private static bool ExistingTrustApplicable(ApplicationSecurityInfo info, ArrayList matchingTrusts)
{
int index = 0;
while (index < matchingTrusts.Count)
{
ApplicationTrust trust = (ApplicationTrust)matchingTrusts[index];
if (!trust.IsApplicationTrustedToRun)
{
matchingTrusts.RemoveAt(index);
}
PermissionSet requestedPermissionSet = GetRequestedPermissionSet(info);
PermissionSet permissionSet = trust.DefaultGrantSet.PermissionSet;
if ((permissionSet == null) && (requestedPermissionSet != null))
{
matchingTrusts.RemoveAt(index);
}
else if ((permissionSet != null) && (requestedPermissionSet == null))
{
index++;
continue;
}
if (requestedPermissionSet.IsSubsetOf(permissionSet))
{
index++;
}
else
{
matchingTrusts.RemoveAt(index);
}
}
return(matchingTrusts.Count > 0);
}
/// <summary>
/// Gets the public key token for the current ClickOnce app.
/// </summary>
/// <returns></returns>
private static string GetPublicKeyToken()
{
ApplicationSecurityInfo asi = new ApplicationSecurityInfo(AppDomain.CurrentDomain.ActivationContext);
byte[] pk = asi.ApplicationId.PublicKeyToken;
StringBuilder pkt = new StringBuilder();
for (int i = 0; i < pk.GetLength(0); i++)
pkt.Append($"{pk[i]:x}");
return pkt.ToString();
}
private static string GetDeploymentUrl(ApplicationSecurityInfo info)
{
Url hostEvidence = info.ApplicationEvidence.GetHostEvidence <Url>();
if (hostEvidence != null)
{
return(hostEvidence.Value);
}
return(null);
}
private static PermissionSet GetRequestedPermissionSet(ApplicationSecurityInfo info)
{
PermissionSet defaultRequestSet = info.DefaultRequestSet;
PermissionSet set2 = null;
if (defaultRequestSet != null)
{
set2 = defaultRequestSet.Copy();
}
return(set2);
}
public static System.Security.Policy.ApplicationTrust PersistTrustWithoutEvaluation(ActivationContext actCtx)
{
ApplicationSecurityInfo info = new ApplicationSecurityInfo(actCtx);
System.Security.Policy.ApplicationTrust trust = new System.Security.Policy.ApplicationTrust(actCtx.Identity) {
IsApplicationTrustedToRun = true,
DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, PolicyStatementAttribute.Nothing),
Persist = true,
ApplicationIdentity = actCtx.Identity
};
ApplicationSecurityManager.UserApplicationTrusts.Add(trust);
return trust;
}
private static bool AppRequestsBeyondDefaultTrust(ApplicationSecurityInfo info)
{
try
{
PermissionSet standardSandbox = SecurityManager.GetStandardSandbox(info.ApplicationEvidence);
PermissionSet requestedPermissionSet = GetRequestedPermissionSet(info);
if ((standardSandbox == null) && (requestedPermissionSet != null))
{
return(true);
}
if ((standardSandbox != null) && (requestedPermissionSet == null))
{
return(false);
}
return(!requestedPermissionSet.IsSubsetOf(standardSandbox));
}
catch (Exception)
{
return(true);
}
}
private static bool AppRequestsBeyondDefaultTrust(ApplicationSecurityInfo info)
{
try
{
PermissionSet standardSandbox = SecurityManager.GetStandardSandbox(info.ApplicationEvidence);
PermissionSet requestedPermissionSet = GetRequestedPermissionSet(info);
if ((standardSandbox == null) && (requestedPermissionSet != null))
{
return true;
}
if ((standardSandbox != null) && (requestedPermissionSet == null))
{
return false;
}
return !requestedPermissionSet.IsSubsetOf(standardSandbox);
}
catch (Exception)
{
return true;
}
}
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
{
if (applicationEvidence == null)
{
throw new ArgumentNullException("applicationEvidence");
}
ActivationArguments hostEvidence = applicationEvidence.GetHostEvidence<ActivationArguments>();
if (hostEvidence == null)
{
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
}
ActivationContext activationContext = hostEvidence.ActivationContext;
if (activationContext == null)
{
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
}
ApplicationTrust applicationTrust = applicationEvidence.GetHostEvidence<ApplicationTrust>();
if ((applicationTrust != null) && !CmsUtils.CompareIdentities(applicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
applicationTrust = null;
}
if (applicationTrust == null)
{
if ((AppDomain.CurrentDomain.ApplicationTrust != null) && CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
applicationTrust = AppDomain.CurrentDomain.ApplicationTrust;
