private static bool ExistingTrustApplicable(ApplicationSecurityInfo info, ArrayList matchingTrusts) { int index = 0; while (index < matchingTrusts.Count) { ApplicationTrust trust = (ApplicationTrust)matchingTrusts[index]; if (!trust.IsApplicationTrustedToRun) { matchingTrusts.RemoveAt(index); } PermissionSet requestedPermissionSet = GetRequestedPermissionSet(info); PermissionSet permissionSet = trust.DefaultGrantSet.PermissionSet; if ((permissionSet == null) && (requestedPermissionSet != null)) { matchingTrusts.RemoveAt(index); } else if ((permissionSet != null) && (requestedPermissionSet == null)) { index++; continue; } if (requestedPermissionSet.IsSubsetOf(permissionSet)) { index++; } else { matchingTrusts.RemoveAt(index); } } return(matchingTrusts.Count > 0); }
/// <summary> /// Gets the public key token for the current ClickOnce app. /// </summary> /// <returns></returns> private static string GetPublicKeyToken() { ApplicationSecurityInfo asi = new ApplicationSecurityInfo(AppDomain.CurrentDomain.ActivationContext); byte[] pk = asi.ApplicationId.PublicKeyToken; StringBuilder pkt = new StringBuilder(); for (int i = 0; i < pk.GetLength(0); i++) pkt.Append($"{pk[i]:x}"); return pkt.ToString(); }
private static string GetDeploymentUrl(ApplicationSecurityInfo info) { Url hostEvidence = info.ApplicationEvidence.GetHostEvidence <Url>(); if (hostEvidence != null) { return(hostEvidence.Value); } return(null); }
private static PermissionSet GetRequestedPermissionSet(ApplicationSecurityInfo info) { PermissionSet defaultRequestSet = info.DefaultRequestSet; PermissionSet set2 = null; if (defaultRequestSet != null) { set2 = defaultRequestSet.Copy(); } return(set2); }
public static System.Security.Policy.ApplicationTrust PersistTrustWithoutEvaluation(ActivationContext actCtx) { ApplicationSecurityInfo info = new ApplicationSecurityInfo(actCtx); System.Security.Policy.ApplicationTrust trust = new System.Security.Policy.ApplicationTrust(actCtx.Identity) { IsApplicationTrustedToRun = true, DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, PolicyStatementAttribute.Nothing), Persist = true, ApplicationIdentity = actCtx.Identity }; ApplicationSecurityManager.UserApplicationTrusts.Add(trust); return trust; }
private static bool AppRequestsBeyondDefaultTrust(ApplicationSecurityInfo info) { try { PermissionSet standardSandbox = SecurityManager.GetStandardSandbox(info.ApplicationEvidence); PermissionSet requestedPermissionSet = GetRequestedPermissionSet(info); if ((standardSandbox == null) && (requestedPermissionSet != null)) { return(true); } if ((standardSandbox != null) && (requestedPermissionSet == null)) { return(false); } return(!requestedPermissionSet.IsSubsetOf(standardSandbox)); } catch (Exception) { return(true); } }
private static bool AppRequestsBeyondDefaultTrust(ApplicationSecurityInfo info) { try { PermissionSet standardSandbox = SecurityManager.GetStandardSandbox(info.ApplicationEvidence); PermissionSet requestedPermissionSet = GetRequestedPermissionSet(info); if ((standardSandbox == null) && (requestedPermissionSet != null)) { return true; } if ((standardSandbox != null) && (requestedPermissionSet == null)) { return false; } return !requestedPermissionSet.IsSubsetOf(standardSandbox); } catch (Exception) { return true; } }
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) { throw new ArgumentNullException("applicationEvidence"); } ActivationArguments hostEvidence = applicationEvidence.GetHostEvidence<ActivationArguments>(); if (hostEvidence == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } ActivationContext activationContext = hostEvidence.ActivationContext; if (activationContext == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } ApplicationTrust applicationTrust = applicationEvidence.GetHostEvidence<ApplicationTrust>(); if ((applicationTrust != null) && !CmsUtils.CompareIdentities(applicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { applicationTrust = null; } if (applicationTrust == null) { if ((AppDomain.CurrentDomain.ApplicationTrust != null) && CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { applicationTrust = AppDomain.CurrentDomain.ApplicationTrust; } else { applicationTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(activationContext, context); } } ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext); if (((applicationTrust != null) && applicationTrust.IsApplicationTrustedToRun) && !info.DefaultRequestSet.IsSubsetOf(applicationTrust.DefaultGrantSet.PermissionSet)) { throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest")); } return applicationTrust; }
