internal static Evidence MergeApplicationEvidence(Evidence evidence,
ApplicationIdentity applicationIdentity,
ActivationContext activationContext,
string[] activationData,
ApplicationTrust applicationTrust)
{
Evidence appEvidence = new Evidence();
ActivationArguments activationArgs = (activationContext == null ? new ActivationArguments(applicationIdentity, activationData) : new ActivationArguments(activationContext, activationData));
appEvidence = new Evidence();
appEvidence.AddHostEvidence(activationArgs);
if (applicationTrust != null)
{
appEvidence.AddHostEvidence(applicationTrust);
}
if (activationContext != null)
{
Evidence asiEvidence = new ApplicationSecurityInfo(activationContext).ApplicationEvidence;
if (asiEvidence != null)
{
appEvidence.MergeWithNoDuplicates(asiEvidence);
}
}
if (evidence != null)
{
appEvidence.MergeWithNoDuplicates(evidence);
}
return(appEvidence);
}
internal static Evidence MergeApplicationEvidence(Evidence evidence, ApplicationIdentity applicationIdentity, ActivationContext activationContext, string[] activationData, ApplicationTrust applicationTrust)
{
Evidence evidence2 = new Evidence();
ActivationArguments id = (activationContext == null) ? new ActivationArguments(applicationIdentity, activationData) : new ActivationArguments(activationContext, activationData);
evidence2 = new Evidence();
evidence2.AddHost(id);
if (applicationTrust != null)
{
evidence2.AddHost(applicationTrust);
}
if (activationContext != null)
{
Evidence applicationEvidence = new ApplicationSecurityInfo(activationContext).ApplicationEvidence;
if (applicationEvidence != null)
{
evidence2.MergeWithNoDuplicates(applicationEvidence);
}
}
if (evidence != null)
{
evidence2.MergeWithNoDuplicates(evidence);
}
return(evidence2);
}
protected void InitStore(IsolatedStorageScope scope, Type appEvidenceType)
{
PermissionSet psAllowed = (PermissionSet)null;
PermissionSet psDenied = (PermissionSet)null;
System.IO.IsolatedStorage.IsolatedStorage.GetCaller();
System.IO.IsolatedStorage.IsolatedStorage.GetControlEvidencePermission().Assert();
if (System.IO.IsolatedStorage.IsolatedStorage.IsApp(scope))
{
AppDomain domain = Thread.GetDomain();
if (!System.IO.IsolatedStorage.IsolatedStorage.IsRoaming(scope))
{
psAllowed = domain.PermissionSet;
if (psAllowed == null)
{
throw new IsolatedStorageException(Environment.GetResourceString("IsolatedStorage_DomainGrantSet"));
}
}
ActivationContext activationContext = AppDomain.CurrentDomain.ActivationContext;
if (activationContext == null)
{
throw new IsolatedStorageException(Environment.GetResourceString("IsolatedStorage_ApplicationMissingIdentity"));
}
ApplicationSecurityInfo applicationSecurityInfo = new ApplicationSecurityInfo(activationContext);
this._InitStore(scope, (Evidence)null, (Type)null, (Evidence)null, (Type)null, applicationSecurityInfo.ApplicationEvidence, appEvidenceType);
}
this.SetQuota(psAllowed, psDenied);
}
public static void Main(string[] args)
{
Console.WriteLine("Full name = " +
AppDomain.CurrentDomain.ActivationContext.Identity.FullName);
Console.WriteLine("Code base = " +
AppDomain.CurrentDomain.ActivationContext.Identity.CodeBase);
ApplicationSecurityInfo asi = new ApplicationSecurityInfo(AppDomain.CurrentDomain.ActivationContext);
Console.WriteLine("ApplicationId.Name property = " + asi.ApplicationId.Name);
if (asi.ApplicationId.Culture != null)
{
Console.WriteLine("ApplicationId.Culture property = " + asi.ApplicationId.Culture.ToString());
}
Console.WriteLine("ApplicationId.ProcessorArchitecture property = " + asi.ApplicationId.ProcessorArchitecture);
Console.WriteLine("ApplicationId.Version property = " + asi.ApplicationId.Version);
// To display the value of the public key, enumerate the Byte array for the property.
