ToString() public method

public ToString ( ) : string
return string
Example #1
0
        SecurityException(string message, AssemblyName assemblyName,
#if NOT_PFX
                          PermissionSet grant,
                          PermissionSet refused,
#endif
                          MethodInfo method, SecurityAction action, object demanded
#if NOT_PFX
                          , IPermission permThatFailed, Evidence evidence
#endif
                          )
            : base(message)
        {
            base.HResult = unchecked ((int)0x8013150A);
            _assembly    = assemblyName;
#if NOT_PFX
            _granted = (grant == null) ? String.Empty : grant.ToString();
            _refused = (refused == null) ? String.Empty : refused.ToString();
#endif
            _method   = method;
            _action   = action;
            _demanded = demanded;
#if NOT_PFX
            _firstperm = permThatFailed;

            if (_firstperm != null)
            {
                permissionType = _firstperm.GetType();
            }
            _evidence = evidence;
#endif
        }
Example #2
0
 internal SecurityException(string message, PermissionSet granted, PermissionSet refused)
     : base(message)
 {
     base.HResult = unchecked ((int)0x8013150A);
     _granted     = granted.ToString();
     _refused     = refused.ToString();
 }
		public void PermissionStateUnrestricted () 
		{
			PermissionSet ps = new PermissionSet (PermissionState.Unrestricted);
			Assert ("PermissionStateUnrestricted.IsUnrestricted", ps.IsUnrestricted ());
			Assert ("PermissionStateUnrestricted.IsEmpty", !ps.IsEmpty ());
			Assert ("PermissionStateUnrestricted.IsReadOnly", !ps.IsReadOnly);
			AssertEquals ("PermissionStateUnrestricted.ToXml().ToString()==ToString()", ps.ToXml ().ToString (), ps.ToString ());
		}
		public void PermissionStateUnrestricted () 
		{
			PermissionSet ps = new PermissionSet (PermissionState.Unrestricted);
			Assert.IsTrue (ps.IsUnrestricted (), "PermissionStateUnrestricted.IsUnrestricted");
			Assert.IsTrue (!ps.IsEmpty (), "PermissionStateUnrestricted.IsEmpty");
			Assert.IsTrue (!ps.IsReadOnly, "PermissionStateUnrestricted.IsReadOnly");
			Assert.AreEqual (ps.ToXml ().ToString (), ps.ToString (), "PermissionStateUnrestricted.ToXml().ToString()==ToString()");
			Assert.IsTrue (!ps.ContainsNonCodeAccessPermissions (), "ContainsNonCodeAccessPermissions");
		}
Example #5
0
		public void PermissionSetNull () 
		{
			// no exception is thrown
			PermissionSet ps = new PermissionSet (null);
			Assert.IsTrue (!ps.IsUnrestricted (), "PermissionStateNull.IsUnrestricted");
			Assert.IsTrue (ps.IsEmpty (), "PermissionStateNull.IsEmpty");
			Assert.IsTrue (!ps.IsReadOnly, "PermissionStateNull.IsReadOnly");
			Assert.AreEqual (ps.ToXml ().ToString (), ps.ToString (), "PermissionStateNull.ToXml().ToString()==ToString()");
			Assert.IsTrue (!ps.ContainsNonCodeAccessPermissions (), "ContainsNonCodeAccessPermissions");
		}
		public void PermissionSetNull () 
		{
			// no exception is thrown
			PermissionSet ps = new PermissionSet (null);
#if NET_2_0
			Assert ("PermissionStateNull.IsUnrestricted", !ps.IsUnrestricted ());
			Assert ("PermissionStateNull.IsEmpty", ps.IsEmpty ());
#else
			Assert ("PermissionStateNull.IsUnrestricted", ps.IsUnrestricted ());
			Assert ("PermissionStateNull.IsEmpty", !ps.IsEmpty ());
#endif
			Assert ("PermissionStateNull.IsReadOnly", !ps.IsReadOnly);
			AssertEquals ("PermissionStateNull.ToXml().ToString()==ToString()", ps.ToXml ().ToString (), ps.ToString ());
		}
 /// <summary>Initializes a new instance of the <see cref="T:System.Security.SecurityException" /> class for an exception caused by an insufficient grant set. </summary>
 /// <param name="message">The error message that explains the reason for the exception.</param>
 /// <param name="assemblyName">An <see cref="T:System.Reflection.AssemblyName" /> that specifies the name of the assembly that caused the exception.</param>
 /// <param name="grant">A <see cref="T:System.Security.PermissionSet" /> that represents the permissions granted the assembly.</param>
 /// <param name="refused">A <see cref="T:System.Security.PermissionSet" /> that represents the refused permission or permission set.</param>
 /// <param name="method">A <see cref="T:System.Reflection.MethodInfo" /> that represents the method that encountered the exception.</param>
 /// <param name="action">One of the <see cref="T:System.Security.Permissions.SecurityAction" /> values.</param>
 /// <param name="demanded">The demanded permission, permission set, or permission set collection.</param>
 /// <param name="permThatFailed">An <see cref="T:System.Security.IPermission" /> that represents the permission that failed.</param>
 /// <param name="evidence">The <see cref="T:System.Security.Policy.Evidence" /> for the assembly that caused the exception.</param>
 public SecurityException(string message, AssemblyName assemblyName, PermissionSet grant, PermissionSet refused, MethodInfo method, SecurityAction action, object demanded, IPermission permThatFailed, Evidence evidence) : base(message)
 {
     base.HResult    = -2146233078;
     this._assembly  = assemblyName;
     this._granted   = ((grant != null) ? grant.ToString() : string.Empty);
     this._refused   = ((refused != null) ? refused.ToString() : string.Empty);
     this._method    = method;
     this._action    = action;
     this._demanded  = demanded;
     this._firstperm = permThatFailed;
     if (this._firstperm != null)
     {
         this.permissionType = this._firstperm.GetType();
     }
     this._evidence = evidence;
 }
Example #8
0
		internal SecurityException (string message, PermissionSet granted, PermissionSet refused) 
			: base (message)
		{
			base.HResult = unchecked ((int)0x8013150A);
			_granted = granted.ToString ();
			_refused = refused.ToString ();
		}
		public void ToXml ()
		{
			PermissionSetCollection psc = new PermissionSetCollection ();
			SecurityElement se = psc.ToXml ();
			Assert.IsNull (se.Children, "Children==null for 0");
			PermissionSet unr = new PermissionSet (PermissionState.Unrestricted);
			psc.Add (unr);
			se = psc.ToXml ();
			Assert.AreEqual (1, se.Children.Count, "Children==1");
			Assert.AreEqual (unr.ToString (), se.Children[0].ToString (), "XML");
		}
		public void GetSet ()
		{
			PermissionSetCollection psc = new PermissionSetCollection ();
			PermissionSet unr = new PermissionSet (PermissionState.Unrestricted);
			psc.Add (unr);
			PermissionSet ps = psc.GetSet (0);
			Assert.AreEqual (unr.ToString (), ps.ToString (), "Same XML");
			Assert.IsTrue (Object.ReferenceEquals (unr, ps), "Same Object Reference");
		}
Example #11
0
		public static void PermissionSetDemo()
		{
			
