private void ValidateReferenceForPartialTrust(AssemblyReference assembly, Microsoft.Build.Tasks.Deployment.ManifestUtilities.TrustInfo trustInfo)
{
if (!trustInfo.IsFullTrust)
{
string resolvedPath = assembly.ResolvedPath;
AssemblyAttributeFlags flags = new AssemblyAttributeFlags(resolvedPath);
if (Util.CompareFrameworkVersions(this.TargetFrameworkVersion, "v3.5") <= 0)
{
if ((assembly.IsPrimary && flags.IsSigned) && !flags.HasAllowPartiallyTrustedCallersAttribute)
{
base.OutputMessages.AddWarningMessage("GenerateManifest.AllowPartiallyTrustedCallers", new string[] { Path.GetFileNameWithoutExtension(resolvedPath) });
}
}
else if ((assembly.AssemblyIdentity != null) && assembly.AssemblyIdentity.IsFrameworkAssembly)
{
if ((assembly.IsPrimary && !flags.HasAllowPartiallyTrustedCallersAttribute) && !flags.HasSecurityTransparentAttribute)
{
base.OutputMessages.AddWarningMessage("GenerateManifest.AllowPartiallyTrustedCallers", new string[] { Path.GetFileNameWithoutExtension(resolvedPath) });
}
}
else if ((assembly.IsPrimary && flags.IsSigned) && (!flags.HasAllowPartiallyTrustedCallersAttribute && !flags.HasSecurityTransparentAttribute))
{
base.OutputMessages.AddWarningMessage("GenerateManifest.AllowPartiallyTrustedCallers", new string[] { Path.GetFileNameWithoutExtension(resolvedPath) });
}
if (flags.HasPrimaryInteropAssemblyAttribute || flags.HasImportedFromTypeLibAttribute)
{
base.OutputMessages.AddWarningMessage("GenerateManifest.UnmanagedCodePermission", new string[] { Path.GetFileNameWithoutExtension(resolvedPath) });
}
}
}
private void ValidateReferenceForPartialTrust(AssemblyReference assembly, TrustInfo trustInfo)
{
if (trustInfo.IsFullTrust)
{
return;
}
string path = assembly.ResolvedPath;
AssemblyAttributeFlags flags = new AssemblyAttributeFlags(path);
// if it's targeting v2.0 CLR then use the old logic to check for partial trust callers.
if (Util.CompareFrameworkVersions(this.TargetFrameworkVersion, Constants.TargetFrameworkVersion35) <= 0)
{
if (assembly.IsPrimary && flags.IsSigned &&
!flags.HasAllowPartiallyTrustedCallersAttribute)
{
OutputMessages.AddWarningMessage("GenerateManifest.AllowPartiallyTrustedCallers", Path.GetFileNameWithoutExtension(path));
}
}
else
{
if (assembly.AssemblyIdentity != null && assembly.AssemblyIdentity.IsInFramework(Constants.DotNetFrameworkIdentifier, TargetFrameworkVersion))
{
// if the binary is targeting v4.0 and it has the transparent attribute then we may allow partially trusted callers.
if (assembly.IsPrimary &&
!(flags.HasAllowPartiallyTrustedCallersAttribute || flags.HasSecurityTransparentAttribute))
{
OutputMessages.AddWarningMessage("GenerateManifest.AllowPartiallyTrustedCallers", Path.GetFileNameWithoutExtension(path));
}
}
else
{
// if the binary is targeting v4.0 and it has the transparent attribute then we may allow partially trusted callers.
if (assembly.IsPrimary && flags.IsSigned &&
!(flags.HasAllowPartiallyTrustedCallersAttribute || flags.HasSecurityTransparentAttribute))
{
OutputMessages.AddWarningMessage("GenerateManifest.AllowPartiallyTrustedCallers", Path.GetFileNameWithoutExtension(path));
}
}
}
if (flags.HasPrimaryInteropAssemblyAttribute || flags.HasImportedFromTypeLibAttribute)
{
OutputMessages.AddWarningMessage("GenerateManifest.UnmanagedCodePermission", Path.GetFileNameWithoutExtension(path));
}
}
private static void WriteManifest(Manifest manifest, Stream output, string targetframeWorkVersion)
{
int t1 = Environment.TickCount;
Stream s1 = Serialize(manifest);
string n = manifest.AssemblyIdentity.GetFullName(AssemblyIdentity.FullNameFlags.All);
if (String.IsNullOrEmpty(n))
{
n = manifest.GetType().Name;
}
Util.WriteLogFile(n + ".write.0-serialized.xml", s1);
string resource;
if (string.IsNullOrEmpty(targetframeWorkVersion) || Util.CompareFrameworkVersions(targetframeWorkVersion, Constants.TargetFrameworkVersion40) <= 0)
{
resource = "write2.xsl";
}
else
{
resource = "write3.xsl";
}
Stream s2;
if (manifest.GetType() == typeof(ApplicationManifest))
{
var am = (ApplicationManifest)manifest;
if (am.TrustInfo == null)
{
s2 = XmlUtil.XslTransform(resource, s1);
}
else
{
// May throw IO-related exceptions
string temp = FileUtilities.GetTemporaryFile();
am.TrustInfo.Write(temp);
if (Util.logging)
{
try
{
File.Copy(temp, Path.Combine(Util.logPath, n + ".trust-file.xml"), true);
}
catch (IOException)
{
}
catch (ArgumentException)
{
}
catch (UnauthorizedAccessException)
{
}
catch (NotSupportedException)
{
}
}
var arg = new DictionaryEntry("trust-file", temp);
try
{
s2 = XmlUtil.XslTransform(resource, s1, arg);
}
finally
{
File.Delete(temp);
}
}
}
else
{
s2 = XmlUtil.XslTransform(resource, s1);
}
Util.WriteLogFile(n + ".write.1-transformed.xml", s2);
Stream s3;
if (manifest.InputStream == null)
{
s3 = s2;
}
else
{
string temp = Util.WriteTempFile(manifest.InputStream);
var arg = new DictionaryEntry("base-file", temp);
try
{
s3 = XmlUtil.XslTransform("merge.xsl", s2, arg);
}
finally
{
File.Delete(temp);
}
Util.WriteLogFile(n + ".write.2-merged.xml", s3);
}
Stream s4 = ManifestFormatter.Format(s3);
Util.WriteLogFile(n + ".write.3-formatted.xml", s4);
Util.CopyStream(s4, output);
Util.WriteLog(String.Format(CultureInfo.CurrentCulture, "ManifestWriter.WriteManifest t={0}", Environment.TickCount - t1));
}
private static void GetFileInfoImpl(string path, string targetFrameWorkVersion, out string hash, out long length)
{
FileInfo fi = new FileInfo(path);
length = fi.Length;
Stream s = null;
try
{
s = fi.OpenRead();
HashAlgorithm hashAlg = null;
if (targetFrameWorkVersion == null || targetFrameWorkVersion.Length == 0 || Util.CompareFrameworkVersions(targetFrameWorkVersion, Constants.TargetFrameworkVersion40) <= 0)
{
hashAlg = new SHA1CryptoServiceProvider();
}
else
{
hashAlg = new SHA256CryptoServiceProvider();
}
byte[] hashBytes = hashAlg.ComputeHash(s);
hash = Convert.ToBase64String(hashBytes);
}
finally
{
if (s != null)
{
s.Close();
}
}
}
