2 * security-manager.c: Security Manager (Unmanaged side)
5 * Sebastien Pouliot <sebastien@ximian.com>
7 * Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
10 #include "security-manager.h"
15 static MonoSecurityManager secman;
16 static MonoBoolean mono_security_manager_activated = FALSE;
17 static MonoBoolean mono_security_manager_enabled = TRUE;
18 static MonoBoolean mono_security_manager_execution = TRUE;
24 mono_security_manager_get_methods (void)
26 /* Already initialized ? */
27 if (secman.securitymanager)
31 secman.securitymanager = mono_class_from_name (mono_defaults.corlib,
32 "System.Security", "SecurityManager");
33 g_assert (secman.securitymanager);
34 if (!secman.securitymanager->inited)
35 mono_class_init (secman.securitymanager);
37 secman.demand = mono_class_get_method_from_name (secman.securitymanager,
39 g_assert (secman.demand);
41 secman.inheritancedemand = mono_class_get_method_from_name (secman.securitymanager,
42 "InheritanceDemand", 2);
43 g_assert (secman.inheritancedemand);
45 secman.inheritsecurityexception = mono_class_get_method_from_name (secman.securitymanager,
46 "InheritanceDemandSecurityException", 4);
47 g_assert (secman.inheritsecurityexception);
49 secman.linkdemand = mono_class_get_method_from_name (secman.securitymanager,
51 g_assert (secman.linkdemand);
53 secman.linkdemandunmanaged = mono_class_get_method_from_name (secman.securitymanager,
54 "LinkDemandUnmanaged", 1);
55 g_assert (secman.linkdemandunmanaged);
57 secman.linkdemandfulltrust = mono_class_get_method_from_name (secman.securitymanager,
58 "LinkDemandFullTrust", 1);
59 g_assert (secman.linkdemandfulltrust);
61 secman.linkdemandsecurityexception = mono_class_get_method_from_name (secman.securitymanager,
62 "LinkDemandSecurityException", 3);
63 g_assert (secman.linkdemandsecurityexception);
65 secman.aptc = mono_class_from_name (mono_defaults.corlib, "System.Security",
66 "AllowPartiallyTrustedCallersAttribute");
67 g_assert (secman.aptc);
73 mono_secman_inheritance_check (MonoClass *klass, MonoDeclSecurityActions *demands)
75 MonoSecurityManager* secman = mono_security_manager_get_methods ();
76 MonoDomain *domain = mono_domain_get ();
77 MonoAssembly *assembly = mono_image_get_assembly (klass->image);
78 MonoReflectionAssembly *refass = mono_assembly_get_object (domain, assembly);
85 res = mono_runtime_invoke (secman->inheritancedemand, NULL, args, NULL);
86 return (*(MonoBoolean *) mono_object_unbox (res));
90 mono_secman_inheritancedemand_class (MonoClass *klass, MonoClass *parent)
92 MonoDeclSecurityActions demands;
94 /* don't hide previous results -and- don't calc everything for nothing */
95 if (klass->exception_type != 0)
98 /* Check if there are an InheritanceDemand on the parent class */
99 if (mono_declsec_get_inheritdemands_class (parent, &demands)) {
100 /* If so check the demands on the klass (inheritor) */
101 if (!mono_secman_inheritance_check (klass, &demands)) {
102 /* Keep flags in MonoClass to be able to throw a SecurityException later (if required) */
103 klass->exception_type = MONO_EXCEPTION_SECURITY_INHERITANCEDEMAND;
104 klass->exception_data = NULL;
110 mono_secman_inheritancedemand_method (MonoMethod *override, MonoMethod *base)
112 MonoDeclSecurityActions demands;
114 /* don't hide previous results -and- don't calc everything for nothing */
115 if (override->klass->exception_type != 0)
118 /* Check if there are an InheritanceDemand on the base (virtual) method */
119 if (mono_declsec_get_inheritdemands_method (base, &demands)) {
120 /* If so check the demands on the overriding method */
121 if (!mono_secman_inheritance_check (override->klass, &demands)) {
122 /* Keep flags in MonoClass to be able to throw a SecurityException later (if required) */
123 override->klass->exception_type = MONO_EXCEPTION_SECURITY_INHERITANCEDEMAND;
124 override->klass->exception_data = base;
131 * Note: The security manager is activate once when executing the Mono. This
132 * is not meant to be a turn on/off runtime switch.
135 mono_activate_security_manager (void)
137 mono_security_manager_activated = TRUE;
141 mono_is_security_manager_active (void)
143 return mono_security_manager_activated;
147 * @publickey An encoded (with header) public key
148 * @size The length of the public key
150 * returns TRUE if the public key is the ECMA "key", FALSE otherwise
152 * ECMA key isn't a real public key - it's simply an empty (but valid) header
153 * so it's length (16) and value (00000000000000000400000000000000) are
157 mono_is_ecma_key (const char *publickey, int size)
160 if ((publickey == NULL) || (size != MONO_ECMA_KEY_LENGTH) || (publickey [8] != 0x04))
163 for (i=0; i < size; i++) {
164 if ((publickey [i] != 0x00) && (i != 8))
171 ves_icall_System_Security_SecurityManager_get_SecurityEnabled (void)
173 if (!mono_security_manager_activated)
175 return mono_security_manager_enabled;
179 ves_icall_System_Security_SecurityManager_set_SecurityEnabled (MonoBoolean value)
181 /* value can be changed only if the security manager is activated */
182 if (mono_security_manager_activated) {
183 mono_security_manager_enabled = value;
188 ves_icall_System_Security_SecurityManager_get_CheckExecutionRights (void)
190 if (!mono_security_manager_activated)
192 return mono_security_manager_execution;
196 ves_icall_System_Security_SecurityManager_set_CheckExecutionRights (MonoBoolean value)
198 /* value can be changed only id the security manager is activated */
199 if (mono_security_manager_activated) {
200 mono_security_manager_execution = value;