static bool TryProcessPermissionSetAttribute (SecurityDeclaration declaration, out PermissionSet set)
		{
			set = null;

			if (!declaration.HasSecurityAttributes && declaration.SecurityAttributes.Count != 1)
				return false;

			var security_attribute = declaration.SecurityAttributes [0];
			var attribute_type = security_attribute.AttributeType;
			if (attribute_type.Name != "PermissionSetAttribute" || attribute_type.Namespace != "System.Security.Permissions")
				return false;

			var attribute = new SSP.PermissionSetAttribute ((SSP.SecurityAction) declaration.Action);

			var named_argument = security_attribute.Properties [0];
			string value = (string) named_argument.Argument.Value;
			switch (named_argument.Name) {
			case "XML":
				attribute.XML = value;
				break;
			case "Name":
				attribute.Name = value;
				break;
			default:
				throw new NotImplementedException (named_argument.Name);
			}

			set = attribute.CreatePermissionSet ();
			return true;
		}
        public static void CopySecurityAttributes(SecurityDeclaration source, SecurityDeclaration target, ReferenceResolver resolver)
        {
            if (!source.HasSecurityAttributes)
                return;

            foreach (var attribute in source.SecurityAttributes)
                target.InjectSecurityAttribute(attribute, resolver);
        }
Exemple #3
0
		static PermissionSet CreatePermissionSet (SecurityDeclaration declaration)
		{
			var set = new PermissionSet (SSP.PermissionState.None);

			foreach (var attribute in declaration.SecurityAttributes) {
				var permission = CreatePermission (declaration, attribute);
				set.AddPermission (permission);
			}

			return set;
		}
		public SecurityDeclaration FromByteArray (SecurityAction action, byte [] declaration, bool resolve)
		{
			SecurityDeclaration dec = new SecurityDeclaration (action, this);
#if !CF_1_0 && !CF_2_0
			dec.PermissionSet = new PermissionSet (SSP.PermissionState.None);

			if (IsEmptyDeclaration (declaration))
				return dec;

			if (declaration[0] == 0x2e) {
				// new binary format introduced in 2.0
				int pos = 1;
				int start;
				int numattr = Utilities.ReadCompressedInteger (declaration, pos, out start);
				if (numattr == 0)
					return dec;

				BinaryReader br = new BinaryReader (new MemoryStream (declaration));
				for (int i = 0; i < numattr; i++) {
					pos = start;
					SSP.SecurityAttribute sa = CreateSecurityAttribute (action, br, declaration, pos, out start, resolve);
					if (sa == null) {
						dec.Resolved = false;
						dec.Blob = declaration;
						return dec;
					}

					try {
						IPermission p = sa.CreatePermission ();
						dec.PermissionSet.AddPermission (p);
					} catch {
						dec.Resolved = false;
						dec.Blob = declaration;
						return dec;
					}
				}

				dec.Resolved = true;
			} else {
				Parser.LoadXml (Encoding.Unicode.GetString (declaration));
				try {
					dec.PermissionSet.FromXml (Parser.ToXml ());
					dec.PermissionSet.ToXml ();
					dec.Resolved = true;
				} catch {
					dec.Resolved = false;
					dec.Blob = declaration;
				}
			}
#endif
			return dec;
		}
Exemple #5
0
		static IPermission CreatePermission (SecurityDeclaration declaration, SecurityAttribute attribute)
		{
			var attribute_type = Type.GetType (attribute.AttributeType.FullName);
			if (attribute_type == null)
				throw new ArgumentException ();

			var security_attribute = CreateSecurityAttribute (attribute_type, declaration);
			if (security_attribute == null)
				throw new InvalidOperationException ();

			CompleteSecurityAttribute (security_attribute, attribute);

			return security_attribute.CreatePermission ();
		}
		internal static SecurityDeclaration Clone (SecurityDeclaration sec)
		{
			SecurityDeclaration sd = new SecurityDeclaration (sec.Action);
			if (!sec.IsReadable) {
				sd.IsReadable = false;
				sd.Blob = sec.Blob;
				return sd;
			}