			Console.WriteLine("Executing Permission Set Demo");
			try
			{
				// Open a permission set.
				PermissionSet ps1 = new PermissionSet(PermissionState.None);
				Console.WriteLine("Adding permission to open a file from a file dialog box.");
				// Add a permission to the permission set.
				ps1.AddPermission(new FileDialogPermission(FileDialogPermissionAccess.Open));
				Console.WriteLine("Demanding Permission to open a file.");
				ps1.Demand();
				Console.WriteLine("Demand succeeded.");
				Console.WriteLine("Adding permission to save a file from a file dialog box.");
				ps1.AddPermission(new FileDialogPermission(FileDialogPermissionAccess.Save));
				Console.WriteLine("Demanding permission to open and save a file.");
				ps1.Demand();
				Console.WriteLine("Demand succeeded.");
				Console.WriteLine("Adding a permission to read environment variable USERNAME.");
				ps1.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME"));
				ps1.Demand();
				Console.WriteLine("Demand succeeded.");
				Console.WriteLine("Adding permission to read environment variable COMPUTERNAME.");
				ps1.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Read, "COMPUTERNAME"));
				// Demand all the permissions in the set.
				Console.WriteLine("Demand all permissions.");
				ps1.Demand();
				Console.WriteLine("Demand succeeded.");
				// Display the number of permissions in the set.
				Console.WriteLine("Number of permissions = " + ps1.Count);
				// Display the value of the IsSynchronized property.
				Console.WriteLine("IsSynchronized property = " + ps1.IsSynchronized);
				// Display the value of the IsReadOnly property.
				Console.WriteLine("IsReadOnly property = " + ps1.IsReadOnly);
				// Display the value of the SyncRoot property.
				Console.WriteLine("SyncRoot property = " + ps1.SyncRoot);
				// Display the result of a call to the ContainsNonCodeAccessPermissions method.
				// Gets a value indicating whether the PermissionSet contains permissions
				// that are not derived from CodeAccessPermission.
				// Returns true if the PermissionSet contains permissions that are not 
				// derived from CodeAccessPermission; otherwise, false.
				Console.WriteLine("ContainsNonCodeAccessPermissions method returned " + ps1.ContainsNonCodeAccessPermissions());
				Console.WriteLine("Value of the permission set ToString = \n" + ps1.ToString());
				PermissionSet ps2 = new PermissionSet(PermissionState.None);
				// Create a second permission set and compare it to the first permission set.
				ps2.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME"));
				ps2.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Write, "COMPUTERNAME"));
				Console.WriteLine("Permission set 2 = " + ps2);
				IEnumerator list = ps1.GetEnumerator();
				Console.WriteLine("Permissions in first permission set:");
				foreach (var permission in ps1)
					Console.WriteLine(permission.ToString());
				Console.WriteLine("Second permission IsSubSetOf first permission = " + ps2.IsSubsetOf(ps1));
				// Display the intersection of two permission sets.
				PermissionSet ps3 = ps2.Intersect(ps1);
				Console.WriteLine("The intersection of the first permission set and the second permission set = " + ps3.ToString());
				// Create a new permission set.
				PermissionSet ps4 = new PermissionSet(PermissionState.None);
				ps4.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read, "C:\\Temp\\Testfile.txt"));
				ps4.AddPermission(new FileIOPermission(FileIOPermissionAccess.Write | FileIOPermissionAccess.Append, "C:\\Temp\\Testfile.txt"));
				// Display the union of two permission sets.
				PermissionSet ps5 = ps3.Union(ps4);
				Console.WriteLine("The union of permission set 3 and permission set 4 = " + ps5.ToString());
				// Remove FileIOPermission from the permission set.
				ps5.RemovePermission(typeof(FileIOPermission));
				Console.WriteLine("The last permission set after removing FileIOPermission = " + ps5.ToString());
				// Change the permission set using SetPermission
				ps5.SetPermission(new EnvironmentPermission(EnvironmentPermissionAccess.AllAccess, "USERNAME"));
				Console.WriteLine("Permission set after SetPermission = " + ps5.ToString());
				// Display result of ToXml and FromXml operations.
				PermissionSet ps6 = new PermissionSet(PermissionState.None);
				ps6.FromXml(ps5.ToXml());
				Console.WriteLine("Result of ToFromXml = " + ps6.ToString() + "\n");
				// Display result of PermissionSet.GetEnumerator.
				IEnumerator psEnumerator = ps1.GetEnumerator();
				while (psEnumerator.MoveNext())
				{
					Console.WriteLine(psEnumerator.Current.ToString());
				}
				// Check for an unrestricted permission set.
				PermissionSet ps7 = new PermissionSet(PermissionState.Unrestricted);
				Console.WriteLine("Permission set is unrestricted = " + ps7.IsUnrestricted());
				// Create and display a copy of a permission set.
				ps7 = ps5.Copy();
				Console.WriteLine("Result of copy = " + ps7.ToString());
			}
			catch (Exception e)
			{
				Console.WriteLine(e.Message.ToString());
			}
		}
		public void ConvertPermissionSet_BinaryToBinary ()
		{
			PermissionSet ps = new PermissionSet (PermissionState.None);
			byte[] data = Encoding.ASCII.GetBytes (ps.ToString ());
			byte[] result = PermissionSet.ConvertPermissionSet ("XML", data, "BINARY");

			byte[] result2 = PermissionSet.ConvertPermissionSet ("BINARY", result, "BINARY");
			// there's only a little difference - but it doesn't throw an exception
			//Assert.IsTrue (BitConverter.ToString (result) != BitConverter.ToString (result2), "BINARY!=BINARY");
		}
		public void PermissionSetPermissionSet () 
		{
			FileDialogPermission fdp = new FileDialogPermission (FileDialogPermissionAccess.Open);
			PermissionSet ps1 = new PermissionSet (PermissionState.None);
			ps1.AddPermission (fdp);
			Assert ("ps1.IsEmpty", !ps1.IsEmpty ());

