private static bool SomePreviousTrustedVersionRequiresShellIntegration(ArrayList matchingTrusts)
{
foreach (ApplicationTrust trust in matchingTrusts)
{
ApplicationTrustExtraInfo extraInfo = trust.ExtraInfo as ApplicationTrustExtraInfo;
if ((extraInfo != null) && extraInfo.RequestsShellIntegration)
{
return(true);
}
if ((extraInfo == null) && trust.DefaultGrantSet.PermissionSet.IsUnrestricted())
{
return(true);
}
}
return(false);
}
private static ApplicationTrust BlockingPrompt(ActivationContext activationContext,
ParsedData parsedData,
String deploymentUrl,
ApplicationSecurityInfo info,
ApplicationTrustExtraInfo appTrustExtraInfo,
string zoneName,
bool permissionElevationRequired)
{
TrustManagerPromptOptions options = CompletePromptOptions(permissionElevationRequired ? (TrustManagerPromptOptions.StopApp | TrustManagerPromptOptions.RequiresPermissions) : TrustManagerPromptOptions.StopApp,
appTrustExtraInfo, zoneName, info);
try
{
TrustManagerPromptUIThread errorDialog = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName,
DefaultBrowserExePath,
parsedData.SupportUrl,
GetHostFromDeploymentUrl(deploymentUrl),
parsedData.AuthenticodedPublisher /*publisherName*/,
parsedData.Certificate,
options);
errorDialog.ShowDialog();
}
catch (Exception ex)
{
Debug.Fail("Error occurred while showing error dialog: " + ex.Message);
}
// Trust Manager should prompt, but is not allowed to. Return Don't Trust and Don't Persist.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/);
}
private static ApplicationTrust HighRiskPrompt(ActivationContext activationContext,
ParsedData parsedData,
String deploymentUrl,
HostContextInternal hostContextInternal,
ApplicationSecurityInfo info,
ApplicationTrustExtraInfo appTrustExtraInfo,
string zoneName)
{
DialogResult ret;
TrustManagerPromptOptions options = CompletePromptOptions(TrustManagerPromptOptions.RequiresPermissions, appTrustExtraInfo, zoneName, info);
try
{
TrustManagerPromptUIThread highRiskDialog = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName,
DefaultBrowserExePath,
parsedData.SupportUrl,
GetHostFromDeploymentUrl(deploymentUrl),
parsedData.AuthenticodedPublisher /*publisherName*/,
parsedData.Certificate,
options);
ret = highRiskDialog.ShowDialog();
}
catch (Exception ex)
{
Debug.Fail("Error occurred while showing high risk dialog: " + ex.Message);
ret = DialogResult.No;
}
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, ret == DialogResult.OK /*trust*/, hostContextInternal.Persist && ret == DialogResult.OK /*persist*/);
}
private static ApplicationTrust CreateApplicationTrust(ActivationContext activationContext,
ApplicationSecurityInfo info,
ApplicationTrustExtraInfo appTrustExtraInfo,
bool trust,
bool persist)
{
ApplicationTrust appTrust = new ApplicationTrust(activationContext.Identity);
appTrust.ExtraInfo = appTrustExtraInfo;
appTrust.IsApplicationTrustedToRun = trust;
appTrust.DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, (PolicyStatementAttribute) 0);
appTrust.Persist = persist;
return appTrust;
}
private static TrustManagerPromptOptions CompletePromptOptions(TrustManagerPromptOptions options,
ApplicationTrustExtraInfo appTrustExtraInfo,
string zoneName,
ApplicationSecurityInfo info)
{
if (appTrustExtraInfo.RequestsShellIntegration)
{
options |= TrustManagerPromptOptions.AddsShortcut;
}
if (zoneName != null)
{
if (string.Compare(zoneName, "Internet", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.InternetSource;
}
else if (string.Compare(zoneName, "TrustedSites", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.TrustedSitesSource;
}
else if (string.Compare(zoneName, "UntrustedSites", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.UntrustedSitesSource;
}
else if (string.Compare(zoneName, "LocalIntranet", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.LocalNetworkSource;
}
else if (string.Compare(zoneName, "MyComputer", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.LocalComputerSource;
}
}
if (info != null)
{
PermissionSet pset = info.DefaultRequestSet;
if (pset != null && pset.IsUnrestricted())
{
options |= TrustManagerPromptOptions.WillHaveFullTrust;
}
}
return options;
}
public ApplicationTrust DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext trustManagerContext)
{
if (activationContext == null)
{
throw new ArgumentNullException("activationContext");
}
ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext);
ApplicationTrustExtraInfo appTrustExtraInfo = new ApplicationTrustExtraInfo();
// ISSUE - fix this....
