internal bool IsFullTrustAssembly (Assembly a)
{
AssemblyName an = a.UnprotectedGetName ();
StrongNamePublicKeyBlob snpkb = new StrongNamePublicKeyBlob (an.GetPublicKey ());
StrongNameMembershipCondition snMC = new StrongNameMembershipCondition (snpkb, an.Name, an.Version);
foreach (StrongNameMembershipCondition sn in full_trust_assemblies) {
if (sn.Equals (snMC)) {
return true;
}
}
return false;
}
private static void InheritanceDemandSecurityException (int securityViolation, Assembly a, Type t, MethodInfo method)
{
string message = null;
AssemblyName an = null;
PermissionSet granted = null;
PermissionSet refused = null;
if (a != null) {
an = a.UnprotectedGetName ();
granted = a.GrantedPermissionSet;
refused = a.DeniedPermissionSet;
}
switch (securityViolation) {
case 1: // MONO_METADATA_INHERITANCEDEMAND_CLASS
message = String.Format (Locale.GetText ("Class inheritance refused for {0}."), t);
break;
case 2: // MONO_METADATA_INHERITANCEDEMAND_CLASS
message = Locale.GetText ("Method override refused.");
break;
default:
message = Locale.GetText ("Load time InheritDemand failed.");
break;
}
throw new SecurityException (message, an, granted, refused, method, SecurityAction.InheritanceDemand, null, null, null);
}
static internal Evidence GetDefaultHostEvidence (Assembly a)
{
Evidence e = new Evidence ();
string aname = a.EscapedCodeBase;
// by default all assembly have the Zone, Url and Hash evidences
e.AddHost (Zone.CreateFromUrl (aname));
e.AddHost (new Url (aname));
e.AddHost (new Hash (a));
// non local files (e.g. http://) also get a Site evidence
if (String.Compare ("FILE://", 0, aname, 0, 7, true, CultureInfo.InvariantCulture) != 0) {
e.AddHost (Site.CreateFromUrl (aname));
}
// strongnamed assemblies gets a StrongName evidence
AssemblyName an = a.UnprotectedGetName ();
byte[] pk = an.GetPublicKey ();
if ((pk != null) && (pk.Length > 0)) {
StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob (pk);
e.AddHost (new StrongName (blob, an.Name, an.Version));
}
// Authenticode(r) signed assemblies get a Publisher evidence
if (IsAuthenticodePresent (a)) {
// Note: The certificate is part of the evidences even if it is not trusted!
// so we can't call X509Certificate.CreateFromSignedFile
AuthenticodeDeformatter ad = new AuthenticodeDeformatter (a.Location);
if (ad.SigningCertificate != null) {
X509Certificate x509 = new X509Certificate (ad.SigningCertificate.RawData);
if (x509.GetHashCode () != 0) {
e.AddHost (new Publisher (x509));
}
}
}
// assemblies loaded from the GAC also get a Gac evidence (new in Fx 2.0)
if (a.GlobalAssemblyCache) {
e.AddHost (new GacInstalled ());
}
// the current HostSecurityManager may add/remove some evidence
AppDomainManager dommgr = AppDomain.CurrentDomain.DomainManager;
if (dommgr != null) {
if ((dommgr.HostSecurityManager.Flags & HostSecurityManagerOptions.HostAssemblyEvidence) ==
HostSecurityManagerOptions.HostAssemblyEvidence) {
e = dommgr.HostSecurityManager.ProvideAssemblyEvidence (a, e);
}
}
return e;
}