private static ApplicationTrust CreateApplicationTrust(ActivationContext activationContext, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, bool trust, bool persist) { return new ApplicationTrust(activationContext.Identity) { ExtraInfo = appTrustExtraInfo, IsApplicationTrustedToRun = trust, DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, PolicyStatementAttribute.Nothing), Persist = persist }; }
private static ApplicationTrust BlockingPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, bool permissionElevationRequired) { TrustManagerPromptOptions options = CompletePromptOptions(permissionElevationRequired ? (TrustManagerPromptOptions.RequiresPermissions | TrustManagerPromptOptions.StopApp) : TrustManagerPromptOptions.StopApp, appTrustExtraInfo, zoneName, info); try { new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog(); } catch (Exception) { } return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false); }
private bool DetermineTrustCore(bool blocking, TrustParams tp) { try { Logger.AddMethodCall(this._log, "DeploymentManager.DetermineTrustCore() called."); SubscriptionState subscriptionState = this._subStore.GetSubscriptionState(this._actDesc.DeployManifest); TrustManagerContext tmc = new TrustManagerContext { IgnorePersistedDecision = false, NoPrompt = false, Persist = true }; if (tp != null) { tmc.NoPrompt = tp.NoPrompt; } if (!blocking && this._cancellationPending) { return true; } if (subscriptionState.IsInstalled && !string.Equals(subscriptionState.EffectiveCertificatePublicKeyToken, this._actDesc.EffectiveCertificatePublicKeyToken, StringComparison.Ordinal)) { Logger.AddInternalState(this._log, "Application family is installed but effective certificate public key token has changed between versions: subState.EffectiveCertificatePublicKeyToken=" + subscriptionState.EffectiveCertificatePublicKeyToken + ",_actDesc.EffectiveCertificatePublicKeyToken=" + this._actDesc.EffectiveCertificatePublicKeyToken); Logger.AddInternalState(this._log, "Removing cached trust for the CurrentBind."); System.Deployment.Application.ApplicationTrust.RemoveCachedTrust(subscriptionState.CurrentBind); } bool isUpdate = false; if (this._actDesc.IsUpdate) { isUpdate = true; } if (this._actDesc.IsUpdateInPKTGroup) { isUpdate = false; ApplicationSecurityInfo info = new ApplicationSecurityInfo(this._actCtx); this._actDesc.IsFullTrustRequested = info.DefaultRequestSet.IsUnrestricted(); } this._actDesc.Trust = System.Deployment.Application.ApplicationTrust.RequestTrust(subscriptionState, this._actDesc.DeployManifest.Deployment.Install, isUpdate, this._actCtx, tmc); } catch (Exception exception) { this.LogError(Resources.GetString("Ex_DetermineTrustFailed"), exception); Logger.AddInternalState(this._log, "Exception thrown in DetermineTrustCore(): " + exception.GetType().ToString() + " : " + exception.Message + "\r\n" + exception.StackTrace); throw; } return false; }
private static ApplicationTrust HighRiskPrompt(ActivationContext activationContext, ParsedData parsedData, String deploymentUrl, HostContextInternal hostContextInternal, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName) { DialogResult ret; TrustManagerPromptOptions options = CompletePromptOptions(TrustManagerPromptOptions.RequiresPermissions, appTrustExtraInfo, zoneName, info); try { TrustManagerPromptUIThread highRiskDialog = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher /*publisherName*/, parsedData.Certificate, options); ret = highRiskDialog.ShowDialog(); } catch (Exception ex) { Debug.Fail("Error occurred while showing high risk dialog: " + ex.Message); ret = DialogResult.No; } return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, ret == DialogResult.OK /*trust*/, hostContextInternal.Persist && ret == DialogResult.OK /*persist*/); }
private static string GetDeploymentUrl(ApplicationSecurityInfo info) { Debug.Assert(info != null); Evidence appEvidence = info.ApplicationEvidence; Url deploymentUrl = appEvidence.GetHostEvidence<Url>(); if (deploymentUrl != null) { return deploymentUrl.Value; } // Couldn't find deployment Url return null; }
private static ApplicationTrust CreateApplicationTrust(ActivationContext activationContext, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, bool trust, bool persist) { ApplicationTrust appTrust = new ApplicationTrust(activationContext.Identity); appTrust.ExtraInfo = appTrustExtraInfo; appTrust.IsApplicationTrustedToRun = trust; appTrust.DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, (PolicyStatementAttribute) 0); appTrust.Persist = persist; return appTrust; }
