public virtual ObjectHandle CreateInstance(ActivationContext activationContext, string[] activationCustomData) { if (activationContext == null) { throw new ArgumentNullException("activationContext"); } Contract.EndContractBlock(); if (CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ActivationContext, activationContext)) { ManifestRunner runner = new ManifestRunner(AppDomain.CurrentDomain, activationContext); return(new ObjectHandle(runner.ExecuteAsAssembly())); } AppDomainSetup adSetup = new AppDomainSetup(new ActivationArguments(activationContext, activationCustomData)); // inherit the calling domain's AppDomain Manager AppDomainSetup currentDomainSetup = AppDomain.CurrentDomain.SetupInformation; adSetup.AppDomainManagerType = currentDomainSetup.AppDomainManagerType; adSetup.AppDomainManagerAssembly = currentDomainSetup.AppDomainManagerAssembly; // we inherit the evidence from the calling domain return(CreateInstanceHelper(adSetup)); }
protected static ObjectHandle CreateInstanceHelper(AppDomainSetup adSetup) { if (adSetup.ActivationArguments == null) { throw new ArgumentException(Environment.GetResourceString("Arg_MissingActivationArguments")); } adSetup.ActivationArguments.ActivateInstance = true; Evidence evidence = AppDomain.CurrentDomain.Evidence; Evidence applicationEvidence = CmsUtils.MergeApplicationEvidence((Evidence)null, adSetup.ActivationArguments.ApplicationIdentity, adSetup.ActivationArguments.ActivationContext, adSetup.ActivationArguments.ActivationData); ApplicationTrust applicationTrust = AppDomain.CurrentDomain.HostSecurityManager.DetermineApplicationTrust(applicationEvidence, evidence, new TrustManagerContext()); if (applicationTrust == null || !applicationTrust.IsApplicationTrustedToRun) { throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), -2146233320, (Exception)null); } string fullName = adSetup.ActivationArguments.ApplicationIdentity.FullName; AppDomainSetup setup = adSetup; Evidence providedSecurityInfo = applicationEvidence; Evidence creatorsSecurityInfo = providedSecurityInfo == null ? AppDomain.CurrentDomain.InternalEvidence : (Evidence)null; IntPtr securityDescriptor = AppDomain.CurrentDomain.GetSecurityDescriptor(); ObjRef instance = AppDomain.nCreateInstance(fullName, setup, providedSecurityInfo, creatorsSecurityInfo, securityDescriptor); if (instance == null) { return((ObjectHandle)null); } return(RemotingServices.Unmarshal(instance) as ObjectHandle); }
internal ManifestRunner(AppDomain domain, ActivationContext activationContext) { this.m_domain = domain; string text; string text2; CmsUtils.GetEntryPoint(activationContext, out text, out text2); if (string.IsNullOrEmpty(text)) { throw new ArgumentException(Environment.GetResourceString("Argument_NoMain")); } if (string.IsNullOrEmpty(text2)) { this.m_args = new string[0]; } else { this.m_args = text2.Split(new char[] { ' ' }); } this.m_apt = ApartmentState.Unknown; string applicationDirectory = activationContext.ApplicationDirectory; this.m_path = Path.Combine(applicationDirectory, text); }
internal ManifestRunner(AppDomain domain, ActivationContext activationContext) { m_domain = domain; string file, parameters; CmsUtils.GetEntryPoint(activationContext, out file, out parameters); if (String.IsNullOrEmpty(file)) { throw new ArgumentException(Environment.GetResourceString("Argument_NoMain")); } if (String.IsNullOrEmpty(parameters)) { m_args = new string[0]; } else { m_args = parameters.Split(' '); } m_apt = ApartmentState.Unknown; // get the 'merged' application directory path. string directoryName = activationContext.ApplicationDirectory; m_path = Path.Combine(directoryName, file); }
public static bool DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext context) { if (activationContext == null) { throw new ArgumentNullException("activationContext"); } ApplicationTrust appTrust = null; AppDomainManager domainManager = AppDomain.CurrentDomain.DomainManager; if (domainManager != null) { HostSecurityManager securityManager = domainManager.HostSecurityManager; if ((securityManager != null) && ((securityManager.Flags & HostSecurityManagerOptions.HostDetermineApplicationTrust) == HostSecurityManagerOptions.HostDetermineApplicationTrust)) { appTrust = securityManager.DetermineApplicationTrust(CmsUtils.MergeApplicationEvidence(null, activationContext.Identity, activationContext, null), null, context); if (appTrust == null) { return(false); } return(appTrust.IsApplicationTrustedToRun); } } appTrust = DetermineApplicationTrustInternal(activationContext, context); if (appTrust == null) { return(false); } return(appTrust.IsApplicationTrustedToRun); }