Console.Write("ApplicationId.PublicKeyToken property = ");
byte[] pk = asi.ApplicationId.PublicKeyToken;
for (int i = 0; i < pk.GetLength(0); i++)
{
Console.Write("{0:x}", pk[i]);
}
Console.Read();
}
public static System.Security.Policy.ApplicationTrust PersistTrustWithoutEvaluation(ActivationContext actCtx)
{
ApplicationSecurityInfo applicationSecurityInfo = new ApplicationSecurityInfo(actCtx);
System.Security.Policy.ApplicationTrust trust = new System.Security.Policy.ApplicationTrust(actCtx.Identity);
trust.IsApplicationTrustedToRun = true;
trust.DefaultGrantSet = new PolicyStatement(applicationSecurityInfo.DefaultRequestSet, PolicyStatementAttribute.Nothing);
trust.Persist = true;
trust.ApplicationIdentity = actCtx.Identity;
ApplicationSecurityManager.UserApplicationTrusts.Add(trust);
return(trust);
}
private static string GetPublicKeyToken()
{
var asi = new ApplicationSecurityInfo(AppDomain.CurrentDomain.ActivationContext);
var pk = asi.ApplicationId.PublicKeyToken;
var pkt = new StringBuilder();
for (var i = 0; i < pk.GetLength(0); i++)
{
pkt.Append($"{pk[i]:x}");
}
return(pkt.ToString());
}
public static string GetPublicKeyTokenFromAppDomain()
{
var pkt = new StringBuilder();
var asi = new ApplicationSecurityInfo(AppDomain.CurrentDomain.ActivationContext);
byte[] pk = asi.ApplicationId.PublicKeyToken;
for (int i = 0; i < pk.GetLength(0); i++)
{
pkt.AppendFormat("{0:x}", pk[i]);
}
return(pkt.ToString());
}
private bool DetermineTrustCore(bool blocking, TrustParams tp)
{
try
{
Logger.AddMethodCall(this._log, "DeploymentManager.DetermineTrustCore() called.");
SubscriptionState subscriptionState = this._subStore.GetSubscriptionState(this._actDesc.DeployManifest);
TrustManagerContext tmc = new TrustManagerContext {
IgnorePersistedDecision = false,
NoPrompt = false,
Persist = true
};
if (tp != null)
{
tmc.NoPrompt = tp.NoPrompt;
}
if (!blocking && this._cancellationPending)
{
return(true);
}
if (subscriptionState.IsInstalled && !string.Equals(subscriptionState.EffectiveCertificatePublicKeyToken, this._actDesc.EffectiveCertificatePublicKeyToken, StringComparison.Ordinal))
{
Logger.AddInternalState(this._log, "Application family is installed but effective certificate public key token has changed between versions: subState.EffectiveCertificatePublicKeyToken=" + subscriptionState.EffectiveCertificatePublicKeyToken + ",_actDesc.EffectiveCertificatePublicKeyToken=" + this._actDesc.EffectiveCertificatePublicKeyToken);
Logger.AddInternalState(this._log, "Removing cached trust for the CurrentBind.");
System.Deployment.Application.ApplicationTrust.RemoveCachedTrust(subscriptionState.CurrentBind);
}
bool isUpdate = false;
if (this._actDesc.IsUpdate)
{
isUpdate = true;
}
if (this._actDesc.IsUpdateInPKTGroup)
{
isUpdate = false;
ApplicationSecurityInfo info = new ApplicationSecurityInfo(this._actCtx);
this._actDesc.IsFullTrustRequested = info.DefaultRequestSet.IsUnrestricted();
}
this._actDesc.Trust = System.Deployment.Application.ApplicationTrust.RequestTrust(subscriptionState, this._actDesc.DeployManifest.Deployment.Install, isUpdate, this._actCtx, tmc);
}
catch (Exception exception)
{
this.LogError(Resources.GetString("Ex_DetermineTrustFailed"), exception);
Logger.AddInternalState(this._log, "Exception thrown in DetermineTrustCore(): " + exception.GetType().ToString() + " : " + exception.Message + "\r\n" + exception.StackTrace);
throw;
}
return(false);
}
public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
{
if (applicationEvidence == null)
{
throw new ArgumentNullException("applicationEvidence");
}
// Get the activation context from the application evidence.
// This HostSecurityManager does not examine the activator evidence
// nor is it concerned with the TrustManagerContext;
// it simply grants the requested grant in the application manifest.