public ApplicationTrust DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext trustManagerContext) { if (activationContext == null) { throw new ArgumentNullException("activationContext"); } ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext); ApplicationTrustExtraInfo appTrustExtraInfo = new ApplicationTrustExtraInfo(); // ISSUE - fix this.... HostContextInternal hostContextInternal = new HostContextInternal(trustManagerContext); ICMS cms = (ICMS)InternalActivationContextHelper.GetDeploymentComponentManifest(activationContext); ParsedData parsedData = new ParsedData(); if (ParseManifest(cms, parsedData)) { appTrustExtraInfo.RequestsShellIntegration = parsedData.RequestsShellIntegration; } string deploymentUrl = GetDeploymentUrl(info); string zoneName = GetZoneNameFromDeploymentUrl(deploymentUrl); MemoryStream ms; PromptsAllowed promptsAllowed; if (!ExtractManifestContent(cms, out ms)) { // Block prompt return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/); } bool distrustedPublisher, trustedPublisher, noCertificate; AnalyzeCertificate(parsedData, ms, out distrustedPublisher, out trustedPublisher, out noCertificate); /// Check whether application manifest allows to use deployment manifest certificate. /// If not then we have to use application manifest certificate instead. ICMS applicationCms = (ICMS)InternalActivationContextHelper.GetApplicationComponentManifest(activationContext); ParsedData applicationParsedData = new ParsedData(); if (ParseManifest(applicationCms, applicationParsedData)) { if (applicationParsedData.UseManifestForTrust) { MemoryStream applicationMs; if (ExtractManifestContent(applicationCms, out applicationMs)) { /// Use the old parsedData. bool applicationDistrustedPublisher, applicationTrustedPublisher, applicationNoCertificate; AnalyzeCertificate(parsedData, applicationMs, out applicationDistrustedPublisher, out applicationTrustedPublisher, out applicationNoCertificate); distrustedPublisher = applicationDistrustedPublisher; trustedPublisher = applicationTrustedPublisher; noCertificate = applicationNoCertificate; parsedData.AppName = applicationParsedData.AppName; parsedData.AppPublisher = applicationParsedData.AppPublisher; parsedData.SupportUrl = applicationParsedData.SupportUrl; } } } if (distrustedPublisher) { promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData); if (promptsAllowed == PromptsAllowed.None) { // No prompt allowed, return Do Not Trust. return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/); } return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/); } if (noCertificate) { parsedData.AuthenticodedPublisher = null; parsedData.Certificate = null; } if (!hostContextInternal.IgnorePersistedDecision) { // Check if there are previously trusted versions installed. ArrayList matchingTrusts; if (SearchPreviousTrustedVersion(activationContext, out matchingTrusts)) { Debug.Assert(matchingTrusts != null && matchingTrusts.Count > 0); // Found a matching app, with normally a different version. if (ExistingTrustApplicable(info, matchingTrusts)) { // There is at least one old version that requires at the same or more permissions. // ExistingTrustApplicable removed the non-applicable version from the matchingTrusts arrays. Debug.Assert(matchingTrusts != null && matchingTrusts.Count > 0); // Check if the new app requires shell integration while none of the old ones did if (appTrustExtraInfo.RequestsShellIntegration && !SomePreviousTrustedVersionRequiresShellIntegration(matchingTrusts) && !trustedPublisher) { promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData); switch (promptsAllowed) { case PromptsAllowed.None: // No prompt allowed, return Do Not Trust. return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/); case PromptsAllowed.BlockingOnly: return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/); case PromptsAllowed.All: // New app requires shell integration - bring up the Basic Install Prompt return BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/); } } // No prompt, return Trust & Persist. return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true /*trust*/, hostContextInternal.Persist /*persist*/); } } } bool permissionElevationRequired = AppRequestsBeyondDefaultTrust(info); if (!permissionElevationRequired || trustedPublisher) { if (!trustedPublisher) { Debug.Assert(!permissionElevationRequired); promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData); switch (promptsAllowed) { case PromptsAllowed.BlockingOnly: return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, permissionElevationRequired); case