#if !CF_1_0 && !CF_2_0
            sd.PermissionSet = sec.PermissionSet.Copy ();
#endif
			return sd;
		}
		static bool TryProcessPermissionSetAttribute (SecurityDeclaration declaration, out PermissionSet set)
		{
			set = null;

			if (!declaration.HasSecurityAttributes)
				return false;

			var attributes = declaration.SecurityAttributes;
			if (attributes.Count != 1)
				return false;

			var security_attribute = attributes [0];
			var attribute_type = security_attribute.AttributeType;
			if (attribute_type.Name != "PermissionSetAttribute" || attribute_type.Namespace != "System.Security.Permissions")
				return false;

			var attribute = new SSP.PermissionSetAttribute ((SSP.SecurityAction) declaration.Action);

			foreach (var named_argument in security_attribute.Properties) {
				object value = named_argument.Argument.Value;
				switch (named_argument.Name) {
				case "Unrestricted":
					attribute.Unrestricted = (bool) value;
					break;
				case "UnicodeEncoded":
					attribute.UnicodeEncoded = (bool) value;
					break;
				case "XML":
					attribute.XML = (string) value;
					break;
				case "Name":
					attribute.Name = (string) value;
					break;
				case "File":
					attribute.File = (string) value;
					break;
				case "Hex":
					attribute.Hex = (string) value;
					break;
				default:
					throw new NotImplementedException (named_argument.Name);
				}
			}

			set = attribute.CreatePermissionSet ();
			return true;
		}
		public void Add (SecurityDeclaration value)
		{
			if (value == null)
				throw new ArgumentNullException ("value");

			// Each action can only be added once so...
			SecurityDeclaration current = (SecurityDeclaration) m_items[value.Action];
			if (current != null) {
				// ... further additions are transformed into unions
#if !CF_1_0 && !CF_2_0
                current.PermissionSet = current.PermissionSet.Union (value.PermissionSet);
#endif
			} else {
				m_items.Add (value.Action, value);
				SetHasSecurity (true);
			}
		}
        public static bool IsXmlPermissionSet(SecurityDeclaration xmlDeclaration)
        {
            if (!xmlDeclaration.HasSecurityAttributes || xmlDeclaration.SecurityAttributes.Count == 0)
                // nothing to convert
                return false;
            if (xmlDeclaration.SecurityAttributes.Count > 1)
                return false;

            SecurityAttribute sa = xmlDeclaration.SecurityAttributes[0];
            if (sa.HasFields)
                return false;
            if (!sa.HasProperties || sa.Properties.Count > 1)
                return false;
            CustomAttributeNamedArgument arg = sa.Properties[0];
            if (arg.Name != "XML" || arg.Argument.Type.FullName != "System.String")
                return false;
            return true;
        }
        public static SecurityDeclaration Permission2XmlSet(SecurityDeclaration declaration, ModuleDefinition targetModule)
        {
            if (!declaration.HasSecurityAttributes || declaration.SecurityAttributes.Count == 0)
                // nothing to convert
                return declaration;
            if (declaration.SecurityAttributes.Count > 1)
                throw new Exception("Cannot convert SecurityDeclaration with more than one attribute");

            SecurityAttribute sa = declaration.SecurityAttributes[0];
            if (sa.HasFields)
                throw new NotSupportedException("Cannot convert SecurityDeclaration with fields");

            TypeReference attrType = sa.AttributeType;
            AssemblyNameReference attrAsm = (AssemblyNameReference)attrType.Scope;
            string className = attrType.FullName + ", " + attrAsm.FullName;

            XmlDocument xmlDoc = new XmlDocument();

            XmlElement permissionSet = xmlDoc.CreateElement("PermissionSet");
            permissionSet.SetAttribute("class", "System.Security.PermissionSet");
            permissionSet.SetAttribute("version", "1");

            XmlElement iPermission = xmlDoc.CreateElement("IPermission");
            iPermission.SetAttribute("class", className);
            iPermission.SetAttribute("version", "1");
            foreach (var arg in sa.Properties)
            {
                iPermission.SetAttribute(arg.Name, arg.Argument.Value.ToString());
            }

            permissionSet.AppendChild(iPermission);
            xmlDoc.AppendChild(permissionSet);

            string xmlDocString = xmlDoc.InnerXml;

            SecurityDeclaration xmlDeclaration = new SecurityDeclaration(declaration.Action);
            SecurityAttribute attribute = new SecurityAttribute(GetTypeRef("System.Security.Permissions", "PermissionSetAttribute", "mscorlib", targetModule));

            attribute.Properties.Add(new CustomAttributeNamedArgument("XML",
                new CustomAttributeArgument(targetModule.TypeSystem.String, xmlDoc.InnerXml)));

            xmlDeclaration.SecurityAttributes.Add(attribute);
            return xmlDeclaration;
        }
Exemple #11
0
		static bool TryProcessPermissionSetAttribute (SecurityDeclaration declaration, out PermissionSet set)
		{
			set = null;