}
else
{
applicationTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(activationContext, context);
}
}
ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext);
if (((applicationTrust != null) && applicationTrust.IsApplicationTrustedToRun) && !info.DefaultRequestSet.IsSubsetOf(applicationTrust.DefaultGrantSet.PermissionSet))
{
throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest"));
}
return applicationTrust;
}
private static ApplicationTrust CreateApplicationTrust(ActivationContext activationContext, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, bool trust, bool persist)
{
return new ApplicationTrust(activationContext.Identity) { ExtraInfo = appTrustExtraInfo, IsApplicationTrustedToRun = trust, DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, PolicyStatementAttribute.Nothing), Persist = persist };
}
private static ApplicationTrust BlockingPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, bool permissionElevationRequired)
{
TrustManagerPromptOptions options = CompletePromptOptions(permissionElevationRequired ? (TrustManagerPromptOptions.RequiresPermissions | TrustManagerPromptOptions.StopApp) : TrustManagerPromptOptions.StopApp, appTrustExtraInfo, zoneName, info);
try
{
new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog();
}
catch (Exception)
{
}
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false);
}
private bool DetermineTrustCore(bool blocking, TrustParams tp)
{
try
{
Logger.AddMethodCall(this._log, "DeploymentManager.DetermineTrustCore() called.");
SubscriptionState subscriptionState = this._subStore.GetSubscriptionState(this._actDesc.DeployManifest);
TrustManagerContext tmc = new TrustManagerContext {
IgnorePersistedDecision = false,
NoPrompt = false,
Persist = true
};
if (tp != null)
{
tmc.NoPrompt = tp.NoPrompt;
}
if (!blocking && this._cancellationPending)
{
return true;
}
if (subscriptionState.IsInstalled && !string.Equals(subscriptionState.EffectiveCertificatePublicKeyToken, this._actDesc.EffectiveCertificatePublicKeyToken, StringComparison.Ordinal))
{
Logger.AddInternalState(this._log, "Application family is installed but effective certificate public key token has changed between versions: subState.EffectiveCertificatePublicKeyToken=" + subscriptionState.EffectiveCertificatePublicKeyToken + ",_actDesc.EffectiveCertificatePublicKeyToken=" + this._actDesc.EffectiveCertificatePublicKeyToken);
Logger.AddInternalState(this._log, "Removing cached trust for the CurrentBind.");
System.Deployment.Application.ApplicationTrust.RemoveCachedTrust(subscriptionState.CurrentBind);
}
bool isUpdate = false;
if (this._actDesc.IsUpdate)
{
isUpdate = true;
}
if (this._actDesc.IsUpdateInPKTGroup)
{
isUpdate = false;
ApplicationSecurityInfo info = new ApplicationSecurityInfo(this._actCtx);
this._actDesc.IsFullTrustRequested = info.DefaultRequestSet.IsUnrestricted();
}
this._actDesc.Trust = System.Deployment.Application.ApplicationTrust.RequestTrust(subscriptionState, this._actDesc.DeployManifest.Deployment.Install, isUpdate, this._actCtx, tmc);
}
catch (Exception exception)
{
this.LogError(Resources.GetString("Ex_DetermineTrustFailed"), exception);
Logger.AddInternalState(this._log, "Exception thrown in DetermineTrustCore(): " + exception.GetType().ToString() + " : " + exception.Message + "\r\n" + exception.StackTrace);
throw;
}
return false;
}
private static ApplicationTrust HighRiskPrompt(ActivationContext activationContext,
ParsedData parsedData,
String deploymentUrl,
HostContextInternal hostContextInternal,
ApplicationSecurityInfo info,
ApplicationTrustExtraInfo appTrustExtraInfo,
string zoneName)
{
DialogResult ret;
TrustManagerPromptOptions options = CompletePromptOptions(TrustManagerPromptOptions.RequiresPermissions, appTrustExtraInfo, zoneName, info);
try
{
TrustManagerPromptUIThread highRiskDialog = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName,
DefaultBrowserExePath,
parsedData.SupportUrl,
GetHostFromDeploymentUrl(deploymentUrl),
parsedData.AuthenticodedPublisher /*publisherName*/,
parsedData.Certificate,
options);
ret = highRiskDialog.ShowDialog();
}
catch (Exception ex)
{
Debug.Fail("Error occurred while showing high risk dialog: " + ex.Message);