PromptsAllowed.None: // XBaps should also prompt in InternetZone // Originally xbaps were silently trusted, along with other ClickOnce apps case PromptsAllowed.All: // App shell integrates and is not from a trusted deployer, bring up the Basic Install Prompt. return BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneName, false /*permissionElevationRequired*/); } } else { // App does not shell integrate and does not run in "Internet" zone, or is from a trusted deployer, return Trust return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true /*trust*/, hostContextInternal.Persist /*persist*/); } } promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData); switch (promptsAllowed) { case PromptsAllowed.None: // No prompt allowed, return Do Not Trust. return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/); case PromptsAllowed.BlockingOnly: return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, true /*permissionElevationRequired*/); default: // PromptsAllowed.All: // Bring up the HighRisk Install Prompt if the app shell integrates, or the HighRisk Run Prompt otherwise. return HighRiskPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneName); } }
public ApplicationTrust DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext trustManagerContext) { MemoryStream stream; bool flag; bool flag2; bool flag3; MemoryStream stream2; ArrayList list; if (activationContext == null) { throw new ArgumentNullException("activationContext"); } ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext); ApplicationTrustExtraInfo appTrustExtraInfo = new ApplicationTrustExtraInfo(); HostContextInternal hostContextInternal = new HostContextInternal(trustManagerContext); System.Deployment.Internal.Isolation.Manifest.ICMS deploymentComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS) InternalActivationContextHelper.GetDeploymentComponentManifest(activationContext); ParsedData parsedData = new ParsedData(); if (ParseManifest(deploymentComponentManifest, parsedData)) { appTrustExtraInfo.RequestsShellIntegration = parsedData.RequestsShellIntegration; } string deploymentUrl = GetDeploymentUrl(info); string zoneNameFromDeploymentUrl = GetZoneNameFromDeploymentUrl(deploymentUrl); if (!ExtractManifestContent(deploymentComponentManifest, out stream)) { return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)); } AnalyzeCertificate(parsedData, stream, out flag, out flag2, out flag3); System.Deployment.Internal.Isolation.Manifest.ICMS applicationComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS) InternalActivationContextHelper.GetApplicationComponentManifest(activationContext); ParsedData data2 = new ParsedData(); if ((ParseManifest(applicationComponentManifest, data2) && data2.UseManifestForTrust) && ExtractManifestContent(applicationComponentManifest, out stream2)) { bool flag4; bool flag5; bool flag6; AnalyzeCertificate(parsedData, stream2, out flag4, out flag5, out flag6); flag = flag4; flag2 = flag5; flag3 = flag6; parsedData.AppName = data2.AppName; parsedData.AppPublisher = data2.AppPublisher; parsedData.SupportUrl = data2.SupportUrl; } if (flag) { if (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData) == PromptsAllowed.None) { return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false); } return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)); } if (flag3) { parsedData.AuthenticodedPublisher = null; parsedData.Certificate = null; } if ((!hostContextInternal.IgnorePersistedDecision && SearchPreviousTrustedVersion(activationContext, hostContextInternal.PreviousAppId, out list)) && ExistingTrustApplicable(info, list)) { if ((appTrustExtraInfo.RequestsShellIntegration && !SomePreviousTrustedVersionRequiresShellIntegration(list)) && !flag2) { switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData)) { case PromptsAllowed.All: return BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)); case PromptsAllowed.BlockingOnly: return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)); case PromptsAllowed.None: return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false); } } return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist); } bool permissionElevationRequired = AppRequestsBeyondDefaultTrust(info); if (!permissionElevationRequired || flag2) { if (flag2) { return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist); } switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData)) { case PromptsAllowed.All: case PromptsAllowed.None: return BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, false); case PromptsAllowed.BlockingOnly: return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, permissionElevationRequired); } } switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData)) { case PromptsAllowed.BlockingOnly: return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, true); case PromptsAllowed.None: return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false); } return HighRiskPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl); }
