/// <summary>Creates a permission that is the union of the current permission and the specified permission.</summary>
/// <returns>A new permission that represents the union of the current permission and the specified permission.</returns>
/// <param name="target">A permission to combine with the current permission. It must be of the same type as the current permission. </param>
/// <exception cref="T:System.ArgumentException">
/// <paramref name="target" /> is not null and does not specify a permission of the same type as the current permission. </exception>
public override IPermission Union(IPermission target)
{
KeyContainerPermission keyContainerPermission = this.Cast(target);
if (keyContainerPermission == null)
{
return(this.Copy());
}
KeyContainerPermissionAccessEntryCollection keyContainerPermissionAccessEntryCollection = new KeyContainerPermissionAccessEntryCollection();
foreach (KeyContainerPermissionAccessEntry accessEntry in this._accessEntries)
{
keyContainerPermissionAccessEntryCollection.Add(accessEntry);
}
foreach (KeyContainerPermissionAccessEntry accessEntry2 in keyContainerPermission._accessEntries)
{
if (this._accessEntries.IndexOf(accessEntry2) == -1)
{
keyContainerPermissionAccessEntryCollection.Add(accessEntry2);
}
}
if (keyContainerPermissionAccessEntryCollection.Count == 0)
{
return(new KeyContainerPermission(this._flags | keyContainerPermission._flags));
}
KeyContainerPermissionAccessEntry[] array = new KeyContainerPermissionAccessEntry[keyContainerPermissionAccessEntryCollection.Count];
keyContainerPermissionAccessEntryCollection.CopyTo(array, 0);
return(new KeyContainerPermission(this._flags | keyContainerPermission._flags, array));
}
public override bool Equals(Object o)
{
KeyContainerPermissionAccessEntry accessEntry = o as KeyContainerPermissionAccessEntry;
if (accessEntry == null)
{
return(false);
}
if (accessEntry.m_keyStore != m_keyStore)
{
return(false);
}
if (accessEntry.m_providerName != m_providerName)
{
return(false);
}
if (accessEntry.m_providerType != m_providerType)
{
return(false);
}
if (accessEntry.m_keyContainerName != m_keyContainerName)
{
return(false);
}
if (accessEntry.m_keySpec != m_keySpec)
{
return(false);
}
return(true);
}
public override bool Equals(object obj)
{
if (obj == null)
{
return(false);
}
KeyContainerPermissionAccessEntry kcpae = (obj as KeyContainerPermissionAccessEntry);
if (kcpae == null)
{
return(false);
}
if (_flags != kcpae._flags)
{
return(false);
}
if (_containerName != kcpae._containerName)
{
return(false);
}
if (_store != kcpae._store)
{
return(false);
}
if (_providerName != kcpae._providerName)
{
return(false);
}
if (_type != kcpae._type)
{
return(false);
}
return(true);
}
internal KeyContainerPermission BuildKeyContainerPermission(KeyContainerPermissionFlags flags)
{
KeyContainerPermission permission = null;
if (this.IsEphemeral)
{
return permission;
}
string keyContainerName = null;
string str2 = null;
try
{
keyContainerName = this.KeyName;
str2 = NCryptNative.GetPropertyAsString(this.m_kspHandle, "Name", CngPropertyOptions.None);
}
catch (CryptographicException)
{
}
if (keyContainerName != null)
{
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyContainerName, flags) {
ProviderName = str2
};
permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
permission.AccessEntries.Add(accessEntry);
return permission;
}
return new KeyContainerPermission(flags);
}
private void AddAccessEntryAndIntersect(KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target)
{
KeyContainerPermissionAccessEntry accessEntry1 = new KeyContainerPermissionAccessEntry(accessEntry);
accessEntry1.Flags &= KeyContainerPermission.GetApplicableFlags(accessEntry, target);
this.AccessEntries.Add(accessEntry1);
}
private void AddAccessEntryAndIntersect(KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target)
{
KeyContainerPermissionAccessEntry newAccessEntry = new KeyContainerPermissionAccessEntry(accessEntry);
newAccessEntry.Flags &= GetApplicableFlags(accessEntry, target);
AccessEntries.Add(newAccessEntry);
}
public override IPermission Intersect(IPermission target)
{
if (target != null)
{
if (!base.VerifyType(target))
{
throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", new object[] { base.GetType().FullName }));
}
KeyContainerPermission permission = (KeyContainerPermission)target;
if (this.IsEmpty() || permission.IsEmpty())
{
return(null);
}
KeyContainerPermissionFlags flags = permission.m_flags & this.m_flags;
KeyContainerPermission permission2 = new KeyContainerPermission(flags);
KeyContainerPermissionAccessEntryEnumerator enumerator = this.AccessEntries.GetEnumerator();
while (enumerator.MoveNext())
{
KeyContainerPermissionAccessEntry current = enumerator.Current;
permission2.AddAccessEntryAndIntersect(current, permission);
}
KeyContainerPermissionAccessEntryEnumerator enumerator2 = permission.AccessEntries.GetEnumerator();
while (enumerator2.MoveNext())
{
KeyContainerPermissionAccessEntry accessEntry = enumerator2.Current;
permission2.AddAccessEntryAndIntersect(accessEntry, this);
}
if (!permission2.IsEmpty())
