public ScriptAssembly RegisterAssembly(ScriptAssembly scriptAssembly, ScriptSecurityMode securityMode) { // Check for error if (scriptAssembly == null) { return(null); } // Reset report securityResult = null; // Check for ensure security mode bool performSecurityCheck = (securityMode == ScriptSecurityMode.EnsureSecurity); // Get value from settings if (securityMode == ScriptSecurityMode.UseSettings) { performSecurityCheck = RoslynCSharp.Settings.SecurityCheckCode; } // Check for security checks if (performSecurityCheck == true) { CodeSecurityRestrictions restrictions = RoslynCSharp.Settings.SecurityRestrictions; // Use pinvoke option restrictions.AllowPInvoke = RoslynCSharp.Settings.AllowPInvoke; // Perform code validation if (scriptAssembly.SecurityCheckAssembly(restrictions, out securityResult) == false) { // Log the error RoslynCSharp.LogError(securityResult.GetSummaryText()); RoslynCSharp.LogError(securityResult.GetAllText(true)); // Dont load the assembly return(null); } else { RoslynCSharp.Log(securityResult.GetSummaryText()); } } lock (this) { // Register with domain this.loadedAssemblies.Add(scriptAssembly); } // Return result return(scriptAssembly); }
// Methods /// <summary> /// Run security verification on this assembly using the specified security restrictions. /// </summary> /// <param name="restrictions">The restrictions used to verify the assembly</param> /// <returns>True if the assembly passes security verification or false if it fails</returns> public bool SecurityCheckAssembly(CodeSecurityRestrictions restrictions) { // Check for already checked if (securityEngine == null) { return(isSecurityValidated); } // Run code valdiation isSecurityValidated = securityEngine.SecurityCheckAssembly(restrictions); // Release security engine securityEngine = null; return(isSecurityValidated); }
/// <summary> /// Run security verification on this assembly using the specified security restrictions and output a security report /// </summary> /// <param name="restrictions">The restrictions used to verify the assembly</param> /// <param name="report">The security report generated by the assembly checker</param> /// <returns>True if the assembly passes security verification or false if it fails</returns> public bool SecurityCheckAssembly(CodeSecurityRestrictions restrictions, out CodeSecurityReport report) { // Check for already checked if (securityEngine == null) { report = securityReport; return(isSecurityValidated); } // Run code validation isSecurityValidated = securityEngine.SecurityCheckAssembly(restrictions, out report); // Release security engine and store report securityEngine = null; securityReport = report; return(isSecurityValidated); }
/// <summary> /// Run security verification on this assembly using the specified security restrictions and output a security report /// </summary> /// <param name="restrictions">The restrictions used to verify the assembly</param> /// <param name="report">The security report generated by the assembly checker</param> /// <returns>True if the assembly passes security verification or false if it fails</returns> public bool SecurityCheckAssembly(CodeSecurityRestrictions restrictions, out CodeSecurityReport report) { // Skip checks if (isSecurityValidated == true && restrictions.RestrictionsHash == securityValidatedHash) { report = securityReport; return(true); } // Create the security engine CodeSecurityEngine securityEngine = CreateSecurityEngine(); // Check for already checked if (securityEngine == null) { report = securityReport; return(isSecurityValidated); } // Must dispose once finished using (securityEngine) { // Run code valdiation isSecurityValidated = securityEngine.SecurityCheckAssembly(restrictions, out securityReport); // Check for verified if (isSecurityValidated == true) { // Store the hash so that the same restirctions will not need to run again securityValidatedHash = restrictions.RestrictionsHash; } else { securityValidatedHash = -1; } report = securityReport; return(isSecurityValidated); } }
private ScriptAssembly RegisterAssembly(Assembly assembly, string assemblyPath, byte[] assemblyImage, ScriptSecurityMode securityMode, bool isRuntimeCompiled, CompilationResult compileResult = null) { // Check for error if (assembly == null) { return(null); } // Reset report securityResult = null; // Create script assembly ScriptAssembly scriptAssembly = new ScriptAssembly(this, assembly, compileResult); // Set meta data scriptAssembly.AssemblyPath = assemblyPath; scriptAssembly.AssemblyImage = assemblyImage; // Check for ensure security mode bool performSecurityCheck = (securityMode == ScriptSecurityMode.EnsureSecurity); // Get value from settings if (securityMode == ScriptSecurityMode.UseSettings) { performSecurityCheck = RoslynCSharp.Settings.SecurityCheckCode; } // Check for security checks if (performSecurityCheck == true) { CodeSecurityRestrictions restrictions = RoslynCSharp.Settings.SecurityRestrictions; // Use pinvoke option restrictions.AllowPInvoke = RoslynCSharp.Settings.AllowPInvoke; // Perform code validation if (scriptAssembly.SecurityCheckAssembly(restrictions, out securityResult) == false) { // Log the error RoslynCSharp.LogError(securityResult.GetSummaryText()); RoslynCSharp.LogError(securityResult.GetAllText(true)); // Dont load the assembly return(null); } else { RoslynCSharp.Log(securityResult.GetSummaryText()); } } // Mark as runtime compiled if (isRuntimeCompiled == true) { scriptAssembly.MarkAsRuntimeCompiled(); } lock (this) { // Register with domain this.loadedAssemblies.Add(scriptAssembly); } // Return result return(scriptAssembly); }