ret = DialogResult.No;
}
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, ret == DialogResult.OK /*trust*/, hostContextInternal.Persist && ret == DialogResult.OK /*persist*/);
}
private static string GetDeploymentUrl(ApplicationSecurityInfo info)
{
Debug.Assert(info != null);
Evidence appEvidence = info.ApplicationEvidence;
Url deploymentUrl = appEvidence.GetHostEvidence<Url>();
if (deploymentUrl != null)
{
return deploymentUrl.Value;
}
// Couldn't find deployment Url
return null;
}
private static ApplicationTrust CreateApplicationTrust(ActivationContext activationContext,
ApplicationSecurityInfo info,
ApplicationTrustExtraInfo appTrustExtraInfo,
bool trust,
bool persist)
{
ApplicationTrust appTrust = new ApplicationTrust(activationContext.Identity);
appTrust.ExtraInfo = appTrustExtraInfo;
appTrust.IsApplicationTrustedToRun = trust;
appTrust.DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, (PolicyStatementAttribute) 0);
appTrust.Persist = persist;
return appTrust;
}
public ApplicationTrust DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext trustManagerContext)
{
if (activationContext == null)
{
throw new ArgumentNullException("activationContext");
}
ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext);
ApplicationTrustExtraInfo appTrustExtraInfo = new ApplicationTrustExtraInfo();
// ISSUE - fix this....
HostContextInternal hostContextInternal = new HostContextInternal(trustManagerContext);
ICMS cms = (ICMS)InternalActivationContextHelper.GetDeploymentComponentManifest(activationContext);
ParsedData parsedData = new ParsedData();
if (ParseManifest(cms, parsedData))
{
appTrustExtraInfo.RequestsShellIntegration = parsedData.RequestsShellIntegration;
}
string deploymentUrl = GetDeploymentUrl(info);
string zoneName = GetZoneNameFromDeploymentUrl(deploymentUrl);
MemoryStream ms;
PromptsAllowed promptsAllowed;
if (!ExtractManifestContent(cms, out ms))
{
// Block prompt
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/);
}
bool distrustedPublisher, trustedPublisher, noCertificate;
AnalyzeCertificate(parsedData, ms, out distrustedPublisher, out trustedPublisher, out noCertificate);
/// Check whether application manifest allows to use deployment manifest certificate.
/// If not then we have to use application manifest certificate instead.
ICMS applicationCms = (ICMS)InternalActivationContextHelper.GetApplicationComponentManifest(activationContext);
ParsedData applicationParsedData = new ParsedData();
if (ParseManifest(applicationCms, applicationParsedData))
{
if (applicationParsedData.UseManifestForTrust)
{
MemoryStream applicationMs;
if (ExtractManifestContent(applicationCms, out applicationMs))
{
/// Use the old parsedData.
bool applicationDistrustedPublisher, applicationTrustedPublisher, applicationNoCertificate;
AnalyzeCertificate(parsedData, applicationMs, out applicationDistrustedPublisher, out applicationTrustedPublisher, out applicationNoCertificate);
distrustedPublisher = applicationDistrustedPublisher;
trustedPublisher = applicationTrustedPublisher;
noCertificate = applicationNoCertificate;
parsedData.AppName = applicationParsedData.AppName;
parsedData.AppPublisher = applicationParsedData.AppPublisher;
parsedData.SupportUrl = applicationParsedData.SupportUrl;
}
}
}
if (distrustedPublisher)
{
promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData);
if (promptsAllowed == PromptsAllowed.None)
{
// No prompt allowed, return Do Not Trust.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/);
}
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/);
}
if (noCertificate)
{
parsedData.AuthenticodedPublisher = null;
parsedData.Certificate = null;
}
if (!hostContextInternal.IgnorePersistedDecision)
{
// Check if there are previously trusted versions installed.
ArrayList matchingTrusts;
if (SearchPreviousTrustedVersion(activationContext, out matchingTrusts))
{
Debug.Assert(matchingTrusts != null && matchingTrusts.Count > 0);
// Found a matching app, with normally a different version.
if (ExistingTrustApplicable(info, matchingTrusts))
{
// There is at least one old version that requires at the same or more permissions.
// ExistingTrustApplicable removed the non-applicable version from the matchingTrusts arrays.