{
return(permission2);
}
}
return(null);
}
public override SecurityElement ToXml()
{
SecurityElement element = CodeAccessPermission.CreatePermissionElement(this, "System.Security.Permissions.KeyContainerPermission");
if (!this.IsUnrestricted())
{
element.AddAttribute("Flags", this.m_flags.ToString());
if (this.AccessEntries.Count > 0)
{
SecurityElement child = new SecurityElement("AccessList");
KeyContainerPermissionAccessEntryEnumerator enumerator = this.AccessEntries.GetEnumerator();
while (enumerator.MoveNext())
{
KeyContainerPermissionAccessEntry current = enumerator.Current;
SecurityElement element3 = new SecurityElement("AccessEntry");
element3.AddAttribute("KeyStore", current.KeyStore);
element3.AddAttribute("ProviderName", current.ProviderName);
element3.AddAttribute("ProviderType", current.ProviderType.ToString(null, null));
element3.AddAttribute("KeyContainerName", current.KeyContainerName);
element3.AddAttribute("KeySpec", current.KeySpec.ToString(null, null));
element3.AddAttribute("Flags", current.Flags.ToString());
child.AddChild(element3);
}
element.AddChild(child);
}
return(element);
}
element.AddAttribute("Unrestricted", "true");
return(element);
}
public override IPermission Union(IPermission target)
{
KeyContainerPermission kcp = Cast(target);
if (kcp == null)
{
return(Copy());
}
KeyContainerPermissionAccessEntryCollection kcpaec = new KeyContainerPermissionAccessEntryCollection();
// copy first group
foreach (KeyContainerPermissionAccessEntry kcpae in _accessEntries)
{
kcpaec.Add(kcpae);
}
// copy second group...
foreach (KeyContainerPermissionAccessEntry kcpae in kcp._accessEntries)
{
// ... but only if not present in first group
if (_accessEntries.IndexOf(kcpae) == -1)
{
kcpaec.Add(kcpae);
}
}
if (kcpaec.Count == 0)
{
return(new KeyContainerPermission((_flags | kcp._flags)));
}
KeyContainerPermissionAccessEntry[] list = new KeyContainerPermissionAccessEntry [kcpaec.Count];
kcpaec.CopyTo(list, 0);
return(new KeyContainerPermission((_flags | kcp._flags), list));
}
private static KeyContainerPermissionFlags GetApplicableFlags(KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target)
{
KeyContainerPermissionFlags noFlags = KeyContainerPermissionFlags.NoFlags;
bool flag = true;
int index = target.AccessEntries.IndexOf(accessEntry);
if (index != -1)
{
return(target.AccessEntries[index].Flags);
}
KeyContainerPermissionAccessEntryEnumerator enumerator = target.AccessEntries.GetEnumerator();
while (enumerator.MoveNext())
{
KeyContainerPermissionAccessEntry current = enumerator.Current;
if (accessEntry.IsSubsetOf(current))
{
if (!flag)
{
noFlags &= current.Flags;
}
else
{
noFlags = current.Flags;
flag = false;
}
}
}
if (flag)
{
noFlags = target.Flags;
}
return(noFlags);
}
// Token: 0x060026D0 RID: 9936 RVA: 0x0008CC40 File Offset: 0x0008AE40
private static KeyContainerPermissionFlags GetApplicableFlags(KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target)
{
KeyContainerPermissionFlags keyContainerPermissionFlags = KeyContainerPermissionFlags.NoFlags;
bool flag = true;
int num = target.AccessEntries.IndexOf(accessEntry);
if (num != -1)
{
return(target.AccessEntries[num].Flags);
}
foreach (KeyContainerPermissionAccessEntry keyContainerPermissionAccessEntry in target.AccessEntries)
{
if (accessEntry.IsSubsetOf(keyContainerPermissionAccessEntry))
{
if (!flag)
{
keyContainerPermissionFlags &= keyContainerPermissionAccessEntry.Flags;
}
else
{
keyContainerPermissionFlags = keyContainerPermissionAccessEntry.Flags;
flag = false;
}
}
}
if (flag)
{
keyContainerPermissionFlags = target.Flags;
}
return(keyContainerPermissionFlags);
}
private static KeyContainerPermissionFlags GetApplicableFlags(KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target)
{
KeyContainerPermissionFlags containerPermissionFlags = KeyContainerPermissionFlags.NoFlags;
bool flag = true;
int index = target.AccessEntries.IndexOf(accessEntry);
if (index != -1)
{
return(target.AccessEntries[index].Flags);
}
foreach (KeyContainerPermissionAccessEntry accessEntry1 in target.AccessEntries)
{
if (accessEntry.IsSubsetOf(accessEntry1))
{
if (!flag)
{
containerPermissionFlags &= accessEntry1.Flags;
}
else
{
containerPermissionFlags = accessEntry1.Flags;
flag = false;
}
}
}
if (flag)
{
containerPermissionFlags = target.Flags;
}
return(containerPermissionFlags);
}
// Token: 0x060026CD RID: 9933 RVA: 0x0008CBA8 File Offset: 0x0008ADA8
private void AddAccessEntryAndUnion(KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target)
{
KeyContainerPermissionAccessEntry keyContainerPermissionAccessEntry = new KeyContainerPermissionAccessEntry(accessEntry);
keyContainerPermissionAccessEntry.Flags |= KeyContainerPermission.GetApplicableFlags(accessEntry, target);
this.AccessEntries.Add(keyContainerPermissionAccessEntry);
}
private static KeyContainerPermissionFlags GetApplicableFlags (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) {
KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags;
bool applyDefaultFlags = true;
// If the entry exists in the target, return the flag of the target entry.
