mcs/class/corlib/System.Security.Permissions/PublisherIdentityPermission.cs

   1 //
   2 // PublisherIdentityPermission.cs: Publisher Identity Permission
   3 //
   4 // Author:
   5 //      Sebastien Pouliot  <sebastien@ximian.com>
   6 //
   7 // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
   8 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
   9 //
  10 // Permission is hereby granted, free of charge, to any person obtaining
  11 // a copy of this software and associated documentation files (the
  12 // "Software"), to deal in the Software without restriction, including
  13 // without limitation the rights to use, copy, modify, merge, publish,
  14 // distribute, sublicense, and/or sell copies of the Software, and to
  15 // permit persons to whom the Software is furnished to do so, subject to
  16 // the following conditions:
  17 //
  18 // The above copyright notice and this permission notice shall be
  19 // included in all copies or substantial portions of the Software.
  20 //
  21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  28 //
  29
  30 using System.Runtime.InteropServices;
  31 using System.Security.Cryptography.X509Certificates;
  32
  33 using Mono.Security.Cryptography;
  34
  35 namespace System.Security.Permissions {
  36
  37         [ComVisible (true)]
  38         [Serializable]
  39         public sealed class PublisherIdentityPermission : CodeAccessPermission, IBuiltInPermission {
  40
  41                 private const int version = 1;
  42
  43                 private X509Certificate x509;
  44
  45                 public PublisherIdentityPermission (PermissionState state)
  46                 {
  47                         // false == do not allow Unrestricted for Identity Permissions
  48                         CheckPermissionState (state, false);
  49                 }
  50
  51                 public PublisherIdentityPermission (X509Certificate certificate)
  52                 {
  53                         // reuse validation by the Certificate property
  54                         Certificate = certificate;
  55                 }
  56
  57                 public X509Certificate Certificate {
  58                         get { return x509; }
  59                         set {
  60                                 if (value == null)
  61                                         throw new ArgumentNullException ("X509Certificate");
  62                                 x509 = value;
  63                         }
  64                 }
  65
  66                 public override IPermission Copy ()
  67                 {
  68                         PublisherIdentityPermission p = new PublisherIdentityPermission (PermissionState.None);
  69                         if (x509 != null)
  70                                 p.Certificate = x509;
  71                         return p;
  72                 }
  73
  74                 public override void FromXml (SecurityElement esd)
  75                 {
  76                         // General validation in CodeAccessPermission
  77                         CheckSecurityElement (esd, "esd", version, version);
  78                         // Note: we do not (yet) care about the return value
  79                         // as we only accept version 1 (min/max values)
  80
  81                         string cert = (esd.Attributes ["X509v3Certificate"] as string);
  82                         if (cert != null) {
  83                                 byte[] rawcert = CryptoConvert.FromHex (cert);
  84                                 x509 = new X509Certificate (rawcert);
  85                         }
  86                 }
  87
  88                 public override IPermission Intersect (IPermission target)
  89                 {
  90                         PublisherIdentityPermission pip = Cast (target);
  91                         if (pip == null)
  92                                 return null;
  93
  94                         if ((x509 != null) && (pip.x509 != null)) {
  95                                 if (x509.GetRawCertDataString () == pip.x509.GetRawCertDataString ())
  96                                         return new PublisherIdentityPermission (pip.x509);
  97                         }
  98                         return null;
  99                 }
 100
 101                 public override bool IsSubsetOf (IPermission target)
 102                 {
 103                         PublisherIdentityPermission pip = Cast (target);
 104                         if (pip == null)
 105                                 return false;
 106
 107                         if (x509 == null)
 108                                 return true;
 109                         if (pip.x509 == null)
 110                                 return false;
 111                         return (x509.GetRawCertDataString () == pip.x509.GetRawCertDataString ());
 112                 }
 113
 114                 public override SecurityElement ToXml ()
 115                 {
 116                         SecurityElement se = Element (version);
 117                         if (x509 != null)
 118                                 se.AddAttribute ("X509v3Certificate", x509.GetRawCertDataString ());
 119                         return se;
 120                 }
 121
 122                 public override IPermission Union (IPermission target)
 123                 {
 124                         PublisherIdentityPermission pip = Cast (target);
 125                         if (pip == null)
 126                                 return Copy ();
 127
 128                         if ((x509 != null) && (pip.x509 != null)) {
 129                                 if (x509.GetRawCertDataString () == pip.x509.GetRawCertDataString ())
 130                                         return new PublisherIdentityPermission (x509); // any cert would do
 131                         }
 132                         else if ((x509 == null) && (pip.x509 != null))
 133                                 return new PublisherIdentityPermission (pip.x509);
 134                         else if ((x509 != null) && (pip.x509 == null))
 135                                 return new PublisherIdentityPermission (x509);
 136                         return null;
 137                 }
 138
 139                 // IBuiltInPermission
 140                 int IBuiltInPermission.GetTokenIndex ()
 141                 {
 142                         return (int) BuiltInToken.PublisherIdentity;
 143                 }
 144
 145                 // helpers
 146
 147                 private PublisherIdentityPermission Cast (IPermission target)
 148                 {
 149                         if (target == null)
 150                                 return null;
 151
 152                         PublisherIdentityPermission pip = (target as PublisherIdentityPermission);
 153                         if (pip == null) {
 154                                 ThrowInvalidPermission (target, typeof (PublisherIdentityPermission));
 155                         }
 156
 157                         return pip;
 158                 }
 159         }
 160 }