positionPermissionSet, allowInternalOnly ); - } - else - { - throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidXML" ) ); - } - } - - if (m_permSet == null) - m_permSet = new PermissionSet( PermissionState.None ); - } - } -#endif // FEATURE_CAS_POLICY - - [System.Runtime.InteropServices.ComVisible(false)] public override bool Equals( Object obj ) { diff --git a/src/mscorlib/src/System/Security/Policy/Site.cs b/src/mscorlib/src/System/Security/Policy/Site.cs index e7c6cd3d83..14a95e1666 100644 --- a/src/mscorlib/src/System/Security/Policy/Site.cs +++ b/src/mscorlib/src/System/Security/Policy/Site.cs @@ -10,6 +10,7 @@ // using System; +using System.Diagnostics; using System.Diagnostics.Contracts; using System.Globalization; using System.Security.Permissions; @@ -26,7 +27,7 @@ namespace System.Security.Policy public Site(String name) { if (name == null) - throw new ArgumentNullException("name"); + throw new ArgumentNullException(nameof(name)); Contract.EndContractBlock(); m_name = new SiteString( name ); @@ -34,7 +35,7 @@ namespace System.Security.Policy private Site(SiteString name) { - Contract.Assert(name != null); + Debug.Assert(name != null); m_name = name; } @@ -94,30 +95,6 @@ namespace System.Security.Policy return Clone(); } -#if FEATURE_CAS_POLICY - internal SecurityElement ToXml() - { - SecurityElement elem = new SecurityElement( "System.Security.Policy.Site" ); - // If you hit this assert then most likely you are trying to change the name of this class. - // This is ok as long as you change the hard coded string above and change the assert below. - Contract.Assert( this.GetType().FullName.Equals( "System.Security.Policy.Site" ), "Class name changed!" ); - - elem.AddAttribute( "version", "1" ); - - if(m_name != null) - elem.AddChild( new SecurityElement( "Name", m_name.ToString() ) ); - - return elem; - } -#endif // FEATURE_CAS_POLICY - -#if FEATURE_CAS_POLICY - public override String ToString() - { - return ToXml().ToString(); - } -#endif // FEATURE_CAS_POLICY - // INormalizeForIsolatedStorage is not implemented for startup perf // equivalent to INormalizeForIsolatedStorage.Normalize() internal Object Normalize() diff --git a/src/mscorlib/src/System/Security/Policy/StrongName.cs b/src/mscorlib/src/System/Security/Policy/StrongName.cs index c49f2b0674..999b478ba7 100644 --- a/src/mscorlib/src/System/Security/Policy/StrongName.cs +++ b/src/mscorlib/src/System/Security/Policy/StrongName.cs @@ -42,20 +42,20 @@ namespace System.Security.Policy { internal StrongName(StrongNamePublicKeyBlob blob, String name, Version version, Assembly assembly) { if (name == null) - throw new ArgumentNullException("name"); + throw new ArgumentNullException(nameof(name)); if (String.IsNullOrEmpty(name)) throw new ArgumentException(Environment.GetResourceString("Argument_EmptyStrongName")); if (blob == null) - throw new ArgumentNullException("blob"); + throw new ArgumentNullException(nameof(blob)); if (version == null) - throw new ArgumentNullException("version"); + throw new ArgumentNullException(nameof(version)); Contract.EndContractBlock(); RuntimeAssembly rtAssembly = assembly as RuntimeAssembly; if (assembly != null && rtAssembly == null) - throw new ArgumentException(Environment.GetResourceString("Argument_MustBeRuntimeAssembly"), "assembly"); + throw new ArgumentException(Environment.GetResourceString("Argument_MustBeRuntimeAssembly"), nameof(assembly)); m_publicKeyBlob = blob; m_name = name; @@ -89,14 +89,9 @@ namespace System.Security.Policy { bool IDelayEvaluatedEvidence.IsVerified { - [System.Security.SecurityCritical] // auto-generated get { -#if FEATURE_CAS_POLICY - return m_assembly != null ? m_assembly.IsStrongNameVerified : true; -#else // !FEATURE_CAS_POLICY return true; -#endif // FEATURE_CAS_POLICY } } @@ -133,52 +128,6 @@ namespace System.Security.Policy { return Clone(); } -#if FEATURE_CAS_POLICY - internal SecurityElement ToXml() - { - SecurityElement root = new SecurityElement( "StrongName" ); - root.AddAttribute( "version", "1" ); - - if (m_publicKeyBlob != null) - root.AddAttribute( "Key", System.Security.Util.Hex.EncodeHexString( m_publicKeyBlob.PublicKey ) ); - - if (m_name != null) - root.AddAttribute( "Name", m_name ); - - if (m_version != null) - root.AddAttribute( "Version", m_version.ToString() ); - - return root; - } - - internal void FromXml (SecurityElement element) - { - if (element == null) - throw new ArgumentNullException("element"); - if (String.Compare(element.Tag, "StrongName", StringComparison.Ordinal) != 0) - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidXML")); - Contract.EndContractBlock(); - - m_publicKeyBlob = null; - m_version = null; - - string key = element.Attribute("Key"); - if (key != null) - m_publicKeyBlob = new StrongNamePublicKeyBlob(System.Security.Util.Hex.DecodeHexString(key)); - - m_name = element.Attribute("Name"); - - string version = element.Attribute("Version"); - if (version != null) - m_version = new Version(version); - } - - public override String ToString() - { - return ToXml().ToString(); - } -#endif // FEATURE_CAS_POLICY - public override bool Equals( Object o ) { StrongName that = (o as StrongName); diff --git a/src/mscorlib/src/System/Security/Policy/URL.cs b/src/mscorlib/src/System/Security/Policy/URL.cs index d3ad4f8724..3541124ac6 100644 --- a/src/mscorlib/src/System/Security/Policy/URL.cs +++ b/src/mscorlib/src/System/Security/Policy/URL.cs @@ -14,6 +14,7 @@ namespace System.Security.Policy { using System.Security.Util; using UrlIdentityPermission = System.Security.Permissions.UrlIdentityPermission; using System.Runtime.Serialization; + using System.Diagnostics; using System.Diagnostics.Contracts; [Serializable] @@ -25,7 +26,7 @@ namespace System.Security.Policy { internal Url( String name, bool parsed ) { if (name == null) - throw new ArgumentNullException( "name" ); + throw new ArgumentNullException( nameof(name) ); Contract.EndContractBlock(); m_url = new URLString( name, parsed ); @@ -34,7 +35,7 @@ namespace System.Security.Policy { public Url( String name ) { if (name == null) - throw new ArgumentNullException( "name" ); + throw new ArgumentNullException( nameof(name) ); Contract.EndContractBlock(); m_url = new URLString( name ); @@ -42,7 +43,7 @@ namespace System.Security.Policy { private Url(Url url) { - Contract.Assert(url != null); + Debug.Assert(url != null); m_url = url.m_url; } @@ -87,28 +88,6 @@ namespace System.Security.Policy { return Clone(); } -#if FEATURE_CAS_POLICY - internal SecurityElement ToXml() - { - SecurityElement root = new SecurityElement( "System.Security.Policy.Url" ); - // If you hit this assert then most likely you are trying to change the name of this class. - // This is ok as long as you change the hard coded string above and change the assert below. - Contract.Assert( this.GetType().FullName.Equals( "System.Security.Policy.Url" ), "Class name changed!" ); - - root.AddAttribute( "version", "1" ); - - if (m_url != null) - root.AddChild( new SecurityElement( "Url", m_url.ToString() ) ); - - return root; - } - - public override String