int index = target.AccessEntries.IndexOf(accessEntry);
if (index != -1) {
flags = ((KeyContainerPermissionAccessEntry)target.AccessEntries[index]).Flags;
return flags;
}
// Intersect the flags in all the target entries that apply to the current access entry,
foreach (KeyContainerPermissionAccessEntry targetAccessEntry in target.AccessEntries) {
if (accessEntry.IsSubsetOf(targetAccessEntry)) {
if (applyDefaultFlags == false) {
flags &= targetAccessEntry.Flags;
} else {
flags = targetAccessEntry.Flags;
applyDefaultFlags = false;
}
}
}
// If no target entry applies to the current entry, the default global flag applies.
if (applyDefaultFlags)
flags = target.Flags;
return flags;
}
public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
if (creationParameters == null)
{
creationParameters = new CngKeyCreationParameters();
}
if (!NCryptNative.NCryptSupported)
{
throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported"));
}
if (keyName != null)
{
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Create) {
ProviderName = creationParameters.Provider.Provider
};
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
}
SafeNCryptProviderHandle provider = NCryptNative.OpenStorageProvider(creationParameters.Provider.Provider);
SafeNCryptKeyHandle keyHandle = NCryptNative.CreatePersistedKey(provider, algorithm.Algorithm, keyName, creationParameters.KeyCreationOptions);
SetKeyProperties(keyHandle, creationParameters);
NCryptNative.FinalizeKey(keyHandle);
CngKey key = new CngKey(provider, keyHandle);
if (keyName == null)
{
key.IsEphemeral = true;
}
return key;
}
public int Add(KeyContainerPermissionAccessEntry accessEntry)
{
if (accessEntry == null)
{
throw new ArgumentNullException(nameof(accessEntry));
}
Contract.EndContractBlock();
int index = m_list.IndexOf(accessEntry);
if (index == -1)
{
if (accessEntry.Flags != m_globalFlags)
{
return(m_list.Add(accessEntry));
}
else
{
return(-1);
}
}
else
{
// We pick up the intersection of the 2 flags. This is the secure choice
// so we are opting for it.
((KeyContainerPermissionAccessEntry)m_list[index]).Flags &= accessEntry.Flags;
return(index);
}
}
internal bool IsSubsetOf(KeyContainerPermissionAccessEntry target)
{
if (target.m_keyStore != "*" && this.m_keyStore != target.m_keyStore)
{
return(false);
}
if (target.m_providerName != "*" && this.m_providerName != target.m_providerName)
{
return(false);
}
if (target.m_providerType != -1 && this.m_providerType != target.m_providerType)
{
return(false);
}
if (target.m_keyContainerName != "*" && this.m_keyContainerName != target.m_keyContainerName)
{
return(false);
}
if (target.m_keySpec != -1 && this.m_keySpec != target.m_keySpec)
{
return(false);
}
return(true);
}
public void Remove(KeyContainerPermissionAccessEntry accessEntry)
{
if (accessEntry == null)
{
throw new ArgumentNullException("accessEntry");
}
this.m_list.Remove(accessEntry);
}
/// <summary>从该集合中移除指定的 <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> 对象。</summary>
/// <param name="accessEntry">要移除的 <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> 对象。</param>
/// <exception cref="T:System.ArgumentNullException">
/// <paramref name="accessEntry" /> 为 null。</exception>
public void Remove(KeyContainerPermissionAccessEntry accessEntry)
{
if (accessEntry == null)
{
throw new ArgumentNullException("accessEntry");
}
this.m_list.Remove((object)accessEntry);
}
internal KeyContainerPermissionAccessEntryCollection (KeyContainerPermissionAccessEntry[] entries)
: base ()
{
if (entries != null) {
foreach (KeyContainerPermissionAccessEntry kcpae in entries) {
Add (kcpae);
}
}
}
// Methods
public override IPermission Copy ()
{
if (_accessEntries.Count == 0)
return new KeyContainerPermission (_flags);
KeyContainerPermissionAccessEntry[] list = new KeyContainerPermissionAccessEntry [_accessEntries.Count];
_accessEntries.CopyTo (list, 0);
return new KeyContainerPermission (_flags, list);
}
public KeyContainerPermission (KeyContainerPermissionFlags flags, KeyContainerPermissionAccessEntry[] accessList)
{
SetFlags (flags);
if (accessList != null) {
foreach (KeyContainerPermissionAccessEntry kcpae in accessList) {
_accessEntries.Add (kcpae);
}
}
}
public void Remove(KeyContainerPermissionAccessEntry accessEntry)
{
if (accessEntry == null)
{
throw new ArgumentNullException(nameof(accessEntry));
}
Contract.EndContractBlock();
m_list.Remove(accessEntry);
}
//
// private methods
//
private void AddAccessEntries(SecurityElement securityElement)
{
if (securityElement.InternalChildren != null && securityElement.InternalChildren.Count != 0)