Debug.Assert(matchingTrusts != null && matchingTrusts.Count > 0);
// Check if the new app requires shell integration while none of the old ones did
if (appTrustExtraInfo.RequestsShellIntegration &&
!SomePreviousTrustedVersionRequiresShellIntegration(matchingTrusts) &&
!trustedPublisher)
{
promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData);
switch (promptsAllowed)
{
case PromptsAllowed.None:
// No prompt allowed, return Do Not Trust.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/);
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/);
case PromptsAllowed.All:
// New app requires shell integration - bring up the Basic Install Prompt
return BasicInstallPrompt(activationContext,
parsedData,
deploymentUrl,
hostContextInternal,
info,
appTrustExtraInfo,
zoneName,
AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/);
}
}
// No prompt, return Trust & Persist.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true /*trust*/, hostContextInternal.Persist /*persist*/);
}
}
}
bool permissionElevationRequired = AppRequestsBeyondDefaultTrust(info);
if (!permissionElevationRequired || trustedPublisher)
{
if (!trustedPublisher)
{
Debug.Assert(!permissionElevationRequired);
promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData);
switch (promptsAllowed)
{
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, permissionElevationRequired);
case PromptsAllowed.None:
// XBaps should also prompt in InternetZone
// Originally xbaps were silently trusted, along with other ClickOnce apps
case PromptsAllowed.All:
// App shell integrates and is not from a trusted deployer, bring up the Basic Install Prompt.
return BasicInstallPrompt(activationContext,
parsedData,
deploymentUrl,
hostContextInternal,
info,
appTrustExtraInfo,
zoneName,
false /*permissionElevationRequired*/);
}
}
else
{
// App does not shell integrate and does not run in "Internet" zone, or is from a trusted deployer, return Trust
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true /*trust*/, hostContextInternal.Persist /*persist*/);
}
}
promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData);
switch (promptsAllowed)
{
case PromptsAllowed.None:
// No prompt allowed, return Do Not Trust.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/);
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, true /*permissionElevationRequired*/);
default: // PromptsAllowed.All:
// Bring up the HighRisk Install Prompt if the app shell integrates, or the HighRisk Run Prompt otherwise.
return HighRiskPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneName);
}
}
public ApplicationTrust DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext trustManagerContext)
{
MemoryStream stream;
bool flag;
bool flag2;
bool flag3;
MemoryStream stream2;
ArrayList list;
if (activationContext == null)
{
throw new ArgumentNullException("activationContext");
}
ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext);
ApplicationTrustExtraInfo appTrustExtraInfo = new ApplicationTrustExtraInfo();
HostContextInternal hostContextInternal = new HostContextInternal(trustManagerContext);
System.Deployment.Internal.Isolation.Manifest.ICMS deploymentComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS) InternalActivationContextHelper.GetDeploymentComponentManifest(activationContext);
ParsedData parsedData = new ParsedData();
if (ParseManifest(deploymentComponentManifest, parsedData))
{
appTrustExtraInfo.RequestsShellIntegration = parsedData.RequestsShellIntegration;
}
string deploymentUrl = GetDeploymentUrl(info);
string zoneNameFromDeploymentUrl = GetZoneNameFromDeploymentUrl(deploymentUrl);
if (!ExtractManifestContent(deploymentComponentManifest, out stream))
{
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info));
}
AnalyzeCertificate(parsedData, stream, out flag, out flag2, out flag3);
System.Deployment.Internal.Isolation.Manifest.ICMS applicationComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS) InternalActivationContextHelper.GetApplicationComponentManifest(activationContext);
ParsedData data2 = new ParsedData();
if ((ParseManifest(applicationComponentManifest, data2) && data2.UseManifestForTrust) && ExtractManifestContent(applicationComponentManifest, out stream2))
{
bool flag4;
bool flag5;
bool flag6;
AnalyzeCertificate(parsedData, stream2, out flag4, out flag5, out flag6);
flag = flag4;
flag2 = flag5;
flag3 = flag6;
parsedData.AppName = data2.AppName;
parsedData.AppPublisher = data2.AppPublisher;