public ApplicationTrustCollection Find(ApplicationIdentity applicationIdentity, ApplicationVersionMatch versionMatch) { ApplicationTrustCollection applicationTrustCollection = new ApplicationTrustCollection(false); foreach (ApplicationTrust applicationTrust in this) { if (CmsUtils.CompareIdentities(applicationTrust.ApplicationIdentity, applicationIdentity, versionMatch)) { applicationTrustCollection.Add(applicationTrust); } } return applicationTrustCollection; }
public ApplicationTrustCollection Find(ApplicationIdentity applicationIdentity, ApplicationVersionMatch versionMatch) { ApplicationTrustCollection trusts = new ApplicationTrustCollection(false); ApplicationTrustEnumerator enumerator = this.GetEnumerator(); while (enumerator.MoveNext()) { ApplicationTrust current = enumerator.Current; if (CmsUtils.CompareIdentities(current.ApplicationIdentity, applicationIdentity, versionMatch)) { trusts.Add(current); } } return(trusts); }
public virtual ObjectHandle CreateInstance(ActivationContext activationContext, string[] activationCustomData) { if (activationContext == null) { throw new ArgumentNullException("activationContext"); } if (CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ActivationContext, activationContext)) { ManifestRunner runner = new ManifestRunner(AppDomain.CurrentDomain, activationContext); return(new ObjectHandle(runner.ExecuteAsAssembly())); } AppDomainSetup adSetup = new AppDomainSetup(new ActivationArguments(activationContext, activationCustomData)); return(CreateInstanceHelper(adSetup)); }
/// <summary> /// Encrypts and outputs the message. /// </summary> protected override void EndProcessing() { byte[] contentBytes = null; if (_inputObjects.Count > 0) { StringBuilder outputString = new StringBuilder(); Collection <PSObject> output = System.Management.Automation.PowerShell.Create() .AddCommand("Microsoft.PowerShell.Utility\\Out-String") .AddParameter("Stream") .Invoke(_inputObjects); foreach (PSObject outputObject in output) { if (outputString.Length > 0) { outputString.AppendLine(); } outputString.Append(outputObject); } contentBytes = System.Text.Encoding.UTF8.GetBytes(outputString.ToString()); } else { contentBytes = System.IO.File.ReadAllBytes(_resolvedPath); } ErrorRecord terminatingError = null; string encodedContent = CmsUtils.Encrypt(contentBytes, To, this.SessionState, out terminatingError); if (terminatingError != null) { ThrowTerminatingError(terminatingError); } if (string.IsNullOrEmpty(_resolvedOutFile)) { WriteObject(encodedContent); } else { System.IO.File.WriteAllText(_resolvedOutFile, encodedContent); } }
/// <summary> /// Gets the CMS Message object. /// </summary> protected override void EndProcessing() { string actualContent = null; // Read in the content if (string.Equals("ByContent", this.ParameterSetName, StringComparison.OrdinalIgnoreCase)) { actualContent = _contentBuffer.ToString(); } else { actualContent = System.IO.File.ReadAllText(_resolvedPath); } // Extract out the bytes and Base64 decode them int startIndex, endIndex; byte[] contentBytes = CmsUtils.RemoveAsciiArmor(actualContent, CmsUtils.BEGIN_CMS_SIGIL, CmsUtils.END_CMS_SIGIL, out startIndex, out endIndex); if (contentBytes == null) { ErrorRecord error = new ErrorRecord( new ArgumentException(CmsCommands.InputContainedNoEncryptedContent), "InputContainedNoEncryptedContent", ErrorCategory.ObjectNotFound, null); ThrowTerminatingError(error); } EnvelopedCms cms = new EnvelopedCms(); cms.Decode(contentBytes); PSObject result = new PSObject(cms); List <object> recipients = new List <object>(); foreach (RecipientInfo recipient in cms.RecipientInfos) { recipients.Add(recipient.RecipientIdentifier.Value); } result.Properties.Add( new PSNoteProperty("Recipients", recipients)); result.Properties.Add( new PSNoteProperty("Content", actualContent)); WriteObject(result); }
public virtual ObjectHandle CreateInstance(ActivationContext activationContext, string[] activationCustomData) { if (activationContext == null) { throw new ArgumentNullException("activationContext"); } if (CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ActivationContext, activationContext)) { ManifestRunner manifestRunner = new ManifestRunner(AppDomain.CurrentDomain, activationContext); return(new ObjectHandle(manifestRunner.ExecuteAsAssembly())); } AppDomainSetup appDomainSetup = new AppDomainSetup(new ActivationArguments(activationContext, activationCustomData)); AppDomainSetup setupInformation = AppDomain.CurrentDomain.SetupInformation; appDomainSetup.AppDomainManagerType = setupInformation.AppDomainManagerType; appDomainSetup.AppDomainManagerAssembly = setupInformation.AppDomainManagerAssembly; return(ApplicationActivator.CreateInstanceHelper(appDomainSetup)); }