ToString() - { - return ToXml().ToString(); - } -#endif // FEATURE_CAS_POLICY - // INormalizeForIsolatedStorage is not implemented for startup perf // equivalent to INormalizeForIsolatedStorage.Normalize() internal Object Normalize() diff --git a/src/mscorlib/src/System/Security/Policy/Zone.cs b/src/mscorlib/src/System/Security/Policy/Zone.cs index c999abe340..a9f5d84aeb 100644 --- a/src/mscorlib/src/System/Security/Policy/Zone.cs +++ b/src/mscorlib/src/System/Security/Policy/Zone.cs @@ -9,23 +9,21 @@ // Zone is an IIdentity representing Internet/Intranet/MyComputer etc. // -namespace System.Security.Policy { +namespace System.Security.Policy +{ using System.Security.Util; using ZoneIdentityPermission = System.Security.Permissions.ZoneIdentityPermission; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; using System.Runtime.Versioning; using System.Runtime.Serialization; + using System.Diagnostics; using System.Diagnostics.Contracts; [Serializable] [System.Runtime.InteropServices.ComVisible(true)] public sealed class Zone : EvidenceBase, IIdentityPermissionFactory { -#if FEATURE_CAS_POLICY - [OptionalField(VersionAdded = 2)] - private String m_url; -#endif // FEATURE_CAS_POLICY private SecurityZone m_zone; private static readonly String[] s_names = @@ -42,36 +40,10 @@ namespace System.Security.Policy { private Zone(Zone zone) { - Contract.Assert(zone != null); - -#if FEATURE_CAS_POLICY - m_url = zone.m_url; -#endif // FEATURE_CAS_POLICY + Debug.Assert(zone != null); m_zone = zone.m_zone; } -#if FEATURE_CAS_POLICY - private Zone(String url) - { - m_url = url; - m_zone = SecurityZone.NoZone; - } - - public static Zone CreateFromUrl( String url ) - { - if (url == null) - throw new ArgumentNullException( "url" ); - Contract.EndContractBlock(); - - return new Zone( url ); - } - - [System.Security.SecurityCritical] // auto-generated - [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] - [SuppressUnmanagedCodeSecurity] - private extern static SecurityZone _CreateFromUrl( String url ); -#endif // FEATURE_CAS_POLICY - public IPermission CreateIdentityPermission( Evidence evidence ) { return new ZoneIdentityPermission( SecurityZone ); @@ -79,14 +51,8 @@ namespace System.Security.Policy { public SecurityZone SecurityZone { - [System.Security.SecuritySafeCritical] // auto-generated get { -#if FEATURE_CAS_POLICY - if (m_url != null) - m_zone = _CreateFromUrl( m_url ); -#endif // FEATURE_CAS_POLICY - return m_zone; } } @@ -117,30 +83,6 @@ namespace System.Security.Policy { return Clone(); } -#if FEATURE_CAS_POLICY - internal SecurityElement ToXml() - { - SecurityElement elem = new SecurityElement( "System.Security.Policy.Zone" ); - // If you hit this assert then most likely you are trying to change the name of this class. - // This is ok as long as you change the hard coded string above and change the assert below. - Contract.Assert( this.GetType().FullName.Equals( "System.Security.Policy.Zone" ), "Class name changed!" ); - - elem.AddAttribute( "version", "1" ); - if (SecurityZone != SecurityZone.NoZone) - elem.AddChild( new SecurityElement( "Zone", s_names[(int)SecurityZone] ) ); - else - elem.AddChild( new SecurityElement( "Zone", s_names[s_names.Length-1] ) ); - return elem; - } -#endif // FEATURE_CAS_POLICY - -#if FEATURE_CAS_POLICY - public override String ToString() - { - return ToXml().ToString(); - } -#endif // FEATURE_CAS_POLICY - // INormalizeForIsolatedStorage is not implemented for startup perf // equivalent to INormalizeForIsolatedStorage.Normalize() internal Object Normalize() |