parsedData.SupportUrl = data2.SupportUrl;
}
if (flag)
{
if (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData) == PromptsAllowed.None)
{
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false);
}
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info));
}
if (flag3)
{
parsedData.AuthenticodedPublisher = null;
parsedData.Certificate = null;
}
if ((!hostContextInternal.IgnorePersistedDecision && SearchPreviousTrustedVersion(activationContext, hostContextInternal.PreviousAppId, out list)) && ExistingTrustApplicable(info, list))
{
if ((appTrustExtraInfo.RequestsShellIntegration && !SomePreviousTrustedVersionRequiresShellIntegration(list)) && !flag2)
{
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.All:
return BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info));
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info));
case PromptsAllowed.None:
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false);
}
}
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist);
}
bool permissionElevationRequired = AppRequestsBeyondDefaultTrust(info);
if (!permissionElevationRequired || flag2)
{
if (flag2)
{
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist);
}
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.All:
case PromptsAllowed.None:
return BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, false);
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, permissionElevationRequired);
}
}
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, true);
case PromptsAllowed.None:
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false);
}
return HighRiskPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl);
}
private static bool ExistingTrustApplicable(ApplicationSecurityInfo info, ArrayList matchingTrusts)
{
int index = 0;
while (index < matchingTrusts.Count)
{
ApplicationTrust trust = (ApplicationTrust) matchingTrusts[index];
if (!trust.IsApplicationTrustedToRun)
{
matchingTrusts.RemoveAt(index);
}
PermissionSet requestedPermissionSet = GetRequestedPermissionSet(info);
PermissionSet permissionSet = trust.DefaultGrantSet.PermissionSet;
if ((permissionSet == null) && (requestedPermissionSet != null))
{
matchingTrusts.RemoveAt(index);
}
else if ((permissionSet != null) && (requestedPermissionSet == null))
{
index++;
continue;
}
if (requestedPermissionSet.IsSubsetOf(permissionSet))
{
index++;
}
else
{
matchingTrusts.RemoveAt(index);
}
}
return (matchingTrusts.Count > 0);
}
private static ApplicationTrust HighRiskPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, HostContextInternal hostContextInternal, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName)
{
DialogResult no;
TrustManagerPromptOptions options = CompletePromptOptions(TrustManagerPromptOptions.RequiresPermissions, appTrustExtraInfo, zoneName, info);
try
{
no = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog();
}
catch (Exception)
{
no = DialogResult.No;
}
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, no == DialogResult.OK, hostContextInternal.Persist && (no == DialogResult.OK));
}
private static PermissionSet GetRequestedPermissionSet(ApplicationSecurityInfo info)
{
PermissionSet defaultRequestSet = info.DefaultRequestSet;
PermissionSet set2 = null;
if (defaultRequestSet != null)
{
set2 = defaultRequestSet.Copy();
}
return set2;
}
private static string GetDeploymentUrl(ApplicationSecurityInfo info)
{
Url hostEvidence = info.ApplicationEvidence.GetHostEvidence<Url>();
if (hostEvidence != null)
{
return hostEvidence.Value;
}
return null;
}
private static ApplicationTrust HighRiskPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, HostContextInternal hostContextInternal, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName)
{
DialogResult no;
TrustManagerPromptOptions options = CompletePromptOptions(TrustManagerPromptOptions.RequiresPermissions, appTrustExtraInfo, zoneName, info);
try
{
no = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog();
}
catch (Exception)
{
no = DialogResult.No;
}
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, no == DialogResult.OK, hostContextInternal.Persist && (no == DialogResult.OK)));
}
protected void InitStore(IsolatedStorageScope scope, Type appEvidenceType)
{
PermissionSet psAllowed = null;
PermissionSet psDenied = null;
GetCaller();
GetControlEvidencePermission().Assert();
if (IsApp(scope))
{
AppDomain domain = Thread.GetDomain();
if (!IsRoaming(scope))
{
psAllowed = domain.PermissionSet;
if (psAllowed == null)
{