			PermissionSet ps = new PermissionSet (ps1);
			Assert ("PermissionSetPermissionSet.IsUnrestricted", !ps.IsUnrestricted ());
			Assert ("PermissionSetPermissionSet.IsEmpty", !ps.IsEmpty ());
			Assert ("PermissionSetPermissionSet.IsReadOnly", !ps.IsReadOnly);
			AssertEquals ("PermissionSetPermissionSet.ToXml().ToString()==ToString()", ps.ToXml ().ToString (), ps.ToString ());
		}
Example #14
0
 public static string[] PermissionSetToIdentityList(PermissionSet permissionSet)
 {
     string psXml = permissionSet != null ? permissionSet.ToString() : "<PermissionSet/>";
     XmlDocument psDocument = new XmlDocument();
     // CA3057: DoNotUseLoadXml.  Suppressed since 'psXml' is a trusted or a constant string.
     psDocument.LoadXml(psXml);
     return XmlToIdentityList(psDocument.DocumentElement);
 }
 internal SecurityException(string message, PermissionSet granted, PermissionSet refused) : base(message)
 {
     base.HResult  = -2146233078;
     this._granted = granted.ToString();
     this._refused = refused.ToString();
 }
        static private PermissionSet ResolvePolicy(Evidence evidence,
                                                   PermissionSet reqdPset,
                                                   PermissionSet optPset,
                                                   PermissionSet denyPset,
                                                   out PermissionSet denied,
                                                   bool checkExecutionPermission)
        {
            PermissionSet requested;
            PermissionSet optional;
            PermissionSet allowed;

            Exception savedException = null;

            // We don't want to recurse back into here as a result of a
            // stackwalk during resolution. So simply assert full trust (this
            // implies that custom permissions cannot use any permissions that
            // don't implement IUnrestrictedPermission.
            // PermissionSet.s_fullTrust.Assert();

            // The requested set is the union of the minimal request and the
            // optional request. Minimal request defaults to empty, optional
            // is "AllPossible" (includes any permission that can be defined)
            // which is symbolized by null.
            optional = optPset;

            if (reqdPset == null)
            {
                requested = optional;
            }
            else
            {
                // If optional is null, the requested set becomes null/"AllPossible".
                requested = optional == null ? null : reqdPset.Union(optional);
            }

            // Make sure that the right to execute is requested (if this feature is
            // enabled).

            if (requested != null && !requested.IsUnrestricted() && CheckExecution())
            {
                requested.AddPermission(executionSecurityPermission);
            }

            if (InitPolicy())
            {
                // If we aren't passed any evidence, just make an empty object
                // If we are passed evidence, copy it before passing it
                // to the policy manager.
                // Note: this is not a deep copy, the pieces of evidence within the
                // Evidence object can still be altered and affect the originals.

                if (evidence == null)
                {
                    evidence = new Evidence();
                }
                else
                {
                    evidence = evidence.ShallowCopy();
                }

                evidence.AddHost(new PermissionRequestEvidence(reqdPset, optPset, denyPset));

                // We need to make sure that no stray exceptions come out of Resolve so
                // we wrap it in a try block.

                try
                {
                    allowed = polmgr.Resolve(evidence, requested);
                }
                catch (Exception e)
                {
#if _DEBUG
                    if (debug)
                    {
                        DEBUG_OUT("Exception during resolve");
                        DEBUG_OUT(e.GetType().FullName);
                        DEBUG_OUT(e.Message);
                        DEBUG_OUT(e.StackTrace);
                    }
#endif

                    // If we get a policy exception, we are done are we are going to fail to
                    // load no matter what.

                    if (e is PolicyException)
                    {
                        throw e;
                    }

                    // If we get any other kid of exception, we set the allowed set to the
                    // empty set and continue processing as normal.  This allows assemblies
                    // that make no request to be loaded but blocks any assembly that
                    // makes a request from being loaded.  This seems like a valid design to
                    // me -- gregfee 6/19/2000

                    savedException = e;
                    allowed        = new PermissionSet();
                }
            }
            else
            {
                denied = null;
                return(null);
            }


#if _DEBUG
            if (debug)
            {
                DEBUG_OUT("ResolvePolicy:");
                IEnumerator enumerator = evidence.GetEnumerator();
                DEBUG_OUT("Evidence:");
                while (enumerator.MoveNext())
                {
                    Object obj = enumerator.Current;
                    if (obj is Site)
                    {
                        DEBUG_OUT(((Site)obj).ToXml().ToString());
                    }
                    else if (obj is Zone)
                    {
                        DEBUG_OUT(((Zone)obj).ToXml().ToString());
                    }
                    else if (obj is Url)
                    {
                        DEBUG_OUT(((Url)obj).ToXml().ToString());
                    }
                    else if (obj is Publisher)
                    {
                        DEBUG_OUT(((Publisher)obj).ToXml().ToString());
                    }
                    else if (obj is StrongName)
                    {
                        DEBUG_OUT(((StrongName)obj).ToXml().ToString());
                    }
                    else if (obj is PermissionRequestEvidence)
                    {
                        DEBUG_OUT(((PermissionRequestEvidence)obj).ToXml().ToString());
                    }
                }
                DEBUG_OUT("Required permissions:");
                DEBUG_OUT(reqdPset != null ? reqdPset.ToString() : "<null>");
                DEBUG_OUT("Optional permissions:");
                DEBUG_OUT(optPset != null ? optPset.ToString() : "<null>");
                DEBUG_OUT("Denied permissions:");
                DEBUG_OUT(denyPset != null ? denyPset.ToString() : "<null>");
                DEBUG_OUT("Requested permissions:");
                DEBUG_OUT(requested != null ? requested.ToString() : "<null>");
                DEBUG_OUT("Granted permissions:");
                DEBUG_OUT(allowed != null ? allowed.ToString() : "<null>");
            }
#endif