{
IEnumerator elemEnumerator = securityElement.Children.GetEnumerator();
while (elemEnumerator.MoveNext())
{
SecurityElement current = (SecurityElement)elemEnumerator.Current;
if (current != null)
{
if (String.Equals(current.Tag, "AccessEntry"))
{
int iMax = current.m_lAttributes.Count;
Contract.Assert(iMax % 2 == 0, "Odd number of strings means the attr/value pairs were not added correctly");
string keyStore = null;
string providerName = null;
int providerType = -1;
string keyContainerName = null;
int keySpec = -1;
KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags;
for (int i = 0; i < iMax; i += 2)
{
String strAttrName = (String)current.m_lAttributes[i];
String strAttrValue = (String)current.m_lAttributes[i + 1];
if (String.Equals(strAttrName, "KeyStore"))
{
keyStore = strAttrValue;
}
if (String.Equals(strAttrName, "ProviderName"))
{
providerName = strAttrValue;
}
else if (String.Equals(strAttrName, "ProviderType"))
{
providerType = Convert.ToInt32(strAttrValue, null);
}
else if (String.Equals(strAttrName, "KeyContainerName"))
{
keyContainerName = strAttrValue;
}
else if (String.Equals(strAttrName, "KeySpec"))
{
keySpec = Convert.ToInt32(strAttrValue, null);
}
else if (String.Equals(strAttrName, "Flags"))
{
flags = (KeyContainerPermissionFlags)Enum.Parse(typeof(KeyContainerPermissionFlags), strAttrValue);
}
}
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyStore, providerName, providerType, keyContainerName, keySpec, flags);
AccessEntries.Add(accessEntry);
}
}
}
}
}
/// <summary>Determines whether the specified <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> object is equal to the current instance.</summary>
/// <returns>true if the specified <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> is equal to the current <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> object; otherwise, false.</returns>
/// <param name="o">The <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> object to compare with the currentinstance. </param>
public override bool Equals(object o)
{
if (o == null)
{
return(false);
}
KeyContainerPermissionAccessEntry keyContainerPermissionAccessEntry = o as KeyContainerPermissionAccessEntry;
return(keyContainerPermissionAccessEntry != null && this._flags == keyContainerPermissionAccessEntry._flags && !(this._containerName != keyContainerPermissionAccessEntry._containerName) && !(this._store != keyContainerPermissionAccessEntry._store) && !(this._providerName != keyContainerPermissionAccessEntry._providerName) && this._type == keyContainerPermissionAccessEntry._type);
}
private void AddAccessEntryAndUnion(KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target)
{
KeyContainerPermissionAccessEntry entry;
entry = new KeyContainerPermissionAccessEntry(accessEntry)
{
Flags = entry.Flags | GetApplicableFlags(accessEntry, target)
};
this.AccessEntries.Add(entry);
}
/// <summary>Creates and returns an identical copy of the current permission.</summary>
/// <returns>A copy of the current permission.</returns>
public override IPermission Copy()
{
if (this._accessEntries.Count == 0)
{
return(new KeyContainerPermission(this._flags));
}
KeyContainerPermissionAccessEntry[] array = new KeyContainerPermissionAccessEntry[this._accessEntries.Count];
this._accessEntries.CopyTo(array, 0);
return(new KeyContainerPermission(this._flags, array));
}
// Methods
public override IPermission Copy()
{
if (_accessEntries.Count == 0)
{
return(new KeyContainerPermission(_flags));
}
KeyContainerPermissionAccessEntry[] list = new KeyContainerPermissionAccessEntry [_accessEntries.Count];
_accessEntries.CopyTo(list, 0);
return(new KeyContainerPermission(_flags, list));
}
private void AddAccessEntries(SecurityElement securityElement)
{
if ((securityElement.InternalChildren != null) && (securityElement.InternalChildren.Count != 0))
{
IEnumerator enumerator = securityElement.Children.GetEnumerator();
while (enumerator.MoveNext())
{
SecurityElement current = (SecurityElement)enumerator.Current;
if ((current != null) && string.Equals(current.Tag, "AccessEntry"))
{
int count = current.m_lAttributes.Count;
string keyStore = null;
string providerName = null;
int providerType = -1;
string keyContainerName = null;
int keySpec = -1;
KeyContainerPermissionFlags noFlags = KeyContainerPermissionFlags.NoFlags;
for (int i = 0; i < count; i += 2)
{
string a = (string)current.m_lAttributes[i];
string str5 = (string)current.m_lAttributes[i + 1];
if (string.Equals(a, "KeyStore"))
{
keyStore = str5;
}
if (string.Equals(a, "ProviderName"))