throw new IsolatedStorageException(Environment.GetResourceString("IsolatedStorage_DomainGrantSet"));
}
}
ActivationContext activationContext = AppDomain.CurrentDomain.ActivationContext;
if (activationContext == null)
{
throw new IsolatedStorageException(Environment.GetResourceString("IsolatedStorage_ApplicationMissingIdentity"));
}
ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext);
this._InitStore(scope, null, null, null, null, info.ApplicationEvidence, appEvidenceType);
}
this.SetQuota(psAllowed, psDenied);
}
private static bool AppRequestsBeyondDefaultTrust(ApplicationSecurityInfo info)
{
Debug.Assert(info != null);
try
{
PermissionSet permSetDefaultZone = SecurityManager.GetStandardSandbox(info.ApplicationEvidence);
PermissionSet permSetRequested = GetRequestedPermissionSet(info);
if (permSetDefaultZone == null && permSetRequested != null)
{
// No permissions are granted, and this launch requests some permissions
return true;
}
else if (permSetDefaultZone != null && permSetRequested == null)
{
// Some permissions are granted, and this launch does not require any permissions
return false;
}
Debug.Assert(permSetDefaultZone != null);
Debug.Assert(permSetRequested != null);
return !permSetRequested.IsSubsetOf(permSetDefaultZone);
}
catch (Exception)
{
return true;
}
}
internal static Evidence MergeApplicationEvidence(Evidence evidence,
ApplicationIdentity applicationIdentity,
ActivationContext activationContext,
string[] activationData,
ApplicationTrust applicationTrust)
{
Evidence appEvidence = new Evidence();
ActivationArguments activationArgs = (activationContext == null ? new ActivationArguments(applicationIdentity, activationData) : new ActivationArguments(activationContext, activationData));
appEvidence = new Evidence();
appEvidence.AddHostEvidence(activationArgs);
if (applicationTrust != null)
appEvidence.AddHostEvidence(applicationTrust);
if (activationContext != null)
{
Evidence asiEvidence = new ApplicationSecurityInfo(activationContext).ApplicationEvidence;
if (asiEvidence != null)
appEvidence.MergeWithNoDuplicates(asiEvidence);
}
if (evidence != null)
appEvidence.MergeWithNoDuplicates(evidence);
return appEvidence;
}
private static TrustManagerPromptOptions CompletePromptOptions(TrustManagerPromptOptions options,
ApplicationTrustExtraInfo appTrustExtraInfo,
string zoneName,
ApplicationSecurityInfo info)
{
if (appTrustExtraInfo.RequestsShellIntegration)
{
options |= TrustManagerPromptOptions.AddsShortcut;
}
if (zoneName != null)
{
if (string.Compare(zoneName, "Internet", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.InternetSource;
}
else if (string.Compare(zoneName, "TrustedSites", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.TrustedSitesSource;
}
else if (string.Compare(zoneName, "UntrustedSites", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.UntrustedSitesSource;
}
else if (string.Compare(zoneName, "LocalIntranet", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.LocalNetworkSource;
}
else if (string.Compare(zoneName, "MyComputer", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.LocalComputerSource;
}
}
if (info != null)
{
PermissionSet pset = info.DefaultRequestSet;
if (pset != null && pset.IsUnrestricted())
{
options |= TrustManagerPromptOptions.WillHaveFullTrust;
}
}
return options;
}
private static ApplicationTrust BlockingPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, bool permissionElevationRequired)
{
TrustManagerPromptOptions options = CompletePromptOptions(permissionElevationRequired ? (TrustManagerPromptOptions.RequiresPermissions | TrustManagerPromptOptions.StopApp) : TrustManagerPromptOptions.StopApp, appTrustExtraInfo, zoneName, info);
try
{
new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog();
}
catch (Exception)
{
}
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false));
}
private static bool ExistingTrustApplicable(ApplicationSecurityInfo info,
ArrayList matchingTrusts)
{
Debug.Assert(info != null);
Debug.Assert(matchingTrusts != null);
int entry = 0;
while (entry < matchingTrusts.Count)
{
ApplicationTrust matchingTrust = (ApplicationTrust) matchingTrusts[entry];
if (!matchingTrust.IsApplicationTrustedToRun)
{
// [....]: Can this ever happen? I have serious doubts...
matchingTrusts.RemoveAt(entry);
}
PermissionSet permSetRequested = GetRequestedPermissionSet(info);
PermissionSet permSetGranted = matchingTrust.DefaultGrantSet.PermissionSet; //PolicyStatement makes of copy of its permission set here.