			if (!declaration.HasSecurityAttributes && declaration.SecurityAttributes.Count != 1)
				return false;

			var security_attribute = declaration.SecurityAttributes [0];
			var attribute_type = security_attribute.AttributeType;

			if (attribute_type.Name != "PermissionSetAttribute" || attribute_type.Namespace != "System.Security.Permissions")
				return false;

			var named_argument = security_attribute.Properties [0];
			if (named_argument.Name != "XML")
				throw new NotSupportedException ();

			var attribute = new SSP.PermissionSetAttribute ((SSP.SecurityAction) declaration.Action);
			attribute.XML = (string) named_argument.Argument.Value;

			set = attribute.CreatePermissionSet ();
			return true;
		}
        public virtual void VisitSecurityDeclaration(SecurityDeclaration secDecl)
        {

        }
		static SSP.SecurityAttribute CreateSecurityAttribute (Type attribute_type, SecurityDeclaration declaration)
		{
			SSP.SecurityAttribute security_attribute;
			try {
				security_attribute = (SSP.SecurityAttribute) Activator.CreateInstance (
					attribute_type, new object [] { (SSP.SecurityAction) declaration.Action });
			} catch (MissingMethodException) {
				security_attribute = (SSP.SecurityAttribute) Activator.CreateInstance (attribute_type, new object [0]);
			}

			return security_attribute;
		}
		static IPermission CreatePermission (SecurityDeclaration declaration, SecurityAttribute attribute)
		{
			TypeReference atype = attribute.AttributeType;
			string name = atype.FullName;

			// most of the permissions resides inside mscorlib.dll
			Type attribute_type = Type.GetType (name);
			if (attribute_type == null) {
				// but not all of them, so we need to try harder :-)
				TypeDefinition rtype = atype.Resolve ();
				AssemblyDefinition ad = rtype == null ? atype.Module.Assembly : rtype.Module.Assembly;
				attribute_type = Type.GetType (name + ", " + ad.FullName);
			}
			if (attribute_type == null)
				throw new ArgumentException ("attribute");

			var security_attribute = CreateSecurityAttribute (attribute_type, declaration);
			if (security_attribute == null)
				throw new InvalidOperationException ();

			CompleteSecurityAttribute (security_attribute, attribute);

			return security_attribute.CreatePermission ();
		}
        public static SecurityDeclaration Xml2PermissionSet(SecurityDeclaration xmlDeclaration, ModuleDefinition targetModule)
        {
            if (!xmlDeclaration.HasSecurityAttributes || xmlDeclaration.SecurityAttributes.Count == 0)
                // nothing to convert
                return null;
            if (xmlDeclaration.SecurityAttributes.Count > 1)
                throw new Exception("Cannot convert SecurityDeclaration with more than one attribute");

            SecurityAttribute sa = xmlDeclaration.SecurityAttributes[0];
            if (sa.HasFields)
                throw new NotSupportedException("Cannot convert SecurityDeclaration with fields");
            if (!sa.HasProperties || sa.Properties.Count > 1)
                throw new NotSupportedException("Invalid XML SecurityDeclaration (only 1 property supported)");
            CustomAttributeNamedArgument arg = sa.Properties[0];
            if (arg.Name != "XML" || arg.Argument.Type.FullName != "System.String")
                throw new ArgumentException("Property \"XML\" expected");
            if (string.IsNullOrEmpty(arg.Argument.Value as string))
                return null;
            XmlDocument xmlDoc = new XmlDocument();
            xmlDoc.LoadXml((string)arg.Argument.Value);
            XmlNode permissionSet = xmlDoc.SelectSingleNode("/PermissionSet");
            if (permissionSet == null)
                return null;
            XmlNode permissionSetClass = permissionSet.SelectSingleNode("@class"); // check version?
            if (permissionSetClass == null)
                return null;
            if (permissionSetClass.Value != "System.Security.PermissionSet")
                return null;
            XmlNode iPermission = permissionSet.SelectSingleNode("IPermission");
            if (iPermission == null)
                return null;
            XmlNode iPermissionClass = iPermission.SelectSingleNode("@class"); // check version?
            if (iPermissionClass == null)
                return null;