{
providerName = str5;
}
else if (string.Equals(a, "ProviderType"))
{
providerType = Convert.ToInt32(str5, (IFormatProvider)null);
}
else if (string.Equals(a, "KeyContainerName"))
{
keyContainerName = str5;
}
else if (string.Equals(a, "KeySpec"))
{
keySpec = Convert.ToInt32(str5, (IFormatProvider)null);
}
else if (string.Equals(a, "Flags"))
{
noFlags = (KeyContainerPermissionFlags)Enum.Parse(typeof(KeyContainerPermissionFlags), str5);
}
}
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyStore, providerName, providerType, keyContainerName, keySpec, noFlags);
this.AccessEntries.Add(accessEntry);
}
}
}
}
// Token: 0x060026CC RID: 9932 RVA: 0x0008CA2C File Offset: 0x0008AC2C
private void AddAccessEntries(SecurityElement securityElement)
{
if (securityElement.InternalChildren != null && securityElement.InternalChildren.Count != 0)
{
foreach (object obj in securityElement.Children)
{
SecurityElement securityElement2 = (SecurityElement)obj;
if (securityElement2 != null && string.Equals(securityElement2.Tag, "AccessEntry"))
{
int count = securityElement2.m_lAttributes.Count;
string keyStore = null;
string providerName = null;
int providerType = -1;
string keyContainerName = null;
int keySpec = -1;
KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags;
for (int i = 0; i < count; i += 2)
{
string a = (string)securityElement2.m_lAttributes[i];
string text = (string)securityElement2.m_lAttributes[i + 1];
if (string.Equals(a, "KeyStore"))
{
keyStore = text;
}
if (string.Equals(a, "ProviderName"))
{
providerName = text;
}
else if (string.Equals(a, "ProviderType"))
{
providerType = Convert.ToInt32(text, null);
}
else if (string.Equals(a, "KeyContainerName"))
{
keyContainerName = text;
}
else if (string.Equals(a, "KeySpec"))
{
keySpec = Convert.ToInt32(text, null);
}
else if (string.Equals(a, "Flags"))
{
flags = (KeyContainerPermissionFlags)Enum.Parse(typeof(KeyContainerPermissionFlags), text);
}
}
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyStore, providerName, providerType, keyContainerName, keySpec, flags);
this.AccessEntries.Add(accessEntry);
}
}
}
}
public KeyContainerPermission(KeyContainerPermissionFlags flags, KeyContainerPermissionAccessEntry[] accessList)
{
if (accessList == null)
{
throw new ArgumentNullException("accessList");
}
VerifyFlags(flags);
this.m_flags = flags;
this.m_accessEntries = new KeyContainerPermissionAccessEntryCollection(this.m_flags);
for (int i = 0; i < accessList.Length; i++)
{
this.m_accessEntries.Add(accessList[i]);
}
}
/// <summary>Removes the specified <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> object from thecollection.</summary>
/// <param name="accessEntry">The <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> object to remove.</param>
/// <exception cref="T:System.ArgumentNullException">
/// <paramref name="accessEntry" /> is null.</exception>
public void Remove(KeyContainerPermissionAccessEntry accessEntry)
{
if (accessEntry == null)
{
throw new ArgumentNullException("accessEntry");
}
for (int i = 0; i < this._list.Count; i++)
{
if (accessEntry.Equals(this._list[i]))
{
this._list.RemoveAt(i);
}
}
}
public override IPermission CreatePermission()
{
if (base.m_unrestricted)
{
return new KeyContainerPermission(PermissionState.Unrestricted);
}
if (KeyContainerPermissionAccessEntry.IsUnrestrictedEntry(this.m_keyStore, this.m_providerName, this.m_providerType, this.m_keyContainerName, this.m_keySpec))
{
return new KeyContainerPermission(this.m_flags);
}
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this.m_keyStore, this.m_providerName, this.m_providerType, this.m_keyContainerName, this.m_keySpec, this.m_flags);
permission.AccessEntries.Add(accessEntry);
return permission;
}
/// <summary>Gets the index in the collection of the specified <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> object, if it exists in the collection.</summary>
/// <returns>The index of the specified <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> object in the collection, or –1 if no match is found.</returns>
/// <param name="accessEntry">The <see cref="T:System.Security.Permissions.KeyContainerPermissionAccessEntry" /> object to locate.</param>
public int IndexOf(KeyContainerPermissionAccessEntry accessEntry)
{
if (accessEntry == null)
{
throw new ArgumentNullException("accessEntry");
}
for (int i = 0; i < this._list.Count; i++)
{
if (accessEntry.Equals(this._list[i]))
{
return(i);
}
}
return(-1);
}
[System.Security.SecurityCritical] // auto-generated