private static bool ExistingTrustApplicable(ApplicationSecurityInfo info, ArrayList matchingTrusts) { int index = 0; while (index < matchingTrusts.Count) { ApplicationTrust trust = (ApplicationTrust) matchingTrusts[index]; if (!trust.IsApplicationTrustedToRun) { matchingTrusts.RemoveAt(index); } PermissionSet requestedPermissionSet = GetRequestedPermissionSet(info); PermissionSet permissionSet = trust.DefaultGrantSet.PermissionSet; if ((permissionSet == null) && (requestedPermissionSet != null)) { matchingTrusts.RemoveAt(index); } else if ((permissionSet != null) && (requestedPermissionSet == null)) { index++; continue; } if (requestedPermissionSet.IsSubsetOf(permissionSet)) { index++; } else { matchingTrusts.RemoveAt(index); } } return (matchingTrusts.Count > 0); }
private static ApplicationTrust HighRiskPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, HostContextInternal hostContextInternal, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName) { DialogResult no; TrustManagerPromptOptions options = CompletePromptOptions(TrustManagerPromptOptions.RequiresPermissions, appTrustExtraInfo, zoneName, info); try { no = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog(); } catch (Exception) { no = DialogResult.No; } return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, no == DialogResult.OK, hostContextInternal.Persist && (no == DialogResult.OK)); }
private static PermissionSet GetRequestedPermissionSet(ApplicationSecurityInfo info) { PermissionSet defaultRequestSet = info.DefaultRequestSet; PermissionSet set2 = null; if (defaultRequestSet != null) { set2 = defaultRequestSet.Copy(); } return set2; }
private static string GetDeploymentUrl(ApplicationSecurityInfo info) { Url hostEvidence = info.ApplicationEvidence.GetHostEvidence<Url>(); if (hostEvidence != null) { return hostEvidence.Value; } return null; }
private static ApplicationTrust HighRiskPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, HostContextInternal hostContextInternal, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName) { DialogResult no; TrustManagerPromptOptions options = CompletePromptOptions(TrustManagerPromptOptions.RequiresPermissions, appTrustExtraInfo, zoneName, info); try { no = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog(); } catch (Exception) { no = DialogResult.No; } return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, no == DialogResult.OK, hostContextInternal.Persist && (no == DialogResult.OK))); }
protected void InitStore(IsolatedStorageScope scope, Type appEvidenceType) { PermissionSet psAllowed = null; PermissionSet psDenied = null; GetCaller(); GetControlEvidencePermission().Assert(); if (IsApp(scope)) { AppDomain domain = Thread.GetDomain(); if (!IsRoaming(scope)) { psAllowed = domain.PermissionSet; if (psAllowed == null) { throw new IsolatedStorageException(Environment.GetResourceString("IsolatedStorage_DomainGrantSet")); } } ActivationContext activationContext = AppDomain.CurrentDomain.ActivationContext; if (activationContext == null) { throw new IsolatedStorageException(Environment.GetResourceString("IsolatedStorage_ApplicationMissingIdentity")); } ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext); this._InitStore(scope, null, null, null, null, info.ApplicationEvidence, appEvidenceType); } this.SetQuota(psAllowed, psDenied); }
private static bool AppRequestsBeyondDefaultTrust(ApplicationSecurityInfo info) { Debug.Assert(info != null); try { PermissionSet permSetDefaultZone = SecurityManager.GetStandardSandbox(info.ApplicationEvidence); PermissionSet permSetRequested = GetRequestedPermissionSet(info); if (permSetDefaultZone == null && permSetRequested != null) { // No permissions are granted, and this launch requests some permissions return true; } else if (permSetDefaultZone != null && permSetRequested == null) { // Some permissions are granted, and this launch does not require any permissions return false; } Debug.Assert(permSetDefaultZone != null); Debug.Assert(permSetRequested != null); return !permSetRequested.IsSubsetOf(permSetDefaultZone); } catch (Exception) { return true; } }