public AppDomainSetup(System.Runtime.Hosting.ActivationArguments activationArguments) { if (activationArguments == null) { throw new ArgumentNullException("activationArguments"); } this._LoaderOptimization = System.LoaderOptimization.NotSpecified; this.ActivationArguments = activationArguments; string entryPointFullPath = CmsUtils.GetEntryPointFullPath(activationArguments); if (!string.IsNullOrEmpty(entryPointFullPath)) { this.SetupDefaultApplicationBase(entryPointFullPath); } else { this.ApplicationBase = activationArguments.ActivationContext.ApplicationDirectory; } }
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) { throw new ArgumentNullException("applicationEvidence"); } ActivationArguments hostEvidence = applicationEvidence.GetHostEvidence <ActivationArguments>(); if (hostEvidence == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } ActivationContext activationContext = hostEvidence.ActivationContext; if (activationContext == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } ApplicationTrust applicationTrust = applicationEvidence.GetHostEvidence <ApplicationTrust>(); if ((applicationTrust != null) && !CmsUtils.CompareIdentities(applicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { applicationTrust = null; } if (applicationTrust == null) { if ((AppDomain.CurrentDomain.ApplicationTrust != null) && CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { applicationTrust = AppDomain.CurrentDomain.ApplicationTrust; } else { applicationTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(activationContext, context); } } ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext); if (((applicationTrust != null) && applicationTrust.IsApplicationTrustedToRun) && !info.DefaultRequestSet.IsSubsetOf(applicationTrust.DefaultGrantSet.PermissionSet)) { throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest")); } return(applicationTrust); }
[System.Security.SecuritySafeCritical] // auto-generated protected static ObjectHandle CreateInstanceHelper(AppDomainSetup adSetup) { if (adSetup.ActivationArguments == null) { throw new ArgumentException(Environment.GetResourceString("Arg_MissingActivationArguments")); } Contract.EndContractBlock(); adSetup.ActivationArguments.ActivateInstance = true; // inherit the caller's domain evidence for the activation. Evidence activatorEvidence = AppDomain.CurrentDomain.Evidence; // add the application identity as an evidence. Evidence appEvidence = CmsUtils.MergeApplicationEvidence(null, adSetup.ActivationArguments.ApplicationIdentity, adSetup.ActivationArguments.ActivationContext, adSetup.ActivationArguments.ActivationData); HostSecurityManager securityManager = AppDomain.CurrentDomain.HostSecurityManager; ApplicationTrust appTrust = securityManager.DetermineApplicationTrust(appEvidence, activatorEvidence, new TrustManagerContext()); if (appTrust == null || !appTrust.IsApplicationTrustedToRun) { throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), System.__HResults.CORSEC_E_NO_EXEC_PERM, null); } ObjRef or = AppDomain.nCreateInstance(adSetup.ActivationArguments.ApplicationIdentity.FullName, adSetup, appEvidence, appEvidence == null ? AppDomain.CurrentDomain.InternalEvidence : null, AppDomain.CurrentDomain.GetSecurityDescriptor()); if (or == null) { return(null); } return(RemotingServices.Unmarshal(or) as ObjectHandle); }
internal ManifestRunner(AppDomain domain, ActivationContext activationContext) { m_domain = domain; string file, parameters; CmsUtils.GetEntryPoint(activationContext, out file, out parameters); if (parameters == null || parameters.Length == 0) { m_args = new string[0]; } else { m_args = parameters.Split(' '); } m_apt = ApartmentState.Unknown; // get the 'merged' application directory path. string directoryName = activationContext.ApplicationDirectory; m_path = Path.Combine(directoryName, file); }
protected static ObjectHandle CreateInstanceHelper(AppDomainSetup adSetup) { if (adSetup.ActivationArguments == null) { throw new ArgumentException(Environment.GetResourceString("Arg_MissingActivationArguments")); } adSetup.ActivationArguments.ActivateInstance = true; Evidence activatorEvidence = AppDomain.CurrentDomain.Evidence; Evidence applicationEvidence = CmsUtils.MergeApplicationEvidence(null, adSetup.ActivationArguments.ApplicationIdentity, adSetup.ActivationArguments.ActivationContext, adSetup.ActivationArguments.ActivationData); ApplicationTrust trust = AppDomain.CurrentDomain.HostSecurityManager.DetermineApplicationTrust(applicationEvidence, activatorEvidence, new TrustManagerContext()); if ((trust == null) || !trust.IsApplicationTrustedToRun) { throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), -2146233320, null); } ObjRef objectRef = AppDomain.nCreateInstance(adSetup.ActivationArguments.ApplicationIdentity.FullName, adSetup, applicationEvidence, (applicationEvidence == null) ? AppDomain.CurrentDomain.InternalEvidence : null, AppDomain.CurrentDomain.GetSecurityDescriptor()); if (objectRef == null) { return(null); } return(RemotingServices.Unmarshal(objectRef) as ObjectHandle); }