internal CspKeyContainerInfo (CspParameters parameters, bool randomKeyContainer) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open);
kp.AccessEntries.Add(entry);
kp.Demand();
m_parameters = new CspParameters(parameters);
if (m_parameters.KeyNumber == -1) {
if (m_parameters.ProviderType == Constants.PROV_RSA_FULL || m_parameters.ProviderType == Constants.PROV_RSA_AES)
m_parameters.KeyNumber = Constants.AT_KEYEXCHANGE;
else if (m_parameters.ProviderType == Constants.PROV_DSS_DH)
m_parameters.KeyNumber = Constants.AT_SIGNATURE;
}
m_randomKeyContainer = randomKeyContainer;
}
/// <summary>创建并返回一个新的 <see cref="T:System.Security.Permissions.KeyContainerPermission" />。</summary>
/// <returns>与此特性对应的 <see cref="T:System.Security.Permissions.KeyContainerPermission" />。</returns>
public override IPermission CreatePermission()
{
if (this.m_unrestricted)
{
return((IPermission) new KeyContainerPermission(PermissionState.Unrestricted));
}
if (KeyContainerPermissionAccessEntry.IsUnrestrictedEntry(this.m_keyStore, this.m_providerName, this.m_providerType, this.m_keyContainerName, this.m_keySpec))
{
return((IPermission) new KeyContainerPermission(this.m_flags));
}
KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this.m_keyStore, this.m_providerName, this.m_providerType, this.m_keyContainerName, this.m_keySpec, this.m_flags);
containerPermission.AccessEntries.Add(accessEntry);
return((IPermission)containerPermission);
}
public override IPermission Copy()
{
if (this.IsEmpty())
{
return(null);
}
KeyContainerPermission permission = new KeyContainerPermission(this.m_flags);
KeyContainerPermissionAccessEntryEnumerator enumerator = this.AccessEntries.GetEnumerator();
while (enumerator.MoveNext())
{
KeyContainerPermissionAccessEntry current = enumerator.Current;
permission.AccessEntries.Add(current);
}
return(permission);
}
/// <summary>Creates and returns a new <see cref="T:System.Security.Permissions.KeyContainerPermission" />.</summary>
/// <returns>A <see cref="T:System.Security.Permissions.KeyContainerPermission" /> that corresponds to the attribute.</returns>
public override IPermission CreatePermission()
{
if (base.Unrestricted)
{
return(new KeyContainerPermission(PermissionState.Unrestricted));
}
if (this.EmptyEntry())
{
return(new KeyContainerPermission(this._flags));
}
KeyContainerPermissionAccessEntry[] accessList = new KeyContainerPermissionAccessEntry[]
{
new KeyContainerPermissionAccessEntry(this._store, this._providerName, this._type, this._containerName, this._spec, this._flags)
};
return(new KeyContainerPermission(this._flags, accessList));
}
// Methods
public override IPermission CreatePermission()
{
if (this.Unrestricted)
{
return(new KeyContainerPermission(PermissionState.Unrestricted));
}
else if (EmptyEntry())
{
return(new KeyContainerPermission(_flags));
}
else
{
KeyContainerPermissionAccessEntry[] list = new KeyContainerPermissionAccessEntry [1];
list [0] = new KeyContainerPermissionAccessEntry(_store, _providerName, _type, _containerName, _spec, _flags);
return(new KeyContainerPermission(_flags, list));
}
}
public int Add(KeyContainerPermissionAccessEntry accessEntry)
{
if (accessEntry == null)
{
throw new ArgumentNullException("accessEntry");
}
int index = this.m_list.IndexOf(accessEntry);
if (index == -1)
{
if (accessEntry.Flags != this.m_globalFlags)
{
return this.m_list.Add(accessEntry);
}
return -1;
}
KeyContainerPermissionAccessEntry entry1 = (KeyContainerPermissionAccessEntry) this.m_list[index];
entry1.Flags &= accessEntry.Flags;
return index;
}
internal CspKeyContainerInfo(CspParameters parameters, bool randomKeyContainer)
{
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
this.m_parameters = new CspParameters(parameters);
if (this.m_parameters.KeyNumber == -1)
{
if ((this.m_parameters.ProviderType == 1) || (this.m_parameters.ProviderType == 0x18))
{
this.m_parameters.KeyNumber = 1;
}
else if (this.m_parameters.ProviderType == 13)
{
this.m_parameters.KeyNumber = 2;
}
}
this.m_randomKeyContainer = randomKeyContainer;
}
public byte[] Decrypt(byte[] rgb, bool fOAEP)
{
if (rgb == null)
{
throw new ArgumentNullException("rgb");
}
this.GetKeyPair();
if (rgb.Length > (this.KeySize / 8))
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_Padding_DecDataTooBig", new object[] { this.KeySize / 8 }));
}
if (!this.CspKeyContainerInfo.RandomlyGenerated)
{
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Decrypt);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
}
byte[] o = null;
DecryptKey(this._safeKeyHandle, rgb, rgb.Length, fOAEP, JitHelpers.GetObjectHandleOnStack<byte[]>(ref o));