HostContextInternal hostContextInternal = new HostContextInternal(trustManagerContext);
ICMS cms = (ICMS)InternalActivationContextHelper.GetDeploymentComponentManifest(activationContext);
ParsedData parsedData = new ParsedData();
if (ParseManifest(cms, parsedData))
{
appTrustExtraInfo.RequestsShellIntegration = parsedData.RequestsShellIntegration;
}
string deploymentUrl = GetDeploymentUrl(info);
string zoneName = GetZoneNameFromDeploymentUrl(deploymentUrl);
MemoryStream ms;
PromptsAllowed promptsAllowed;
if (!ExtractManifestContent(cms, out ms))
{
// Block prompt
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/);
}
bool distrustedPublisher, trustedPublisher, noCertificate;
AnalyzeCertificate(parsedData, ms, out distrustedPublisher, out trustedPublisher, out noCertificate);
/// Check whether application manifest allows to use deployment manifest certificate.
/// If not then we have to use application manifest certificate instead.
ICMS applicationCms = (ICMS)InternalActivationContextHelper.GetApplicationComponentManifest(activationContext);
ParsedData applicationParsedData = new ParsedData();
if (ParseManifest(applicationCms, applicationParsedData))
{
if (applicationParsedData.UseManifestForTrust)
{
MemoryStream applicationMs;
if (ExtractManifestContent(applicationCms, out applicationMs))
{
/// Use the old parsedData.
bool applicationDistrustedPublisher, applicationTrustedPublisher, applicationNoCertificate;
AnalyzeCertificate(parsedData, applicationMs, out applicationDistrustedPublisher, out applicationTrustedPublisher, out applicationNoCertificate);
distrustedPublisher = applicationDistrustedPublisher;
trustedPublisher = applicationTrustedPublisher;
noCertificate = applicationNoCertificate;
parsedData.AppName = applicationParsedData.AppName;
parsedData.AppPublisher = applicationParsedData.AppPublisher;
parsedData.SupportUrl = applicationParsedData.SupportUrl;
}
}
}
if (distrustedPublisher)
{
promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData);
if (promptsAllowed == PromptsAllowed.None)
{
// No prompt allowed, return Do Not Trust.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/);
}
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/);
}
if (noCertificate)
{
parsedData.AuthenticodedPublisher = null;
parsedData.Certificate = null;
}
if (!hostContextInternal.IgnorePersistedDecision)
{
// Check if there are previously trusted versions installed.
ArrayList matchingTrusts;
if (SearchPreviousTrustedVersion(activationContext, out matchingTrusts))
{
Debug.Assert(matchingTrusts != null && matchingTrusts.Count > 0);
// Found a matching app, with normally a different version.
if (ExistingTrustApplicable(info, matchingTrusts))
{
// There is at least one old version that requires at the same or more permissions.
// ExistingTrustApplicable removed the non-applicable version from the matchingTrusts arrays.
Debug.Assert(matchingTrusts != null && matchingTrusts.Count > 0);
// Check if the new app requires shell integration while none of the old ones did
if (appTrustExtraInfo.RequestsShellIntegration &&
!SomePreviousTrustedVersionRequiresShellIntegration(matchingTrusts) &&
!trustedPublisher)
{
promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData);
switch (promptsAllowed)
{
case PromptsAllowed.None:
// No prompt allowed, return Do Not Trust.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/);
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/);
case PromptsAllowed.All:
// New app requires shell integration - bring up the Basic Install Prompt
return BasicInstallPrompt(activationContext,
parsedData,
deploymentUrl,
hostContextInternal,
info,
appTrustExtraInfo,
zoneName,
AppRequestsBeyondDefaultTrust(info) /*permissionElevationRequired*/);
}
}
// No prompt, return Trust & Persist.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true /*trust*/, hostContextInternal.Persist /*persist*/);
}
}
}
bool permissionElevationRequired = AppRequestsBeyondDefaultTrust(info);
if (!permissionElevationRequired || trustedPublisher)
{
if (!trustedPublisher)
{
Debug.Assert(!permissionElevationRequired);
promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData);
switch (promptsAllowed)
{
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, permissionElevationRequired);
case PromptsAllowed.None:
// XBaps should also prompt in InternetZone
// Originally xbaps were silently trusted, along with other ClickOnce apps
case PromptsAllowed.All:
// App shell integrates and is not from a trusted deployer, bring up the Basic Install Prompt.