            // Create Namespace & Name from FullName, AssemblyName can be ignored since we look it up.
            string[] valueParts = iPermissionClass.Value.Split(',');
            Collection<string> classNamespace = new Collection<string>(valueParts[0].Split('.'));
            string assemblyName = valueParts[1].Trim();
            string className = classNamespace[classNamespace.Count - 1];
            classNamespace.RemoveAt(classNamespace.Count - 1);
            SecurityAttribute attribute = new SecurityAttribute(GetTypeRef(string.Join(".", classNamespace.ToArray()), className, assemblyName, targetModule));
            foreach (XmlAttribute xmlAttr in iPermission.Attributes)
            {
                if ((xmlAttr.Name != "class") && (xmlAttr.Name != "version"))
                {
                    attribute.Properties.Add(new CustomAttributeNamedArgument(xmlAttr.Name,
                        new CustomAttributeArgument(targetModule.TypeSystem.String, xmlAttr.Value)));
                }
            }
            SecurityDeclaration newSd = new SecurityDeclaration(xmlDeclaration.Action);
            newSd.SecurityAttributes.Add(attribute);
            return newSd;
        }
 private IEnumerable<ICustomAttribute> GetSecurityDeclaration(SecurityDeclaration securityDeclaration)
 {
     List<ICustomAttribute> attributes = new List<ICustomAttribute>();
     if (securityDeclaration.HasSecurityAttributes)
     {
         foreach (SecurityAttribute attribute in securityDeclaration.SecurityAttributes)
         {
             attributes.Add(attribute);
             securityAttributeToDeclaration.Add(attribute, securityDeclaration);
         }
     }
     return attributes;
 }
Exemple #17
0
 public virtual void VisitSecurityDeclaration(SecurityDeclaration secDecl)
 {
 }
        private void WriteSecurityDeclaration(SecurityDeclaration declaration)
        {
            WriteDot();
            WriteKeyword("permissionset");
            WriteSpace();

            string actionKeyword = GetActionKeyword(declaration.Action);
            WriteKeyword(actionKeyword);
            WriteSpace();
            Write("=");
            WriteLine();
            WriteOpenBreckets();
            WriteLine();
            Indent();

            if (declaration.HasSecurityAttributes) /// this should always be true, but just in case
            {
                List<SecurityAttribute> securityAttributes = new List<SecurityAttribute>(declaration.SecurityAttributes);
                securityAttributes.Sort((x, y) => x.CompareToSecurityAttribute(y, declaration, declaration));

                foreach (SecurityAttribute attr in securityAttributes)
                {
                    WriteSingleSecurityAttributes(attr);
                    WriteLine();
                }

            }
            Outdent();
            WriteEndBreckets();
        }
Exemple #19
0
		protected virtual void MarkSecurityDeclaration (SecurityDeclaration sd)
		{
			if (!sd.HasSecurityAttributes)
				return;
			
			foreach (var sa in sd.SecurityAttributes)
				MarkSecurityAttribute (sa);
		}
        private bool WriteSecurityAttribute(ModuleDefinition module, bool isAssemblyDeclaration, SecurityAttribute attribute, SecurityDeclaration securityDeclaration, out bool wroteArgument)
        {
            genericWriter.WriteToken(OpeningBracket);
            if (isAssemblyDeclaration)
            {
                genericWriter.WriteKeyword(genericWriter.KeyWordWriter.Assembly);
                genericWriter.Write(":");
                genericWriter.WriteSpace();
            }
            string attributeName = attribute.AttributeType.Name.EndsWith("Attribute") ? attribute.AttributeType.Name.Remove(attribute.AttributeType.Name.LastIndexOf("Attribute")) : attribute.AttributeType.Name;
			genericWriter.WriteNamespaceIfTypeInCollision(attribute.AttributeType);
            genericWriter.WriteReference(attributeName, attribute.AttributeType);

            genericWriter.WriteToken("(");

			TypeReference securityActionTypeReference = securityDeclaration.GetSecurityActionTypeReference(module);
			TypeDefinition argumentTypeDefinition = securityActionTypeReference.IsDefinition ? securityActionTypeReference as TypeDefinition : securityActionTypeReference.Resolve();
			if (argumentTypeDefinition != null && argumentTypeDefinition.IsEnum)
			{
				List<FieldDefinition> fields = EnumValueToFieldCombinationMatcher.GetEnumFieldDefinitionByValue(argumentTypeDefinition.Fields, (int)securityDeclaration.Action, argumentTypeDefinition.CustomAttributes);
				if (fields.Count != 0)
				{
					for (int i = 0; i < fields.Count; i++)
					{
						genericWriter.WriteReferenceAndNamespaceIfInCollision(fields[i].DeclaringType);
						genericWriter.WriteToken(".");
						genericWriter.WriteEnumValueField(fields[i]);