if (permSetGranted == null && permSetRequested != null)
{
// No permissions were granted, and this launch requests some permissions
matchingTrusts.RemoveAt(entry);
}
else if (permSetGranted != null && permSetRequested == null)
{
// Some permissions were granted, and this launch does not require any permissions
entry++;
continue;
}
Debug.Assert(permSetGranted != null);
Debug.Assert(permSetRequested != null);
if (permSetRequested.IsSubsetOf(permSetGranted))
{
entry++; // Found a version that requires at least as much
}
else
{
// This version does not require as much
matchingTrusts.RemoveAt(entry);
}
}
return matchingTrusts.Count > 0;
}
private static TrustManagerPromptOptions CompletePromptOptions(TrustManagerPromptOptions options, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, ApplicationSecurityInfo info)
{
if (appTrustExtraInfo.RequestsShellIntegration)
{
options |= TrustManagerPromptOptions.AddsShortcut;
}
if (zoneName != null)
{
if (string.Compare(zoneName, "Internet", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.InternetSource;
}
else if (string.Compare(zoneName, "TrustedSites", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.TrustedSitesSource;
}
else if (string.Compare(zoneName, "UntrustedSites", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.UntrustedSitesSource;
}
else if (string.Compare(zoneName, "LocalIntranet", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.LocalNetworkSource;
}
else if (string.Compare(zoneName, "MyComputer", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.LocalComputerSource;
}
}
if (info != null)
{
PermissionSet defaultRequestSet = info.DefaultRequestSet;
if ((defaultRequestSet != null) && defaultRequestSet.IsUnrestricted())
{
options |= TrustManagerPromptOptions.WillHaveFullTrust;
}
}
return(options);
}
private static PermissionSet GetRequestedPermissionSet(ApplicationSecurityInfo info)
{
Debug.Assert(info != null);
PermissionSet pset = info.DefaultRequestSet;
PermissionSet permSetRequested = null;
if (pset != null)
{
permSetRequested = pset.Copy();
}
return permSetRequested;
}
private static ApplicationTrust CreateApplicationTrust(ActivationContext activationContext, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, bool trust, bool persist)
{
return(new ApplicationTrust(activationContext.Identity)
{
ExtraInfo = appTrustExtraInfo, IsApplicationTrustedToRun = trust, DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, PolicyStatementAttribute.Nothing), Persist = persist
});
}
private static ApplicationTrust BlockingPrompt(ActivationContext activationContext,
ParsedData parsedData,
String deploymentUrl,
ApplicationSecurityInfo info,
ApplicationTrustExtraInfo appTrustExtraInfo,
string zoneName,
bool permissionElevationRequired)
{
TrustManagerPromptOptions options = CompletePromptOptions(permissionElevationRequired ? (TrustManagerPromptOptions.StopApp | TrustManagerPromptOptions.RequiresPermissions) : TrustManagerPromptOptions.StopApp,
appTrustExtraInfo, zoneName, info);
try
{
TrustManagerPromptUIThread errorDialog = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName,
DefaultBrowserExePath,
parsedData.SupportUrl,
GetHostFromDeploymentUrl(deploymentUrl),
parsedData.AuthenticodedPublisher /*publisherName*/,
parsedData.Certificate,
options);
errorDialog.ShowDialog();
}
catch (Exception ex)
{
Debug.Fail("Error occurred while showing error dialog: " + ex.Message);
}
// Trust Manager should prompt, but is not allowed to. Return Don't Trust and Don't Persist.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/);
}
public ApplicationTrust DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext trustManagerContext)
{
MemoryStream stream;
bool flag;
bool flag2;
bool flag3;
MemoryStream stream2;
ArrayList list;
if (activationContext == null)
{
throw new ArgumentNullException("activationContext");
}
ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext);
ApplicationTrustExtraInfo appTrustExtraInfo = new ApplicationTrustExtraInfo();
HostContextInternal hostContextInternal = new HostContextInternal(trustManagerContext);
System.Deployment.Internal.Isolation.Manifest.ICMS deploymentComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS)InternalActivationContextHelper.GetDeploymentComponentManifest(activationContext);
ParsedData parsedData = new ParsedData();
if (ParseManifest(deploymentComponentManifest, parsedData))
{
appTrustExtraInfo.RequestsShellIntegration = parsedData.RequestsShellIntegration;
}
string deploymentUrl = GetDeploymentUrl(info);
string zoneNameFromDeploymentUrl = GetZoneNameFromDeploymentUrl(deploymentUrl);
if (!ExtractManifestContent(deploymentComponentManifest, out stream))
{
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)));
}
AnalyzeCertificate(parsedData, stream, out flag, out flag2, out flag3);
System.Deployment.Internal.Isolation.Manifest.ICMS applicationComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS)InternalActivationContextHelper.GetApplicationComponentManifest(activationContext);
ParsedData data2 = new ParsedData();
if ((ParseManifest(applicationComponentManifest, data2) && data2.UseManifestForTrust) && ExtractManifestContent(applicationComponentManifest, out stream2))
{
bool flag4;
bool flag5;
bool flag6;
AnalyzeCertificate(parsedData, stream2, out flag4, out flag5, out flag6);