return BasicInstallPrompt(activationContext,
parsedData,
deploymentUrl,
hostContextInternal,
info,
appTrustExtraInfo,
zoneName,
false /*permissionElevationRequired*/);
}
}
else
{
// App does not shell integrate and does not run in "Internet" zone, or is from a trusted deployer, return Trust
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true /*trust*/, hostContextInternal.Persist /*persist*/);
}
}
promptsAllowed = GetPromptsAllowed(hostContextInternal, zoneName, parsedData);
switch (promptsAllowed)
{
case PromptsAllowed.None:
// No prompt allowed, return Do Not Trust.
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false /*trust*/, false /*persist*/);
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneName, true /*permissionElevationRequired*/);
default: // PromptsAllowed.All:
// Bring up the HighRisk Install Prompt if the app shell integrates, or the HighRisk Run Prompt otherwise.
return HighRiskPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneName);
}
}
public ApplicationTrust DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext trustManagerContext)
{
MemoryStream stream;
bool flag;
bool flag2;
bool flag3;
MemoryStream stream2;
ArrayList list;
if (activationContext == null)
{
throw new ArgumentNullException("activationContext");
}
ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext);
ApplicationTrustExtraInfo appTrustExtraInfo = new ApplicationTrustExtraInfo();
HostContextInternal hostContextInternal = new HostContextInternal(trustManagerContext);
System.Deployment.Internal.Isolation.Manifest.ICMS deploymentComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS)InternalActivationContextHelper.GetDeploymentComponentManifest(activationContext);
ParsedData parsedData = new ParsedData();
if (ParseManifest(deploymentComponentManifest, parsedData))
{
appTrustExtraInfo.RequestsShellIntegration = parsedData.RequestsShellIntegration;
}
string deploymentUrl = GetDeploymentUrl(info);
string zoneNameFromDeploymentUrl = GetZoneNameFromDeploymentUrl(deploymentUrl);
if (!ExtractManifestContent(deploymentComponentManifest, out stream))
{
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)));
}
AnalyzeCertificate(parsedData, stream, out flag, out flag2, out flag3);
System.Deployment.Internal.Isolation.Manifest.ICMS applicationComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS)InternalActivationContextHelper.GetApplicationComponentManifest(activationContext);
ParsedData data2 = new ParsedData();
if ((ParseManifest(applicationComponentManifest, data2) && data2.UseManifestForTrust) && ExtractManifestContent(applicationComponentManifest, out stream2))
{
bool flag4;
bool flag5;
bool flag6;
AnalyzeCertificate(parsedData, stream2, out flag4, out flag5, out flag6);
flag = flag4;
flag2 = flag5;
flag3 = flag6;
parsedData.AppName = data2.AppName;
parsedData.AppPublisher = data2.AppPublisher;
parsedData.SupportUrl = data2.SupportUrl;
}
if (flag)
{
if (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData) == PromptsAllowed.None)
{
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false));
}
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)));
}
if (flag3)
{
parsedData.AuthenticodedPublisher = null;
parsedData.Certificate = null;
}
if ((!hostContextInternal.IgnorePersistedDecision && SearchPreviousTrustedVersion(activationContext, hostContextInternal.PreviousAppId, out list)) && ExistingTrustApplicable(info, list))
{
if ((appTrustExtraInfo.RequestsShellIntegration && !SomePreviousTrustedVersionRequiresShellIntegration(list)) && !flag2)
{
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.All:
return(BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)));
case PromptsAllowed.BlockingOnly:
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info)));
case PromptsAllowed.None:
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false));
}
}
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist));
}
bool permissionElevationRequired = AppRequestsBeyondDefaultTrust(info);
if (!permissionElevationRequired || flag2)
{
if (flag2)
{
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist));
}
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.All:
case PromptsAllowed.None:
return(BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, false));
case PromptsAllowed.BlockingOnly:
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, permissionElevationRequired));
}
}
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.BlockingOnly:
return(BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, true));
case PromptsAllowed.None:
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false));
}
return(HighRiskPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl));
}
private static ApplicationTrust HighRiskPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, HostContextInternal hostContextInternal, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName)
{
DialogResult no;
TrustManagerPromptOptions options = CompletePromptOptions(TrustManagerPromptOptions.RequiresPermissions, appTrustExtraInfo, zoneName, info);
try
{
no = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog();
}
catch (Exception)
{
no = DialogResult.No;
}
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, no == DialogResult.OK, hostContextInternal.Persist && (no == DialogResult.OK)));
}
private static TrustManagerPromptOptions CompletePromptOptions(TrustManagerPromptOptions options, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, ApplicationSecurityInfo info)
{
if (appTrustExtraInfo.RequestsShellIntegration)
{
options |= TrustManagerPromptOptions.AddsShortcut;
}
if (zoneName != null)
{
if (string.Compare(zoneName, "Internet", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.InternetSource;
}
else if (string.Compare(zoneName, "TrustedSites", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.TrustedSitesSource;
}
else if (string.Compare(zoneName, "UntrustedSites", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.UntrustedSitesSource;
}
else if (string.Compare(zoneName, "LocalIntranet", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.LocalNetworkSource;
}
else if (string.Compare(zoneName, "MyComputer", true, CultureInfo.InvariantCulture) == 0)
{
options |= TrustManagerPromptOptions.LocalComputerSource;
}
}
if (info != null)
{
PermissionSet defaultRequestSet = info.DefaultRequestSet;
if ((defaultRequestSet != null) && defaultRequestSet.IsUnrestricted())
{
options |= TrustManagerPromptOptions.WillHaveFullTrust;
}
}
return(options);
}
private static ApplicationTrust CreateApplicationTrust(ActivationContext activationContext, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, bool trust, bool persist)
{
return(new ApplicationTrust(activationContext.Identity)
{
ExtraInfo = appTrustExtraInfo, IsApplicationTrustedToRun = trust, DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, PolicyStatementAttribute.Nothing), Persist = persist
});
}
private static ApplicationTrust BlockingPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, bool permissionElevationRequired)
{
TrustManagerPromptOptions options = CompletePromptOptions(permissionElevationRequired ? (TrustManagerPromptOptions.RequiresPermissions | TrustManagerPromptOptions.StopApp) : TrustManagerPromptOptions.StopApp, appTrustExtraInfo, zoneName, info);
try
{
new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog();
}
catch (Exception)
{
}
return(CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false));
}
private static ApplicationTrust HighRiskPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, HostContextInternal hostContextInternal, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName)
{
DialogResult no;
TrustManagerPromptOptions options = CompletePromptOptions(TrustManagerPromptOptions.RequiresPermissions, appTrustExtraInfo, zoneName, info);
try
{
no = new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog();
}
catch (Exception)
{
no = DialogResult.No;
}
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, no == DialogResult.OK, hostContextInternal.Persist && (no == DialogResult.OK));
}
public ApplicationTrust DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext trustManagerContext)
{
MemoryStream stream;
bool flag;
bool flag2;
bool flag3;
MemoryStream stream2;
ArrayList list;
if (activationContext == null)
{
throw new ArgumentNullException("activationContext");
}
ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext);
ApplicationTrustExtraInfo appTrustExtraInfo = new ApplicationTrustExtraInfo();
HostContextInternal hostContextInternal = new HostContextInternal(trustManagerContext);
System.Deployment.Internal.Isolation.Manifest.ICMS deploymentComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS) InternalActivationContextHelper.GetDeploymentComponentManifest(activationContext);
ParsedData parsedData = new ParsedData();
if (ParseManifest(deploymentComponentManifest, parsedData))