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) { throw new ArgumentNullException("applicationEvidence"); } Contract.EndContractBlock(); // This method looks for a trust decision for the ActivationContext in three locations, in order // of preference: // // 1. Supplied by the host in the AppDomainSetup. If the host supplied a decision this way, it // will be in the applicationEvidence. // 2. Reuse the ApplicationTrust from the current AppDomain // 3. Ask the TrustManager for a trust decision // get the activation context from the application evidence. // The default HostSecurityManager does not examine the activatorEvidence // but other security managers could use it to figure out the // evidence of the domain attempting to activate the application. ActivationArguments activationArgs = applicationEvidence.GetHostEvidence <ActivationArguments>(); if (activationArgs == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } ActivationContext actCtx = activationArgs.ActivationContext; if (actCtx == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } // Make sure that any ApplicationTrust we find applies to the ActivationContext we're // creating the new AppDomain for. ApplicationTrust appTrust = applicationEvidence.GetHostEvidence <ApplicationTrust>(); if (appTrust != null && !CmsUtils.CompareIdentities(appTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { appTrust = null; } // If there was not a trust decision supplied in the Evidence, we can reuse the existing trust // decision from this domain if its identity matches the ActivationContext of the new domain. // Otherwise consult the TrustManager for a trust decision if (appTrust == null) { if (AppDomain.CurrentDomain.ApplicationTrust != null && CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { appTrust = AppDomain.CurrentDomain.ApplicationTrust; } else { appTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(actCtx, context); } } // If the trust decision allows the application to run, then it should also have a permission set // which is at least the permission set the application requested. ApplicationSecurityInfo appRequest = new ApplicationSecurityInfo(actCtx); if (appTrust != null && appTrust.IsApplicationTrustedToRun && !appRequest.DefaultRequestSet.IsSubsetOf(appTrust.DefaultGrantSet.PermissionSet)) { throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest")); } return(appTrust); }
private string Decrypt(string actualContent) { // Extract out the bytes and Base64 decode them int startIndex, endIndex; byte[] messageBytes = CmsUtils.RemoveAsciiArmor(actualContent, CmsUtils.BEGIN_CMS_SIGIL, CmsUtils.END_CMS_SIGIL, out startIndex, out endIndex); if ((messageBytes == null) && (!IncludeContext)) { ErrorRecord error = new ErrorRecord( new ArgumentException( string.Format(CultureInfo.InvariantCulture, CmsCommands.InputContainedNoEncryptedContentIncludeContext, "-IncludeContext")), "InputContainedNoEncryptedContentIncludeContext", ErrorCategory.ObjectNotFound, null); ThrowTerminatingError(error); } // Capture the pre and post context, if there was any string preContext = null; string postContext = null; if (IncludeContext) { if (startIndex > -1) { preContext = actualContent.Substring(0, startIndex); } if (endIndex > -1) { postContext = actualContent.Substring(endIndex); } } EnvelopedCms cms = new EnvelopedCms(); X509Certificate2Collection certificates = new X509Certificate2Collection(); if ((To != null) && (To.Length > 0)) { ErrorRecord error = null; foreach (CmsMessageRecipient recipient in To) { recipient.Resolve(this.SessionState, ResolutionPurpose.Decryption, out error); if (error != null) { ThrowTerminatingError(error); return(null); } foreach (X509Certificate2 certificate in recipient.Certificates) { certificates.Add(certificate); } } } string resultString = actualContent; if (messageBytes != null) { cms.Decode(messageBytes); cms.Decrypt(certificates); resultString = System.Text.Encoding.UTF8.GetString(cms.ContentInfo.Content); } if (IncludeContext) { if (preContext != null) { resultString = preContext + resultString; } if (postContext != null) { resultString = resultString + postContext; } } return(resultString); }