return o;
}
internal bool IsSubsetOf(KeyContainerPermissionAccessEntry target)
{
if ((target.m_keyStore != "*") && (this.m_keyStore != target.m_keyStore))
{
return false;
}
if ((target.m_providerName != "*") && (this.m_providerName != target.m_providerName))
{
return false;
}
if ((target.m_providerType != -1) && (this.m_providerType != target.m_providerType))
{
return false;
}
if ((target.m_keyContainerName != "*") && (this.m_keyContainerName != target.m_keyContainerName))
{
return false;
}
if ((target.m_keySpec != -1) && (this.m_keySpec != target.m_keySpec))
{
return false;
}
return true;
}
[System.Security.SecuritySafeCritical] // auto-generated
public byte [] Decrypt(byte[] rgb, bool fOAEP) {
if (rgb == null)
throw new ArgumentNullException("rgb");
Contract.EndContractBlock();
GetKeyPair();
// size check -- must be at most the modulus size
if (rgb.Length > (KeySize / 8))
throw new CryptographicException(Environment.GetResourceString("Cryptography_Padding_DecDataTooBig", KeySize / 8));
if (!CspKeyContainerInfo.RandomlyGenerated) {
if (!CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(_parameters, KeyContainerPermissionFlags.Decrypt);
kp.AccessEntries.Add(entry);
kp.Demand();
}
}
byte[] decryptedKey = null;
DecryptKey(_safeKeyHandle, rgb, rgb.Length, fOAEP, JitHelpers.GetObjectHandleOnStack(ref decryptedKey));
return decryptedKey;
}
public int Add (KeyContainerPermissionAccessEntry accessEntry)
{
return _list.Add (accessEntry);
}
public int IndexOf (KeyContainerPermissionAccessEntry accessEntry)
{
if (accessEntry == null)
throw new ArgumentNullException ("accessEntry");
for (int i=0; i < _list.Count; i++) {
if (accessEntry.Equals (_list [i]))
return i;
}
return -1;
}
public void Remove (KeyContainerPermissionAccessEntry accessEntry)
{
if (accessEntry == null)
throw new ArgumentNullException ("accessEntry");
for (int i=0; i < _list.Count; i++) {
if (accessEntry.Equals (_list [i]))
_list.RemoveAt (i);
}
}
public int Add (KeyContainerPermissionAccessEntry accessEntry) {
if (accessEntry == null)
throw new ArgumentNullException("accessEntry");
Contract.EndContractBlock();
int index = m_list.IndexOf(accessEntry);
if (index == -1) {
if (accessEntry.Flags != m_globalFlags) {
return m_list.Add(accessEntry);
}
else
return -1;
} else {
// We pick up the intersection of the 2 flags. This is the secure choice
// so we are opting for it.
((KeyContainerPermissionAccessEntry)m_list[index]).Flags &= accessEntry.Flags;
return index;
}
}
public override IPermission CreatePermission() {
if (m_unrestricted) {
return new KeyContainerPermission(PermissionState.Unrestricted);
} else {
if (KeyContainerPermissionAccessEntry.IsUnrestrictedEntry(m_keyStore, m_providerName, m_providerType, m_keyContainerName, m_keySpec))
return new KeyContainerPermission(m_flags);
// create a KeyContainerPermission with a single access entry.
KeyContainerPermission cp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(m_keyStore, m_providerName, m_providerType, m_keyContainerName, m_keySpec, m_flags);
cp.AccessEntries.Add(accessEntry);
return cp;
}
}
public int IndexOf (KeyContainerPermissionAccessEntry accessEntry) {
return m_list.IndexOf(accessEntry);
}
public KeyContainerPermission (KeyContainerPermissionFlags flags, KeyContainerPermissionAccessEntry[] accessList) {
if (accessList == null)
throw new ArgumentNullException("accessList");
Contract.EndContractBlock();
VerifyFlags(flags);
m_flags = flags;
m_accessEntries = new KeyContainerPermissionAccessEntryCollection(m_flags);
for (int index = 0; index < accessList.Length; index++) {
m_accessEntries.Add(accessList[index]);
}
}
private static KeyContainerPermissionFlags GetApplicableFlags (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) {
KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags;
bool applyDefaultFlags = true;
// If the entry exists in the target, return the flag of the target entry.
int index = target.AccessEntries.IndexOf(accessEntry);
if (index != -1) {
flags = ((KeyContainerPermissionAccessEntry)target.AccessEntries[index]).Flags;
return flags;
}
// Intersect the flags in all the target entries that apply to the current access entry,
foreach (KeyContainerPermissionAccessEntry targetAccessEntry in target.AccessEntries) {
if (accessEntry.IsSubsetOf(targetAccessEntry)) {
if (applyDefaultFlags == false) {
flags &= targetAccessEntry.Flags;
} else {
flags = targetAccessEntry.Flags;
applyDefaultFlags = false;
}
}
}
// If no target entry applies to the current entry, the default global flag applies.