internal static Evidence MergeApplicationEvidence(Evidence evidence, ApplicationIdentity applicationIdentity, ActivationContext activationContext, string[] activationData, ApplicationTrust applicationTrust) { Evidence appEvidence = new Evidence(); ActivationArguments activationArgs = (activationContext == null ? new ActivationArguments(applicationIdentity, activationData) : new ActivationArguments(activationContext, activationData)); appEvidence = new Evidence(); appEvidence.AddHostEvidence(activationArgs); if (applicationTrust != null) appEvidence.AddHostEvidence(applicationTrust); if (activationContext != null) { Evidence asiEvidence = new ApplicationSecurityInfo(activationContext).ApplicationEvidence; if (asiEvidence != null) appEvidence.MergeWithNoDuplicates(asiEvidence); } if (evidence != null) appEvidence.MergeWithNoDuplicates(evidence); return appEvidence; }
private static TrustManagerPromptOptions CompletePromptOptions(TrustManagerPromptOptions options, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, ApplicationSecurityInfo info) { if (appTrustExtraInfo.RequestsShellIntegration) { options |= TrustManagerPromptOptions.AddsShortcut; } if (zoneName != null) { if (string.Compare(zoneName, "Internet", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.InternetSource; } else if (string.Compare(zoneName, "TrustedSites", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.TrustedSitesSource; } else if (string.Compare(zoneName, "UntrustedSites", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.UntrustedSitesSource; } else if (string.Compare(zoneName, "LocalIntranet", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.LocalNetworkSource; } else if (string.Compare(zoneName, "MyComputer", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.LocalComputerSource; } } if (info != null) { PermissionSet pset = info.DefaultRequestSet; if (pset != null && pset.IsUnrestricted()) { options |= TrustManagerPromptOptions.WillHaveFullTrust; } } return options; }
private static ApplicationTrust BlockingPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, bool permissionElevationRequired) { TrustManagerPromptOptions options = CompletePromptOptions(permissionElevationRequired ? (TrustManagerPromptOptions.RequiresPermissions | TrustManagerPromptOptions.StopApp) : TrustManagerPromptOptions.StopApp, appTrustExtraInfo, zoneName, info); try { new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog(); } catch (Exception) { } return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false)); }
private static bool ExistingTrustApplicable(ApplicationSecurityInfo info, ArrayList matchingTrusts) { Debug.Assert(info != null); Debug.Assert(matchingTrusts != null); int entry = 0; while (entry < matchingTrusts.Count) { ApplicationTrust matchingTrust = (ApplicationTrust) matchingTrusts[entry]; if (!matchingTrust.IsApplicationTrustedToRun) { // [....]: Can this ever happen? I have serious doubts... matchingTrusts.RemoveAt(entry); } PermissionSet permSetRequested = GetRequestedPermissionSet(info); PermissionSet permSetGranted = matchingTrust.DefaultGrantSet.PermissionSet; //PolicyStatement makes of copy of its permission set here. if (permSetGranted == null && permSetRequested != null) { // No permissions were granted, and this launch requests some permissions matchingTrusts.RemoveAt(entry); } else if (permSetGranted != null && permSetRequested == null) { // Some permissions were granted, and this launch does not require any permissions entry++; continue; } Debug.Assert(permSetGranted != null); Debug.Assert(permSetRequested != null); if (permSetRequested.IsSubsetOf(permSetGranted)) { entry++; // Found a version that requires at least as much } else { // This version does not require as much matchingTrusts.RemoveAt(entry); } } return matchingTrusts.Count > 0; }
private static TrustManagerPromptOptions CompletePromptOptions(TrustManagerPromptOptions options, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, ApplicationSecurityInfo info) { if (appTrustExtraInfo.RequestsShellIntegration) { options |= TrustManagerPromptOptions.AddsShortcut; } if (zoneName != null) { if (string.Compare(zoneName, "Internet", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.InternetSource; } else if (string.Compare(zoneName, "TrustedSites", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.TrustedSitesSource; } else if (string.Compare(zoneName, "UntrustedSites", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.UntrustedSitesSource; } else if (string.Compare(zoneName, "LocalIntranet", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.LocalNetworkSource; } else if (string.Compare(zoneName, "MyComputer", true, CultureInfo.InvariantCulture) == 0) { options |= TrustManagerPromptOptions.LocalComputerSource; } } if (info != null) { PermissionSet defaultRequestSet = info.DefaultRequestSet; if ((defaultRequestSet != null) && defaultRequestSet.IsUnrestricted()) { options |= TrustManagerPromptOptions.WillHaveFullTrust; } } return(options); }