{
appTrustExtraInfo.RequestsShellIntegration = parsedData.RequestsShellIntegration;
}
string deploymentUrl = GetDeploymentUrl(info);
string zoneNameFromDeploymentUrl = GetZoneNameFromDeploymentUrl(deploymentUrl);
if (!ExtractManifestContent(deploymentComponentManifest, out stream))
{
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info));
}
AnalyzeCertificate(parsedData, stream, out flag, out flag2, out flag3);
System.Deployment.Internal.Isolation.Manifest.ICMS applicationComponentManifest = (System.Deployment.Internal.Isolation.Manifest.ICMS) InternalActivationContextHelper.GetApplicationComponentManifest(activationContext);
ParsedData data2 = new ParsedData();
if ((ParseManifest(applicationComponentManifest, data2) && data2.UseManifestForTrust) && ExtractManifestContent(applicationComponentManifest, out stream2))
{
bool flag4;
bool flag5;
bool flag6;
AnalyzeCertificate(parsedData, stream2, out flag4, out flag5, out flag6);
flag = flag4;
flag2 = flag5;
flag3 = flag6;
parsedData.AppName = data2.AppName;
parsedData.AppPublisher = data2.AppPublisher;
parsedData.SupportUrl = data2.SupportUrl;
}
if (flag)
{
if (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData) == PromptsAllowed.None)
{
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false);
}
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info));
}
if (flag3)
{
parsedData.AuthenticodedPublisher = null;
parsedData.Certificate = null;
}
if ((!hostContextInternal.IgnorePersistedDecision && SearchPreviousTrustedVersion(activationContext, hostContextInternal.PreviousAppId, out list)) && ExistingTrustApplicable(info, list))
{
if ((appTrustExtraInfo.RequestsShellIntegration && !SomePreviousTrustedVersionRequiresShellIntegration(list)) && !flag2)
{
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.All:
return BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info));
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, AppRequestsBeyondDefaultTrust(info));
case PromptsAllowed.None:
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false);
}
}
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist);
}
bool permissionElevationRequired = AppRequestsBeyondDefaultTrust(info);
if (!permissionElevationRequired || flag2)
{
if (flag2)
{
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, true, hostContextInternal.Persist);
}
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.All:
case PromptsAllowed.None:
return BasicInstallPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, false);
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, permissionElevationRequired);
}
}
switch (GetPromptsAllowed(hostContextInternal, zoneNameFromDeploymentUrl, parsedData))
{
case PromptsAllowed.BlockingOnly:
return BlockingPrompt(activationContext, parsedData, deploymentUrl, info, appTrustExtraInfo, zoneNameFromDeploymentUrl, true);
case PromptsAllowed.None:
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false);
}
return HighRiskPrompt(activationContext, parsedData, deploymentUrl, hostContextInternal, info, appTrustExtraInfo, zoneNameFromDeploymentUrl);
}
private static ApplicationTrust CreateApplicationTrust(ActivationContext activationContext, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, bool trust, bool persist)
{
return new ApplicationTrust(activationContext.Identity) { ExtraInfo = appTrustExtraInfo, IsApplicationTrustedToRun = trust, DefaultGrantSet = new PolicyStatement(info.DefaultRequestSet, PolicyStatementAttribute.Nothing), Persist = persist };
}
private static ApplicationTrust BlockingPrompt(ActivationContext activationContext, ParsedData parsedData, string deploymentUrl, ApplicationSecurityInfo info, ApplicationTrustExtraInfo appTrustExtraInfo, string zoneName, bool permissionElevationRequired)
{
TrustManagerPromptOptions options = CompletePromptOptions(permissionElevationRequired ? (TrustManagerPromptOptions.RequiresPermissions | TrustManagerPromptOptions.StopApp) : TrustManagerPromptOptions.StopApp, appTrustExtraInfo, zoneName, info);
try
{
new TrustManagerPromptUIThread(string.IsNullOrEmpty(parsedData.AppName) ? info.ApplicationId.Name : parsedData.AppName, DefaultBrowserExePath, parsedData.SupportUrl, GetHostFromDeploymentUrl(deploymentUrl), parsedData.AuthenticodedPublisher, parsedData.Certificate, options).ShowDialog();
}
catch (Exception)
{
}
return CreateApplicationTrust(activationContext, info, appTrustExtraInfo, false, false);
}