if (applyDefaultFlags)
flags = target.Flags;
return flags;
}
bool CryptAcquireContext(
[In,Out] ref SafeCryptProvHandle hCryptProv,
[In] [MarshalAs(UnmanagedType.LPStr)] string pwszContainer,
[In] [MarshalAs(UnmanagedType.LPStr)] string pwszProvider,
[In] uint dwProvType,
[In] uint dwFlags) {
CspParameters parameters = new CspParameters();
parameters.ProviderName = pwszProvider;
parameters.KeyContainerName = pwszContainer;
parameters.ProviderType = (int) dwProvType;
parameters.KeyNumber = -1;
parameters.Flags = (CspProviderFlags) ((dwFlags & CAPI.CRYPT_MACHINE_KEYSET) == CAPI.CRYPT_MACHINE_KEYSET ? CspProviderFlags.UseMachineKeyStore : 0);
#if !FEATURE_CORESYSTEM
if (!CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open);
kp.AccessEntries.Add(entry);
kp.Demand();
}
#endif
bool rc = CAPIMethods.CryptAcquireContext(ref hCryptProv,
pwszContainer,
pwszProvider,
dwProvType,
dwFlags);
if (!rc && Marshal.GetLastWin32Error() == CAPI.NTE_BAD_KEYSET) {
rc = CAPIMethods.CryptAcquireContext(ref hCryptProv,
pwszContainer,
pwszProvider,
dwProvType,
dwFlags | CAPI.CRYPT_NEWKEYSET);
}
return rc;
}
private void AddAccessEntryAndIntersect (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) {
KeyContainerPermissionAccessEntry newAccessEntry = new KeyContainerPermissionAccessEntry(accessEntry);
newAccessEntry.Flags &= GetApplicableFlags(accessEntry, target);
AccessEntries.Add(newAccessEntry);
}
//
// private methods
//
private void AddAccessEntries(SecurityElement securityElement) {
if (securityElement.InternalChildren != null && securityElement.InternalChildren.Count != 0) {
IEnumerator elemEnumerator = securityElement.Children.GetEnumerator();
while (elemEnumerator.MoveNext()) {
SecurityElement current = (SecurityElement) elemEnumerator.Current;
if (current != null) {
if (String.Equals(current.Tag, "AccessEntry")) {
int iMax = current.m_lAttributes.Count;
Contract.Assert(iMax % 2 == 0, "Odd number of strings means the attr/value pairs were not added correctly");
string keyStore = null;
string providerName = null;
int providerType = -1;
string keyContainerName = null;
int keySpec = -1;
KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags;
for (int i = 0; i < iMax; i += 2) {
String strAttrName = (String) current.m_lAttributes[i];
String strAttrValue = (String) current.m_lAttributes[i+1];
if (String.Equals(strAttrName, "KeyStore"))
keyStore = strAttrValue;
if (String.Equals(strAttrName, "ProviderName"))
providerName = strAttrValue;
else if (String.Equals(strAttrName, "ProviderType"))
providerType = Convert.ToInt32(strAttrValue, null);
else if (String.Equals(strAttrName, "KeyContainerName"))
keyContainerName = strAttrValue;
else if (String.Equals(strAttrName, "KeySpec"))
keySpec = Convert.ToInt32(strAttrValue, null);
else if (String.Equals(strAttrName, "Flags")) {
flags = (KeyContainerPermissionFlags) Enum.Parse(typeof(KeyContainerPermissionFlags), strAttrValue);
}
}
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyStore, providerName, providerType, keyContainerName, keySpec, flags);
AccessEntries.Add(accessEntry);
}
}
}
}
}
internal KeyContainerPermissionAccessEntry(KeyContainerPermissionAccessEntry accessEntry) :
this (accessEntry.KeyStore, accessEntry.ProviderName, accessEntry.ProviderType, accessEntry.KeyContainerName,
accessEntry.KeySpec, accessEntry.Flags) {
}
public void CopyTo (KeyContainerPermissionAccessEntry[] array, int index)
{
_list.CopyTo (array, index);
}
private void CounterSign(CmsSigner signer)
{
CspParameters parameters = new CspParameters();
if (!System.Security.Cryptography.X509Certificates.X509Utils.GetPrivateKeyInfo(System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(signer.Certificate), ref parameters))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Sign | KeyContainerPermissionFlags.Open);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
uint dwIndex = (uint) PkcsUtils.GetSignerIndex(this.m_signedCms.GetCryptMsgHandle(), this, 0);
System.Security.Cryptography.SafeLocalAllocHandle handle = System.Security.Cryptography.CAPI.LocalAlloc(0x40, new IntPtr(Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO))));
System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO structure = PkcsUtils.CreateSignerEncodeInfo(signer);
try
{
Marshal.StructureToPtr(structure, handle.DangerousGetHandle(), false);
if (!System.Security.Cryptography.CAPI.CryptMsgCountersign(this.m_signedCms.GetCryptMsgHandle(), dwIndex, 1, handle.DangerousGetHandle()))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
this.m_signedCms.ReopenToDecode();
}
finally
{
Marshal.DestroyStructure(handle.DangerousGetHandle(), typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO));
handle.Dispose();
structure.Dispose();
}
PkcsUtils.AddCertsToMessage(this.m_signedCms.GetCryptMsgHandle(), this.m_signedCms.Certificates, PkcsUtils.CreateBagOfCertificates(signer));
}
public void CopyTo (KeyContainerPermissionAccessEntry[] array, int index) {
((ICollection)this).CopyTo(array, index);
}
public void Remove (KeyContainerPermissionAccessEntry accessEntry) {
if (accessEntry == null)
throw new ArgumentNullException("accessEntry");
Contract.EndContractBlock();
m_list.Remove(accessEntry);
}