private static PermissionSet GetRequestedPermissionSet(ApplicationSecurityInfo info) { Debug.Assert(info != null); PermissionSet pset = info.DefaultRequestSet; PermissionSet permSetRequested = null; if (pset != null) { permSetRequested = pset.Copy(); } return permSetRequested; }
private static ApplicationTrust CreateApplicationTrust(ActivationContext activationContext, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, bool trust, bool persist) { return(new ApplicationTrust(activationContext.Identity) { ExtraInfo = appTrustExtraInfo, IsApplicationTrustedToRun = trust, DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, PolicyStatementAttribute.Nothing), Persist = persist }); }
private static ApplicationTrust BlockingPrompt(ActivationContext activationContext, ParsedData parsedData, String deploymentUrl, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, bool permissionElevationRequired) { TrustManagerPromptOptions options = CompletePromptOptions(permissionElevationRequired ? (TrustManagerPromptOptions.StopApp | TrustManagerPromptOptions.RequiresPermissions) : TrustManagerPromptOptions.StopApp, appTrustExtraInfo, zoneName, info); try { TrustManagerPromptUIThread errorDialog = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher /*publisherName*/, parsedData.Certificate, options); errorDialog.ShowDialog(); } catch (Exception ex) { Debug.Fail("Error occurred while showing error dialog: " + ex.Message); } // Trust Manager should prompt, but is not allowed to. Return Don't Trust and Don't Persist. return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/); }
public ApplicationTrust DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext trustManagerContext) { MemoryStream stream; bool flag; bool flag2; bool flag3; MemoryStream stream2; ArrayList list; if (activationContext == null) { throw new ArgumentNullException("activationContext"); } ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext); ApplicationTrustExtraInfo appTrustExtraInfo = new ApplicationTrustExtraInfo(); HostContextInternal hostContextInternal = new HostContextInternal(trustManagerContext); System.Deployment.Internal.Isolation.Manifest.ICMS deploymentComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS)InternalActivationContextHelper.GetDeploymentComponentManifest(activationContext); ParsedData parsedData = new ParsedData(); if (ParseManifest(deploymentComponentManifest, parsedData)) { appTrustExtraInfo.RequestsShellIntegration = parsedData.RequestsShellIntegration; } string deploymentUrl = GetDeploymentUrl(info); string zoneNameFromDeploymentUrl = GetZoneNameFromDeploymentUrl(deploymentUrl); if (!ExtractManifestContent(deploymentComponentManifest, out stream)) { return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info))); } AnalyzeCertificate(parsedData, stream, out flag, out flag2, out flag3); System.Deployment.Internal.Isolation.Manifest.ICMS applicationComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS)InternalActivationContextHelper.GetApplicationComponentManifest(activationContext); ParsedData data2 = new ParsedData(); if ((ParseManifest(applicationComponentManifest, data2) && data2.UseManifestForTrust) && ExtractManifestContent(applicationComponentManifest, out stream2)) { bool flag4; bool flag5; bool flag6; AnalyzeCertificate(parsedData, stream2, out flag4, out flag5, out flag6); flag = flag4; flag2 = flag5; flag3 = flag6; parsedData.AppName = data2.AppName; parsedData.AppPublisher = data2.AppPublisher; parsedData.SupportUrl = data2.SupportUrl; } if (flag) { if (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData) == PromptsAllowed.None) { return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false)); } return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info))); } if (flag3) { parsedData.AuthenticodedPublisher = null; parsedData.Certificate = null; } if ((!hostContextInternal.IgnorePersistedDecision && SearchPreviousTrustedVersion(activationContext, hostContextInternal.PreviousAppId, out list)) && ExistingTrustApplicable(info, list)) { if ((appTrustExtraInfo.RequestsShellIntegration && !SomePreviousTrustedVersionRequiresShellIntegration(list)) && !flag2) { switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData)) { case PromptsAllowed.All: return(BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info))); case PromptsAllowed.BlockingOnly: return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info))); case PromptsAllowed.None: return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false)); } } return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist)); } bool permissionElevationRequired = AppRequestsBeyondDefaultTrust(info); if (!permissionElevationRequired || flag2) { if (flag2) { return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist)); } switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData)) { case PromptsAllowed.All: case PromptsAllowed.None: return(BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, false)); case PromptsAllowed.BlockingOnly: return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, permissionElevationRequired)); } } switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData)) { case PromptsAllowed.BlockingOnly: return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, true)); case PromptsAllowed.None: return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false)); } return(HighRiskPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl)); }
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) throw new ArgumentNullException("applicationEvidence"); Contract.EndContractBlock(); // This method looks for a trust decision for the ActivationContext in three locations, in order // of preference: // // 1. Supplied by the host in the AppDomainSetup. If the host supplied a decision this way, it // will be in the applicationEvidence. // 2. Reuse the ApplicationTrust from the current AppDomain // 3. Ask the TrustManager for a trust decision // get the activation context from the application evidence. // The default HostSecurityManager does not examine the activatorEvidence // but other security managers could use it to figure out the // evidence of the domain attempting to activate the application. ActivationArguments activationArgs = applicationEvidence.GetHostEvidence<ActivationArguments>(); if (activationArgs == null) throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); ActivationContext actCtx = activationArgs.ActivationContext; if (actCtx == null) throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); // Make sure that any ApplicationTrust we find applies to the ActivationContext we're // creating the new AppDomain for. ApplicationTrust appTrust = applicationEvidence.GetHostEvidence<ApplicationTrust>(); if (appTrust != null && !CmsUtils.CompareIdentities(appTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { appTrust = null; } // If there was not a trust decision supplied in the Evidence, we can reuse the existing trust // decision from this domain if its identity matches the ActivationContext of the new domain. // Otherwise consult the TrustManager for a trust decision if (appTrust == null) { if (AppDomain.CurrentDomain.ApplicationTrust != null && CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { appTrust = AppDomain.CurrentDomain.ApplicationTrust; } else { appTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(actCtx, context); } } // If the trust decision allows the application to run, then it should also have a permission set // which is at least the permission set the application requested. ApplicationSecurityInfo appRequest = new ApplicationSecurityInfo(actCtx); if (appTrust != null && appTrust.IsApplicationTrustedToRun && !appRequest.DefaultRequestSet.IsSubsetOf(appTrust.DefaultGrantSet.PermissionSet)) { throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest")); } return appTrust; }
internal static Evidence MergeApplicationEvidence(Evidence evidence, ApplicationIdentity applicationIdentity, ActivationContext activationContext, string[] activationData, ApplicationTrust applicationTrust) { Evidence evidence2 = new Evidence(); ActivationArguments id = (activationContext == null) ? new ActivationArguments(applicationIdentity, activationData) : new ActivationArguments(activationContext, activationData); evidence2 = new Evidence(); evidence2.AddHost(id); if (applicationTrust != null) { evidence2.AddHost(applicationTrust); } if (activationContext != null) { Evidence applicationEvidence = new ApplicationSecurityInfo(activationContext).ApplicationEvidence; if (applicationEvidence != null) { evidence2.MergeWithNoDuplicates(applicationEvidence); } } if (evidence != null) { evidence2.MergeWithNoDuplicates(evidence); } return evidence2; }