2 // PublisherIdentityPermission.cs: Publisher Identity Permission
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using System.Runtime.InteropServices;
31 using System.Security.Cryptography.X509Certificates;
33 using Mono.Security.Cryptography;
35 namespace System.Security.Permissions {
41 public sealed class PublisherIdentityPermission : CodeAccessPermission, IBuiltInPermission {
43 private const int version = 1;
45 private X509Certificate x509;
47 public PublisherIdentityPermission (PermissionState state)
49 // false == do not allow Unrestricted for Identity Permissions
50 CheckPermissionState (state, false);
53 public PublisherIdentityPermission (X509Certificate certificate)
55 // reuse validation by the Certificate property
56 Certificate = certificate;
59 public X509Certificate Certificate {
63 throw new ArgumentNullException ("X509Certificate");
68 public override IPermission Copy ()
70 PublisherIdentityPermission p = new PublisherIdentityPermission (PermissionState.None);
76 public override void FromXml (SecurityElement esd)
78 // General validation in CodeAccessPermission
79 CheckSecurityElement (esd, "esd", version, version);
80 // Note: we do not (yet) care about the return value
81 // as we only accept version 1 (min/max values)
83 string cert = (esd.Attributes ["X509v3Certificate"] as string);
85 byte[] rawcert = CryptoConvert.FromHex (cert);
86 x509 = new X509Certificate (rawcert);
90 public override IPermission Intersect (IPermission target)
92 PublisherIdentityPermission pip = Cast (target);
96 if ((x509 != null) && (pip.x509 != null)) {
97 if (x509.GetRawCertDataString () == pip.x509.GetRawCertDataString ())
98 return new PublisherIdentityPermission (pip.x509);
103 public override bool IsSubsetOf (IPermission target)
105 PublisherIdentityPermission pip = Cast (target);
111 if (pip.x509 == null)
113 return (x509.GetRawCertDataString () == pip.x509.GetRawCertDataString ());
116 public override SecurityElement ToXml ()
118 SecurityElement se = Element (version);
120 se.AddAttribute ("X509v3Certificate", x509.GetRawCertDataString ());
124 public override IPermission Union (IPermission target)
126 PublisherIdentityPermission pip = Cast (target);
130 if ((x509 != null) && (pip.x509 != null)) {
131 if (x509.GetRawCertDataString () == pip.x509.GetRawCertDataString ())
132 return new PublisherIdentityPermission (x509); // any cert would do
134 else if ((x509 == null) && (pip.x509 != null))
135 return new PublisherIdentityPermission (pip.x509);
136 else if ((x509 != null) && (pip.x509 == null))
137 return new PublisherIdentityPermission (x509);
141 // IBuiltInPermission
142 int IBuiltInPermission.GetTokenIndex ()
144 return (int) BuiltInToken.PublisherIdentity;
149 private PublisherIdentityPermission Cast (IPermission target)
154 PublisherIdentityPermission pip = (target as PublisherIdentityPermission);
156 ThrowInvalidPermission (target, typeof (PublisherIdentityPermission));