            // Check that we were granted the right to execute.
            if (!allowed.IsUnrestricted() && checkExecutionPermission && CheckExecution())
            {
                SecurityPermission secPerm = (SecurityPermission)allowed.GetPermission(securityPermissionType);

                if (secPerm == null || !executionSecurityPermission.IsSubsetOf(secPerm))
                {
#if _DEBUG
                    DEBUG_OUT("No execute permission");
#endif
                    throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"),
                                              System.__HResults.CORSEC_E_NO_EXEC_PERM,
                                              savedException);
                }
            }

            // Check that we were granted at least the minimal set we asked for. Do
            // this before pruning away any overlap with the refused set so that
            // users have the flexability of defining minimal permissions that are
            // only expressable as set differences (e.g. allow access to "C:\" but
            // disallow "C:\Windows").
            if (reqdPset != null && !reqdPset.IsSubsetOf(allowed))
            {
#if _DEBUG
                DEBUG_OUT("Didn't get required permissions");
#endif
                throw new PolicyException(Environment.GetResourceString("Policy_NoRequiredPermission"),
                                          System.__HResults.CORSEC_E_MIN_GRANT_FAIL,
                                          savedException);
            }

            // Remove any granted permissions that are safe subsets of some denied
            // permission. The remaining denied permissions (if any) are returned
            // along with the modified grant set for use in checks.
            if (denyPset != null)
            {
                denied = denyPset.Copy();
                allowed.MergeDeniedSet(denied);
                if (denied.IsEmpty())
                {
                    denied = null;
                }
            }
            else
            {
                denied = null;
            }


#if _DEBUG
            if (debug)
            {
                DEBUG_OUT("Final denied permissions:");
                DEBUG_OUT(denied != null ? denied.ToString() : "<null>");
            }
#endif

            return(allowed);
        }
Example #17
0
     /// <include file='doc\PermissionSet.uex' path='docs/doc[@for="PermissionSet.IsSubsetOf"]/*' />
     public virtual bool IsSubsetOf(PermissionSet target)
     {
 #if _DEBUG
         if (debug)     
             DEBUG_WRITE("IsSubsetOf\n" +
                         "Other:\n" +
                         (target == null ? "<null>" : target.ToString()) +
                         "\nMe:\n" +
                         ToString());
 #endif
 
         if (target == null || target.IsEmpty())
             return this.IsEmpty();
         else if (this.IsUnrestricted() && !target.IsUnrestricted())
         {
             return false;
         }
         else if (this.m_normalPermSet != null && !this.m_normalPermSet.IsSubsetOf( target.m_normalPermSet ))
         {
             return false;
         }
         else if (target.IsUnrestricted() && !this.ContainsNonCodeAccessPermissions()) 
         {
             return true;
         }
         else
         {
             return this.m_unrestrictedPermSet == null || this.m_unrestrictedPermSet.IsSubsetOf( target.m_unrestrictedPermSet );
         }
     }
Example #18
0
        public PermissionSet Resolve(Evidence evidence, PermissionSet request)
        {
#if _DEBUG
            if (debug)
            {
                DEBUG_OUT("PolicyManager::Resolve");
                IEnumerator evidenceEnumerator = evidence.GetEnumerator();
                DEBUG_OUT("Evidence:");
                while (evidenceEnumerator.MoveNext())
                {
                    Object obj = evidenceEnumerator.Current;
                    if (obj is Site)
                    {
                        DEBUG_OUT(((Site)obj).ToXml().ToString());
                    }
                    else if (obj is Zone)
                    {
                        DEBUG_OUT(((Zone)obj).ToXml().ToString());
                    }
                    else if (obj is Url)
                    {
                        DEBUG_OUT(((Url)obj).ToXml().ToString());
                    }
                    else if (obj is StrongName)
                    {
                        DEBUG_OUT(((StrongName)obj).ToXml().ToString());
                    }
                    else if (obj is PermissionRequestEvidence)
                    {
                        DEBUG_OUT(((PermissionRequestEvidence)obj).ToXml().ToString());
                    }
                }
            }
#endif

            // We set grant to null to represent "AllPossible"

            PermissionSet   grant = null;
            PolicyStatement policy;
            PolicyLevel     currentLevel = null;

            IEnumerator levelEnumerator = m_levels.GetEnumerator();

            char[] serializedEvidence = MakeEvidenceArray(evidence, false);
            int    count = evidence.Count;

            bool testApplicationLevels = false;

            while (levelEnumerator.MoveNext())
            {
                currentLevel = (PolicyLevel)levelEnumerator.Current;
                policy       = currentLevel.Resolve(evidence, count, serializedEvidence);

                // If the grant is "AllPossible", the intersection is just the other permission set.
                // Otherwise, do an inplace intersection (since we know we can alter the grant set since
                // it is a copy of the first policy statement's permission set).

                if (grant == null)
                {
                    grant = policy.PermissionSet;
                }
                else
                {
                    // An exception somewhere in here means that a permission
                    // failed some operation.  This simply means that it will be
                    // dropped from the grant set which is safe operation that
                    // can be ignored.

                    try
                    {
                        grant.InplaceIntersect(policy.GetPermissionSetNoCopy());
                    }
                    catch (Exception)
                    {
                    }
                }

    #if _DEBUG
                if (debug)
                {
                    DEBUG_OUT("Level = " + currentLevel.Label);
                    DEBUG_OUT("policy =\n" + policy.ToXml().ToString());
                    DEBUG_OUT("grant so far =\n" + grant.ToXml().ToString());
                }
    #endif

                if (grant.IsEmpty())
                {
                    break;
                }
                else if ((policy.Attributes & PolicyStatementAttribute.LevelFinal) == PolicyStatementAttribute.LevelFinal)
                {
                    if (!currentLevel.Label.Equals("AppDomain"))
                    {
                        testApplicationLevels = true;
                    }

                    break;
                }
            }

            if (testApplicationLevels)
            {
                PolicyLevel appDomainLevel = null;

                for (int i = m_levels.Count - 1; i >= 0; --i)
                {
                    currentLevel = (PolicyLevel)m_levels[i];

                    if (currentLevel.Label.Equals("AppDomain"))
                    {
                        appDomainLevel = currentLevel;
                        break;
                    }
                }

                if (appDomainLevel != null)
                {
                    policy = appDomainLevel.Resolve(evidence, count, serializedEvidence);

                    grant.InplaceIntersect(policy.GetPermissionSetNoCopy());
                }
            }


    #if _DEBUG
            if (debug)
            {
                DEBUG_OUT("granted =\n" + grant.ToString());
                DEBUG_OUT("request =\n" + (request != null ? request.ToString() : "<null>"));
                DEBUG_OUT("awarded =\n" + (request != null ? grant.Intersect(request).ToString() : grant.ToString()));
            }
    #endif

            try
            {
                if (request != null)
                {
                    grant.InplaceIntersect(request);
                }
            }
            catch (Exception)
            {
            }

    #if _DEBUG
            if (debug)
            {
                DEBUG_OUT("granted after intersect w/ request =\n" + grant.ToString());
            }
    #endif

            // Each piece of evidence can possibly create an identity permission that we
            // need to add to our grant set.  Therefore, for all pieces of evidence that
            // implement the IIdentityPermissionFactory interface, ask it for its
            // adjoining identity permission and add it to the grant.