						if (i + 1 < fields.Count)
						{
							genericWriter.WriteSpace();
							genericWriter.WriteBitwiseOr();
							genericWriter.WriteSpace();
						}
					}
				}
				else
				{
					WriteSecurityAttributeAction(securityDeclaration.Action);
				}
			}

            wroteArgument = true;

            if (attribute.HasFields || attribute.HasProperties)
            {
                var attributeType = attribute.AttributeType.Resolve();
                if (attribute.HasProperties)
                {
                    wroteArgument = WriteAttributeNamedArgs(attributeType, attribute.Properties, false, wroteArgument);
                }
                if (attribute.HasFields)
                {
                    WriteAttributeNamedArgs(attributeType, attribute.Fields, true, wroteArgument);
                }
            }

            genericWriter.WriteToken(")");
            genericWriter.WriteToken(ClosingBracket);
            genericWriter.WriteLine();
            return wroteArgument;
        }
 public SecurityDeclarationEventArgs(SecurityDeclaration item)
 {
     m_item = item;
 }
        public bool Contains(SecurityDeclaration value)
        {
            if (value == null)
                return (m_items.Count == 0);

            SecurityDeclaration item = (SecurityDeclaration) m_items[value.Action];
            if (item == null)
                return false;

            #if !CF_1_0 && !CF_2_0
            return value.PermissionSet.IsSubsetOf (item.PermissionSet);
            #else
            // XXX For CF, this concept does not exist--so always be true
            return true;
            #endif
        }
 public static void InjectSecurityDeclaration(this ISecurityDeclarationProvider target, SecurityDeclaration declaration, ReferenceResolver resolver)
 {
     var newDeclaration = new SecurityDeclaration(declaration.Action);
     MetadataBuilderHelper.CopySecurityAttributes(declaration, newDeclaration, resolver);
     target.SecurityDeclarations.Add(newDeclaration);
 }
 private int CompareSecurityDeclaration(SecurityDeclaration first, SecurityDeclaration second)
 {
     if (first == second)
     {
         return 0;
     }
     string firstKeyword = GetActionKeyword(first.Action);
     string secondKeyword = GetActionKeyword(second.Action);
     return firstKeyword.CompareTo(secondKeyword);
 }
        public byte[] GetAsByteArray(SecurityDeclaration dec)
        {
            // TODO - add support for 2.0 format
            // note: the 1.x format is still supported in 2.0 so this isn't an immediate problem
            if (!dec.IsReadable)
                return dec.Blob;

            #if !CF_1_0 && !CF_2_0
            if (dec.PermissionSet != null)
                return Encoding.Unicode.GetBytes (dec.PermissionSet.ToXml ().ToString ());
            #endif

            return new byte [0];
        }
Exemple #26
0
 void addSecurityDeclaration(SecurityDeclaration decl)
 {
     if (decl == null)
         return;
     access(() => addSecurityAttributes(decl.SecurityAttributes));
 }
        public SecurityDeclaration FromByteArray(SecurityAction action, byte [] declaration, bool resolve)
        {
            SecurityDeclaration dec = new SecurityDeclaration(action, this);

#if !CF_1_0 && !CF_2_0
            dec.PermissionSet = new PermissionSet(SSP.PermissionState.None);

            if (IsEmptyDeclaration(declaration))
            {
                return(dec);
            }

            if (declaration[0] == 0x2e)
            {
                // new binary format introduced in 2.0
                int pos = 1;
                int start;
                int numattr = Utilities.ReadCompressedInteger(declaration, pos, out start);
                if (numattr == 0)
                {
                    return(dec);
                }

                BinaryReader br = new BinaryReader(new MemoryStream(declaration));
                for (int i = 0; i < numattr; i++)
                {
                    pos = start;
                    SSP.SecurityAttribute sa = CreateSecurityAttribute(action, br, declaration, pos, out start, resolve);
                    if (sa == null)
                    {
                        dec.Resolved = false;
                        dec.Blob     = declaration;
                        return(dec);
                    }

                    try {
                        IPermission p = sa.CreatePermission();
                        dec.PermissionSet.AddPermission(p);
                    } catch {
                        dec.Resolved = false;
                        dec.Blob     = declaration;
                        return(dec);
                    }
                }

                dec.Resolved = true;
            }
            else
            {
                Parser.LoadXml(Encoding.Unicode.GetString(declaration));
                try {
                    dec.PermissionSet.FromXml(Parser.ToXml());
                    dec.PermissionSet.ToXml();
                    dec.Resolved = true;
                } catch {
                    dec.Resolved = false;
                    dec.Blob     = declaration;
                }
            }
#endif
            return(dec);
        }