flag = flag4;
flag2 = flag5;
flag3 = flag6;
parsedData.AppName = data2.AppName;
parsedData.AppPublisher = data2.AppPublisher;
parsedData.SupportUrl = data2.SupportUrl;
}
if (flag)
{
if (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData) == PromptsAllowed.None)
{
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false));
}
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)));
}
if (flag3)
{
parsedData.AuthenticodedPublisher = null;
parsedData.Certificate = null;
}
if ((!hostContextInternal.IgnorePersistedDecision && SearchPreviousTrustedVersion(activationContext, hostContextInternal.PreviousAppId, out list)) && ExistingTrustApplicable(info, list))
{
if ((appTrustExtraInfo.RequestsShellIntegration && !SomePreviousTrustedVersionRequiresShellIntegration(list)) && !flag2)
{
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.All:
return(BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)));
case PromptsAllowed.BlockingOnly:
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)));
case PromptsAllowed.None:
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false));
}
}
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist));
}
bool permissionElevationRequired = AppRequestsBeyondDefaultTrust(info);
if (!permissionElevationRequired || flag2)
{
if (flag2)
{
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist));
}
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.All:
case PromptsAllowed.None:
return(BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, false));
case PromptsAllowed.BlockingOnly:
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, permissionElevationRequired));
}
}
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.BlockingOnly:
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, true));
case PromptsAllowed.None:
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false));
}
return(HighRiskPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl));
}
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
{
if (applicationEvidence == null)
throw new ArgumentNullException("applicationEvidence");
Contract.EndContractBlock();
// This method looks for a trust decision for the ActivationContext in three locations, in order
// of preference:
//
// 1. Supplied by the host in the AppDomainSetup. If the host supplied a decision this way, it
// will be in the applicationEvidence.
// 2. Reuse the ApplicationTrust from the current AppDomain
// 3. Ask the TrustManager for a trust decision
// get the activation context from the application evidence.
// The default HostSecurityManager does not examine the activatorEvidence
// but other security managers could use it to figure out the
// evidence of the domain attempting to activate the application.
ActivationArguments activationArgs = applicationEvidence.GetHostEvidence<ActivationArguments>();
if (activationArgs == null)
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
ActivationContext actCtx = activationArgs.ActivationContext;
if (actCtx == null)
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
// Make sure that any ApplicationTrust we find applies to the ActivationContext we're
// creating the new AppDomain for.
ApplicationTrust appTrust = applicationEvidence.GetHostEvidence<ApplicationTrust>();
if (appTrust != null &&
!CmsUtils.CompareIdentities(appTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
appTrust = null;
}
// If there was not a trust decision supplied in the Evidence, we can reuse the existing trust
// decision from this domain if its identity matches the ActivationContext of the new domain.
// Otherwise consult the TrustManager for a trust decision
if (appTrust == null)
{
if (AppDomain.CurrentDomain.ApplicationTrust != null &&
CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
appTrust = AppDomain.CurrentDomain.ApplicationTrust;
}
else
{
appTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(actCtx, context);
}
}
// If the trust decision allows the application to run, then it should also have a permission set
// which is at least the permission set the application requested.
ApplicationSecurityInfo appRequest = new ApplicationSecurityInfo(actCtx);
if (appTrust != null &&
appTrust.IsApplicationTrustedToRun &&
!appRequest.DefaultRequestSet.IsSubsetOf(appTrust.DefaultGrantSet.PermissionSet))
{
throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest"));
}
return appTrust;
}
internal static Evidence MergeApplicationEvidence(Evidence evidence, ApplicationIdentity applicationIdentity, ActivationContext activationContext, string[] activationData, ApplicationTrust applicationTrust)
{
Evidence evidence2 = new Evidence();
ActivationArguments id = (activationContext == null) ? new ActivationArguments(applicationIdentity, activationData) : new ActivationArguments(activationContext, activationData);
evidence2 = new Evidence();
evidence2.AddHost(id);
if (applicationTrust != null)
{
evidence2.AddHost(applicationTrust);
}
if (activationContext != null)
{
Evidence applicationEvidence = new ApplicationSecurityInfo(activationContext).ApplicationEvidence;
if (applicationEvidence != null)
{
evidence2.MergeWithNoDuplicates(applicationEvidence);
}
}
if (evidence != null)
{
evidence2.MergeWithNoDuplicates(evidence);
}
return evidence2;
}