            IEnumerator enumerator = evidence.GetHostEnumerator();
            while (enumerator.MoveNext())
            {
                try
                {
                    Object obj = enumerator.Current;
                    IIdentityPermissionFactory factory = obj as IIdentityPermissionFactory;
                    if (factory != null)
                    {
                        IPermission perm = factory.CreateIdentityPermission(evidence);

                        if (perm != null)
                        {
                            grant.AddPermission(perm);
                        }
                    }
                }
                catch (Exception)
                {
                }
            }

    #if _DEBUG
            if (debug)
            {
                DEBUG_OUT("awarded with identity =\n" + grant.ToString());
            }
    #endif
            return(grant);
        }
 internal static XmlDocument PermissionSetToXml(PermissionSet ps)
 {
     XmlDocument document = new XmlDocument();
     string xml = (ps != null) ? ps.ToString() : "<PermissionSet/>";
     document.LoadXml(xml);
     XmlDocument document2 = new XmlDocument();
     XmlElement newChild = XmlUtil.CloneElementToDocument(document.DocumentElement, document2, "urn:schemas-microsoft-com:asm.v2");
     document2.AppendChild(newChild);
     return document2;
 }
 public static string[] PermissionSetToIdentityList(PermissionSet permissionSet)
 {
     string xml = (permissionSet != null) ? permissionSet.ToString() : "<PermissionSet/>";
     XmlDocument document = new XmlDocument();
     document.LoadXml(xml);
     return XmlToIdentityList(document.DocumentElement);
 }
Example #21
0
		public SecurityException (string message, AssemblyName assemblyName, PermissionSet grant, 
			PermissionSet refused, MethodInfo method, SecurityAction action, object demanded, 
			IPermission permThatFailed, Evidence evidence)
			: base (message)
		{
			base.HResult = unchecked ((int)0x8013150A);
			_assembly = assemblyName;
			_granted = (grant == null) ? String.Empty : grant.ToString ();
			_refused = (refused == null) ? String.Empty : refused.ToString ();
			_method = method;
			_action = action;
			_demanded = demanded;
			_firstperm = permThatFailed;
			if (_firstperm != null)
				permissionType = _firstperm.GetType ();
			_evidence = evidence;
		}
Example #22
0
        internal bool IsSubsetOfHelper(PermissionSet target, IsSubsetOfType type, out IPermission firstPermThatFailed, bool ignoreNonCas)
        {
    #if _DEBUG
            if (debug)     
                DEBUG_WRITE("IsSubsetOf\n" +
                            "Other:\n" +
                            (target == null ? "<null>" : target.ToString()) +
                            "\nMe:\n" +
                            ToString());
    #endif
    
            firstPermThatFailed = null;
            if (target == null || target.FastIsEmpty())
            {
                if(this.IsEmpty())
                    return true;
                else
                {
                    firstPermThatFailed = GetFirstPerm();
                    return false;
                }
            }
            else if (this.IsUnrestricted() && !target.IsUnrestricted())
                return false;
            else if (this.m_permSet == null)
                return true;
            else
            {
                target.CheckSet();

                for (int i = m_permSet.GetStartingIndex(); i <= this.m_permSet.GetMaxUsedIndex(); ++i)
                {
                    IPermission thisPerm = this.GetPermission(i);
                    if (thisPerm == null || thisPerm.IsSubsetOf(null))
                        continue;

                    IPermission targetPerm = target.GetPermission(i);
#if _DEBUG                    
                    PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                    Contract.Assert(targetPerm == null || (token.m_type & PermissionTokenType.DontKnow) == 0, "Token not properly initialized");
#endif

                    if (target.m_Unrestricted)
                        continue;

                    // targetPerm can be null here, but that is fine since it thisPerm is a subset
                    // of empty/null then we can continue in the loop.
                    CodeAccessPermission cap = thisPerm as CodeAccessPermission;
                    if(cap == null)
                    {
                        if (!ignoreNonCas && !thisPerm.IsSubsetOf( targetPerm ))
                        {
                            firstPermThatFailed = thisPerm;
                            return false;
                        }
                    }
                    else
                    {
                        firstPermThatFailed = thisPerm;
                        switch(type)
                        {
                        case IsSubsetOfType.Normal:
                            if (!thisPerm.IsSubsetOf( targetPerm ))
                                return false;
                            break;
                        case IsSubsetOfType.CheckDemand:
                            if (!cap.CheckDemand( (CodeAccessPermission)targetPerm ))
                                return false;
                            break;
                        case IsSubsetOfType.CheckPermitOnly:
                            if (!cap.CheckPermitOnly( (CodeAccessPermission)targetPerm ))
                                return false;
                            break;
                        case IsSubsetOfType.CheckAssertion:
                            if (!cap.CheckAssert( (CodeAccessPermission)targetPerm ))
                                return false;
                            break;
                        }
                        firstPermThatFailed = null;
                    }
                }
            }

            return true;
        }
		public void ConvertPermissionSet_XmlToXml ()
		{
			PermissionSet ps = new PermissionSet (PermissionState.None);
			byte[] data = Encoding.ASCII.GetBytes (ps.ToString ());
			byte[] result = PermissionSet.ConvertPermissionSet ("XML", data, "XML");
			Assert.AreEqual (Encoding.ASCII.GetString (result), ps.ToString (), "PS-XML");

			result = PermissionSet.ConvertPermissionSet ("XMLASCII", data, "XMLASCII");
			Assert.AreEqual (Encoding.ASCII.GetString (result), ps.ToString (), "PS-XMLASCII");
		}
Example #24
0
        internal static XmlDocument PermissionSetToXml(PermissionSet ps)
        {
            XmlDocument inputDocument = new XmlDocument();
            string xml = (ps != null) ? ps.ToString() : "<PermissionSet/>";