IEnumerator enumerator = applicationEvidence.GetHostEnumerator();
ActivationArguments activationArgs = null;
while (enumerator.MoveNext())
{
activationArgs = enumerator.Current as ActivationArguments;
if (activationArgs != null)
{
break;
}
}
if (activationArgs == null)
{
return(null);
}
ActivationContext activationContext = activationArgs.ActivationContext;
if (activationContext == null)
{
return(null);
}
//<Snippet4>
ApplicationTrust trust = new ApplicationTrust(activationContext.Identity);
ApplicationSecurityInfo asi = new ApplicationSecurityInfo(activationContext);
trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
trust.IsApplicationTrustedToRun = true;
//</Snippet4>
return(trust);
}
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
{
if (applicationEvidence == null)
{
throw new ArgumentNullException("applicationEvidence");
}
ActivationArguments hostEvidence = applicationEvidence.GetHostEvidence <ActivationArguments>();
if (hostEvidence == null)
{
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
}
ActivationContext activationContext = hostEvidence.ActivationContext;
if (activationContext == null)
{
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
}
ApplicationTrust applicationTrust = applicationEvidence.GetHostEvidence <ApplicationTrust>();
if ((applicationTrust != null) && !CmsUtils.CompareIdentities(applicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
applicationTrust = null;
}
if (applicationTrust == null)
{
if ((AppDomain.CurrentDomain.ApplicationTrust != null) && CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
applicationTrust = AppDomain.CurrentDomain.ApplicationTrust;
}
else
{
applicationTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(activationContext, context);
}
}
ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext);
if (((applicationTrust != null) && applicationTrust.IsApplicationTrustedToRun) && !info.DefaultRequestSet.IsSubsetOf(applicationTrust.DefaultGrantSet.PermissionSet))
{
throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest"));
}
return(applicationTrust);
}
public ApplicationTrust DetermineApplicationTrust(ActivationContext appContext, TrustManagerContext context)
{
ApplicationTrust trust = new ApplicationTrust(appContext.Identity);
trust.IsApplicationTrustedToRun = false;
ApplicationSecurityInfo asi = new ApplicationSecurityInfo(appContext);
trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
if (context.UIContext == TrustManagerUIContext.Run)
{
string message = "Do you want to run " + asi.ApplicationId.Name + " ?";
string caption = "MyTrustManager";
MessageBoxButtons buttons = MessageBoxButtons.YesNo;
DialogResult result;
// Displays the MessageBox.
result = MessageBox.Show(message, caption, buttons);
if (result == DialogResult.Yes)
{
trust.IsApplicationTrustedToRun = true;
if (context != null)
{
trust.Persist = context.Persist;
}
else
{
trust.Persist = false;
}
}
}
return(trust);
}
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
{
if (applicationEvidence == null)
{
throw new ArgumentNullException("applicationEvidence");
}
Contract.EndContractBlock();
// This method looks for a trust decision for the ActivationContext in three locations, in order
// of preference:
//
// 1. Supplied by the host in the AppDomainSetup. If the host supplied a decision this way, it
// will be in the applicationEvidence.
// 2. Reuse the ApplicationTrust from the current AppDomain
// 3. Ask the TrustManager for a trust decision
// get the activation context from the application evidence.
// The default HostSecurityManager does not examine the activatorEvidence
// but other security managers could use it to figure out the
// evidence of the domain attempting to activate the application.
ActivationArguments activationArgs = applicationEvidence.GetHostEvidence <ActivationArguments>();
if (activationArgs == null)
{
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
}
ActivationContext actCtx = activationArgs.ActivationContext;
if (actCtx == null)
{
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
}
// Make sure that any ApplicationTrust we find applies to the ActivationContext we're
// creating the new AppDomain for.
ApplicationTrust appTrust = applicationEvidence.GetHostEvidence <ApplicationTrust>();
if (appTrust != null &&
!CmsUtils.CompareIdentities(appTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
appTrust = null;
}
// If there was not a trust decision supplied in the Evidence, we can reuse the existing trust
// decision from this domain if its identity matches the ActivationContext of the new domain.
// Otherwise consult the TrustManager for a trust decision
if (appTrust == null)
{
if (AppDomain.CurrentDomain.ApplicationTrust != null &&
CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
appTrust = AppDomain.CurrentDomain.ApplicationTrust;
}
else
{
appTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(actCtx, context);
}
}
// If the trust decision allows the application to run, then it should also have a permission set
// which is at least the permission set the application requested.
ApplicationSecurityInfo appRequest = new ApplicationSecurityInfo(actCtx);
if (appTrust != null &&
appTrust.IsApplicationTrustedToRun &&
!appRequest.DefaultRequestSet.IsSubsetOf(appTrust.DefaultGrantSet.PermissionSet))
{
throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest"));
}
return(appTrust);
}
public ApplicationId GetDeploymentInfo()
{
var appSecurityInfo = new ApplicationSecurityInfo(AppDomain.CurrentDomain.ActivationContext);
return(appSecurityInfo.DeploymentId);
}