            // CA3057: DoNotUseLoadXml.  Suppressed since 'xml' is a trusted or a constant string.
            inputDocument.LoadXml(xml);
            XmlDocument outputDocument = new XmlDocument();
            XmlElement psElement = XmlUtil.CloneElementToDocument(inputDocument.DocumentElement, outputDocument, XmlNamespaces.asmv2);
            outputDocument.AppendChild(psElement);
            return outputDocument;
        }
		public void ToXmlUnrestricted () 
		{
			PermissionSet ps = new PermissionSet (PermissionState.Unrestricted);
			SecurityElement se = ps.ToXml ();
			Assert ("Unrestricted.ToString().StartsWith", ps.ToString().StartsWith ("<PermissionSet"));
			AssertEquals ("Unrestricted.class", "System.Security.PermissionSet", (se.Attributes ["class"] as string));
			AssertEquals ("Unrestricted.version", "1", (se.Attributes ["version"] as string));
			AssertEquals ("Unrestricted.Unrestricted", "true", (se.Attributes ["Unrestricted"] as string));
		}
		public void ToXmlUnrestricted () 
		{
			PermissionSet ps = new PermissionSet (PermissionState.Unrestricted);
			SecurityElement se = ps.ToXml ();
			Assert.IsTrue (ps.ToString().StartsWith ("<PermissionSet"), "Unrestricted.ToString().StartsWith");
			Assert.AreEqual ("System.Security.PermissionSet", (se.Attributes ["class"] as string), "Unrestricted.class");
			Assert.AreEqual ("1", (se.Attributes ["version"] as string), "Unrestricted.version");
			Assert.AreEqual ("true", (se.Attributes ["Unrestricted"] as string), "Unrestricted.Unrestricted");
		}
		public void Copy_References ()
		{
			PermissionSet none = new PermissionSet (PermissionState.None);
			PermissionSetCollection psc = new PermissionSetCollection ();
			psc.Add (none);
			PermissionSetCollection copy = psc.Copy ();
			Assert.AreEqual (1, copy.PermissionSets.Count, "Count-1");

			string before = psc.ToString ();
			none.AddPermission (new SecurityPermission (SecurityPermissionFlag.Assertion));

			Assert.AreEqual (none.ToString (), psc.PermissionSets[0].ToString (), "psc");
			Assert.AreEqual (before, copy.ToString (), "copy");
		}
		public void ConvertPermissionSet_XmlToBinary ()
		{
			PermissionSet ps = new PermissionSet (PermissionState.None);
			byte[] data = Encoding.ASCII.GetBytes (ps.ToString ());
			byte[] result = PermissionSet.ConvertPermissionSet ("XML", data, "BINARY");
			byte[] result2 = PermissionSet.ConvertPermissionSet ("XMLASCII", data, "BINARY");
			Assert.AreEqual (BitConverter.ToString (result), BitConverter.ToString (result2), "XML==XMLASCII");
			byte[] back = PermissionSet.ConvertPermissionSet ("BINARY", result, "XML");
			Assert.AreEqual (Encoding.ASCII.GetString (back), ps.ToString (), "PS-XML");
			back = PermissionSet.ConvertPermissionSet ("BINARY", result2, "XMLASCII");
			Assert.AreEqual (Encoding.ASCII.GetString (back), ps.ToString (), "PS-XMLASCII");
		}
Example #29
0
        /// <include file='doc\SecurityManager.uex' path='docs/doc[@for="SecurityManager.ResolvePolicy"]/*' />
        static public PermissionSet ResolvePolicy(Evidence evidence,
                           PermissionSet reqdPset,
                           PermissionSet optPset,
                           PermissionSet denyPset,
                           out PermissionSet denied)
        {
            PermissionSet requested;
            PermissionSet optional;
            PermissionSet allowed;

            Exception savedException = null;

            // We don't want to recurse back into here as a result of a
            // stackwalk during resolution. So simply assert full trust (this
            // implies that custom permissions cannot use any permissions that
            // don't implement IUnrestrictedPermission.
            // PermissionSet.s_fullTrust.Assert();

            // The requested set is the union of the minimal request and the
            // optional request. Minimal request defaults to empty, optional
            // is "AllPossible" (includes any permission that can be defined)
            // which is symbolized by null.
            optional = optPset;
                        
            if (reqdPset == null)
            {
                requested = optional;
            }
            else
            {
                // If optional is null, the requested set becomes null/"AllPossible".
                requested = optional == null ? null : reqdPset.Union(optional);
            }
    
            // Make sure that the right to execute is requested (if this feature is
            // enabled).
            
            if (requested != null && !requested.IsUnrestricted() && CheckExecution())
            {
                requested.AddPermission( executionSecurityPermission );
            }
            
            if (InitPolicy())
            {
                // If we aren't passed any evidence, just make an empty object
                // If we are passed evidence, copy it before passing it
                // to the policy manager.
                // Note: this is not a deep copy, the pieces of evidence within the
                // Evidence object can still be altered and affect the originals.
            
                if (evidence == null)
                    evidence = new Evidence();
                else
                    evidence = evidence.ShallowCopy();
                    
                evidence.AddHost(new PermissionRequestEvidence(reqdPset, optPset, denyPset));
                
                // We need to make sure that no stray exceptions come out of Resolve so
                // we wrap it in a try block.

                try
                {
                    allowed = polmgr.Resolve(evidence,requested);
                }
                catch (Exception e)
                {
#if _DEBUG
                    if (debug)
                    {
                        DEBUG_OUT( "Exception during resolve" );
                        DEBUG_OUT( e.GetType().FullName );
                        DEBUG_OUT( e.Message );
                        DEBUG_OUT( e.StackTrace );
                    }
#endif

                    // If we get a policy exception, we are done are we are going to fail to
                    // load no matter what.

                    if (e is PolicyException)
                        throw e;

                    // If we get any other kid of exception, we set the allowed set to the
                    // empty set and continue processing as normal.  This allows assemblies
                    // that make no request to be loaded but blocks any assembly that
                    // makes a request from being loaded.                                          

                    savedException = e;
                    allowed = new PermissionSet();
                }
            }
            else
            {
                denied = null;
                return null;
            }
                

#if _DEBUG    
            if (debug)
            {
                DEBUG_OUT("ResolvePolicy:");
                IEnumerator enumerator = evidence.GetEnumerator();
                DEBUG_OUT("Evidence:");
                while (enumerator.MoveNext())
                {
                    Object obj = enumerator.Current;
                    if (obj is Site)
                    {
                        DEBUG_OUT( ((Site)obj).ToXml().ToString() );
                    }
                    else if (obj is Zone)
                    {
                        DEBUG_OUT( ((Zone)obj).ToXml().ToString() );
                    }
                    else if (obj is Url)
                    {
                        DEBUG_OUT( ((Url)obj).ToXml().ToString() );
                    }
                    else if (obj is StrongName)
                    {
                        DEBUG_OUT( ((StrongName)obj).ToXml().ToString() );
                    }
                    else if (obj is PermissionRequestEvidence)
                    {
                        DEBUG_OUT( ((PermissionRequestEvidence)obj).ToXml().ToString() );
                    }
                }
                DEBUG_OUT("Required permissions:");
                DEBUG_OUT(reqdPset != null ? reqdPset.ToString() : "<null>");
                DEBUG_OUT("Optional permissions:");
                DEBUG_OUT(optPset != null ? optPset.ToString() : "<null>");
                DEBUG_OUT("Denied permissions:");
                DEBUG_OUT(denyPset != null ? denyPset.ToString() : "<null>");
                DEBUG_OUT("Requested permissions:");
                DEBUG_OUT(requested != null ? requested.ToString() : "<null>");
                DEBUG_OUT("Granted permissions:");
                DEBUG_OUT(allowed != null ? allowed.ToString() : "<null>");
            }
#endif
        
            // Check that we were granted the right to execute.
            if (!allowed.IsUnrestricted() && CheckExecution())
            {
                SecurityPermission secPerm = (SecurityPermission)allowed.GetPermission( securityPermissionType );

                if (secPerm == null || !executionSecurityPermission.IsSubsetOf( secPerm ))
                {
#if _DEBUG
                    DEBUG_OUT( "No execute permission" );
#endif                            
                    throw new PolicyException(Environment.GetResourceString( "Policy_NoExecutionPermission" ),
                                              System.__HResults.CORSEC_E_NO_EXEC_PERM,
                                              savedException );
                }
            }

            // Check that we were granted at least the minimal set we asked for. Do
            // this before pruning away any overlap with the refused set so that
            // users have the flexability of defining minimal permissions that are
            // only expressable as set differences (e.g. allow access to "C:\" but
            // disallow "C:\Windows").
            if (reqdPset != null && !reqdPset.IsSubsetOf(allowed))
            {
#if _DEBUG
                DEBUG_OUT( "Didn't get required permissions" );
#endif           
                throw new PolicyException(Environment.GetResourceString( "Policy_NoRequiredPermission" ),
                                          System.__HResults.CORSEC_E_MIN_GRANT_FAIL,
                                          savedException );
            }
    
            // Remove any granted permissions that are safe subsets of some denied
            // permission. The remaining denied permissions (if any) are returned
            // along with the modified grant set for use in checks.
            if (denyPset != null)
            {
                denied = denyPset.Copy();
                allowed.MergeDeniedSet(denied);
                if (denied.IsEmpty())
                    denied = null;
            }
            else
                denied = null;
    
    
#if _DEBUG
            if (debug)
            {
                DEBUG_OUT("Final denied permissions:");
                DEBUG_OUT(denied != null ? denied.ToString() : "<null>");
            }
#endif
    
            return allowed;
        }
		public void ConvertPermissionSet_XmlAsciiToXmlUnicode ()
		{
			PermissionSet ps = new PermissionSet (PermissionState.Unrestricted);
			byte[] data = Encoding.Unicode.GetBytes (ps.ToString ());
			byte[] result = PermissionSet.ConvertPermissionSet ("XMLASCII", data, "XMLUNICODE");
			// the method isn't intended to convert between ASCII and Unicode
		}
Example #31
0
        public PermissionSet Resolve(Evidence evidence, PermissionSet request)
        {
#if _DEBUG    
            if (debug)
            {
                DEBUG_OUT("PolicyManager::Resolve");
                IEnumerator evidenceEnumerator = evidence.GetEnumerator();
                DEBUG_OUT("Evidence:");
                while (evidenceEnumerator.MoveNext())
                {
                    Object obj = evidenceEnumerator.Current;
                    if (obj is Site)
                    {
                        DEBUG_OUT( ((Site)obj).ToXml().ToString() );
                    }
                    else if (obj is Zone)
                    {
                        DEBUG_OUT( ((Zone)obj).ToXml().ToString() );
                    }
                    else if (obj is Url)
                    {
                        DEBUG_OUT( ((Url)obj).ToXml().ToString() );
                    }
                    else if (obj is StrongName)
                    {
                        DEBUG_OUT( ((StrongName)obj).ToXml().ToString() );
                    }
                    else if (obj is PermissionRequestEvidence)
                    {
                        DEBUG_OUT( ((PermissionRequestEvidence)obj).ToXml().ToString() );
                    }
                }
            }
#endif

            // We set grant to null to represent "AllPossible"

            PermissionSet grant = null;
            PolicyStatement policy;
            PolicyLevel currentLevel = null;

            IEnumerator levelEnumerator = m_levels.GetEnumerator();
            
            char[] serializedEvidence = MakeEvidenceArray( evidence, false );
            int count = evidence.Count;

            bool testApplicationLevels = false;
            
            while (levelEnumerator.MoveNext())
            {
                currentLevel = (PolicyLevel)levelEnumerator.Current;
                policy = currentLevel.Resolve( evidence, count, serializedEvidence );

                // If the grant is "AllPossible", the intersection is just the other permission set.
                // Otherwise, do an inplace intersection (since we know we can alter the grant set since
                // it is a copy of the first policy statement's permission set).
                
                if (grant == null)
                {
                    grant = policy.PermissionSet;
                }
                else
                {
                    // An exception somewhere in here means that a permission
                    // failed some operation.  This simply means that it will be
                    // dropped from the grant set which is safe operation that
                    // can be ignored.
                
                    try
                    {
                        grant.InplaceIntersect( policy.GetPermissionSetNoCopy() );
                    }
                    catch (Exception)
                    {
                    }
                }
                    
    #if _DEBUG        
                if (debug)
                {
                    DEBUG_OUT( "Level = " + currentLevel.Label );
                    DEBUG_OUT( "policy =\n" + policy.ToXml().ToString() );
                    DEBUG_OUT( "grant so far =\n" + grant.ToXml().ToString() );
                }
    #endif

                if (grant.IsEmpty())
                {
                    break;
                }
                else if ((policy.Attributes & PolicyStatementAttribute.LevelFinal) == PolicyStatementAttribute.LevelFinal)
                {
                    if (!currentLevel.Label.Equals( "AppDomain" ))
                    {
                        testApplicationLevels = true;
                    }

                    break;
                }
            }

            if (testApplicationLevels)
            {
                PolicyLevel appDomainLevel = null;

                for (int i = m_levels.Count - 1; i >= 0; --i)
                {
                    currentLevel = (PolicyLevel)m_levels[i];

                    if (currentLevel.Label.Equals( "AppDomain" ))
                    {
                        appDomainLevel = currentLevel;
                        break;
                    }
                }

                if (appDomainLevel != null)
                {
                    policy = appDomainLevel.Resolve( evidence, count, serializedEvidence );

                    grant.InplaceIntersect( policy.GetPermissionSetNoCopy() );
                }
            }
           
           
    #if _DEBUG        
            if (debug)
            {
                DEBUG_OUT( "granted =\n" + grant.ToString() );
                DEBUG_OUT( "request =\n" + (request != null ? request.ToString() : "<null>") );
                DEBUG_OUT( "awarded =\n" + (request != null ? grant.Intersect( request ).ToString() : grant.ToString()) );
            } 
    #endif
           
            try
            {
                if(request != null)
                    grant.InplaceIntersect( request );
            }
            catch (Exception)
            {
            }
    
    #if _DEBUG
            if (debug) {
                DEBUG_OUT("granted after intersect w/ request =\n" + grant.ToString());
            }
    #endif
    
            // Each piece of evidence can possibly create an identity permission that we
            // need to add to our grant set.  Therefore, for all pieces of evidence that
            // implement the IIdentityPermissionFactory interface, ask it for its
            // adjoining identity permission and add it to the grant.
    
            IEnumerator enumerator = evidence.GetHostEnumerator();
            while (enumerator.MoveNext())
            {
                try
                {
                    Object obj = enumerator.Current;
                    IIdentityPermissionFactory factory = obj as IIdentityPermissionFactory;
                    if (factory != null)
                    {
                        IPermission perm = factory.CreateIdentityPermission( evidence );
                        
                        if (perm != null)
                        {
                            grant.AddPermission( perm );
                        }
                    }
                }
                catch (Exception)
                {
                }
            }
            
    #if _DEBUG
            if (debug)
            {
                DEBUG_OUT( "awarded with identity =\n" + grant.ToString() );
            }
    #endif
            return grant;
        }
		public void PermissionSetPermissionSet () 
		{
			FileDialogPermission fdp = new FileDialogPermission (FileDialogPermissionAccess.Open);
			PermissionSet ps1 = new PermissionSet (PermissionState.None);
			ps1.AddPermission (fdp);
			Assert.IsTrue (!ps1.IsEmpty (), "ps1.IsEmpty");

			PermissionSet ps = new PermissionSet (ps1);
			Assert.IsTrue (!ps.IsUnrestricted (), "PermissionSetPermissionSet.IsUnrestricted");
			Assert.IsTrue (!ps.IsEmpty (), "PermissionSetPermissionSet.IsEmpty");
			Assert.IsTrue (!ps.IsReadOnly, "PermissionSetPermissionSet.IsReadOnly");
			Assert.AreEqual (ps.ToXml ().ToString (), ps.ToString (), "PermissionSetPermissionSet.ToXml().ToString()==ToString()");
			Assert.IsTrue (!ps.ContainsNonCodeAccessPermissions (), "ContainsNonCodeAccessPermissions");
		}
Example #33
0
        // FIXME little documentation in Fx 2.0 beta 1
        public static byte[] ConvertPermissionSet(string inFormat, byte[] inData, string outFormat)
        {
            if (inFormat == null)
            {
                throw new ArgumentNullException("inFormat");
            }
            if (outFormat == null)
            {
                throw new ArgumentNullException("outFormat");
            }
            if (inData == null)
            {
                return(null);
            }

            if (inFormat == outFormat)
            {
                return(inData);
            }

            PermissionSet ps = null;

            if (inFormat == "BINARY")
            {
                if (outFormat.StartsWith("XML"))
                {
                    using (MemoryStream ms = new MemoryStream(inData)) {
                        BinaryFormatter formatter = new BinaryFormatter();
                        ps = (PermissionSet)formatter.Deserialize(ms);
                        ms.Close();
                    }
                    string xml = ps.ToString();
                    switch (outFormat)
                    {
                    case "XML":
                    case "XMLASCII":
                        return(Encoding.ASCII.GetBytes(xml));

                    case "XMLUNICODE":
                        return(Encoding.Unicode.GetBytes(xml));
                    }
                }
            }
            else if (inFormat.StartsWith("XML"))
            {
                if (outFormat == "BINARY")
                {
                    string xml = null;
                    switch (inFormat)
                    {
                    case "XML":
                    case "XMLASCII":
                        xml = Encoding.ASCII.GetString(inData);
                        break;

                    case "XMLUNICODE":
                        xml = Encoding.Unicode.GetString(inData);
                        break;
                    }
                    if (xml != null)
                    {
                        ps = new PermissionSet(PermissionState.None);
                        ps.FromXml(SecurityElement.FromString(xml));

                        MemoryStream    ms        = new MemoryStream();
                        BinaryFormatter formatter = new BinaryFormatter();
                        formatter.Serialize(ms, ps);
                        ms.Close();
                        return(ms.ToArray());
                    }
                }
                else if (outFormat.StartsWith("XML"))
                {
                    string msg = String.Format(Locale.GetText("Can't convert from {0} to {1}"), inFormat, outFormat);
#if NET_2_0
                    throw new XmlSyntaxException(msg);
#else
                    throw new ArgumentException(msg);
#endif
                }
            }
            else
            {
                // unknown inFormat, returns null
                return(null);
            }
            // unknown outFormat, throw
            throw new SerializationException(String.Format(Locale.GetText("Unknown output format {0}."), outFormat));
        }