+2004-08-08 Sebastien Pouliot <sebastien@ximian.com>
+
+ * Evidence.cs: Added new static internal method to create default
+ host evidences for an assembly.
+ * FileCodeGroup.cs: Added incomplete (no children) policy resolution
+ in order to load more complex policies.
+ * Hash.cs: Added ISerialization support (required for cross-domain
+ evidence support, like nunit).
+ * NetCodeGroup.cs: Added incomplete (no children) policy resolution in
+ order to load more complex policies.
+
2004-08-04 Sebastien Pouliot <sebastien@ximian.com>
* Gac.cs: New. Implemented Gac evidence for NET_2_0.
using System;
using System.Collections;
+using System.Reflection;
using System.Security.Permissions;
+using System.Security.Cryptography.X509Certificates;
namespace System.Security.Policy {
}
}
#endif
+
+ // this avoid us to build all evidences from the runtime
+ // (i.e. multiple unmanaged->managed calls) and also allows
+ // to delay their creation until (if) needed
+ static internal Evidence GetDefaultHostEvidence (Assembly a)
+ {
+ Evidence e = new Evidence ();
+ string aname = a.CodeBase;
+
+ // by default all assembly have the Zone, Url and Hash evidences
+ e.AddHost (Zone.CreateFromUrl (aname));
+ e.AddHost (new Url (aname));
+ e.AddHost (new Hash (a));
+
+ // non local files (e.g. http://) also get a Site evidence
+ if (!aname.ToUpper ().StartsWith ("FILE://")) {
+ e.AddHost (Site.CreateFromUrl (aname));
+ }
+
+ // strongnamed assemblies gets a StrongName evidence
+ AssemblyName an = a.GetName ();
+ byte[] pk = an.GetPublicKey ();
+ if (pk != null) {
+ StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob (pk);
+ e.AddHost (new StrongName (blob, an.Name, an.Version));
+ }
+
+ // Authenticode(r) signed assemblies get a Publisher evidence
+ try {
+ X509Certificate x509 = X509Certificate.CreateFromSignedFile (a.Location);
+ if (x509.GetHashCode () != 0) {
+ e.AddHost (new Publisher (x509));
+ }
+ }
+ catch (ArgumentException) {
+ // URI are not supported
+ }
+#if NET_2_0
+ // assemblies loaded from the GAC also get a Gac evidence (new in Fx 2.0)
+ if (a.GlobalAssemblyCache) {
+ e.AddHost (new Gac ());
+ }
+/*
+ // the current HostSecurityManager may add/remove some evidence
+ AppDomainManager dommgr = AppDomain.CurrentDomain.DomainManager;
+ if (dommgr != null) {
+ if ((dommgr.HostSecurityManager.Flags & HostSecurityManagerFlags.HostAssemblyEvidence) ==
+ HostSecurityManagerFlags.HostAssemblyEvidence) {
+ e = dommgr.HostSecurityManager.ProvideAssemblyEvidence (a, e);
+ }
+ }*/
+#endif
+ return e;
+ }
private class EvidenceEnumerator : IEnumerator {
get { return "Union";}
}
- [MonoTODO]
+ [MonoTODO ("no children processing")]
public override PolicyStatement Resolve (Evidence evidence)
{
if (null == evidence)
if (!MembershipCondition.Check(evidence))
return null;
- IEnumerator hostEnumerator = evidence.GetHostEnumerator();
- while (hostEnumerator.MoveNext())
- {
- // FIXME: not sure what to do here
- // How do we check the URL and make a PolicyStatement?
+ PolicyStatement pst = this.PolicyStatement.Copy ();
+ if (this.Children.Count > 0) {
+ foreach (CodeGroup cg in this.Children) {
+ PolicyStatement child = cg.Resolve (evidence);
+ if (child != null) {
+ // TODO union
+ }
+ }
}
- throw new NotImplementedException();
+ return pst;
}
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
if (null == evidence)
throw new ArgumentNullException("evidence");
- if (!MembershipCondition.Check(evidence))
+ if (!MembershipCondition.Check (evidence))
return null;
FileCodeGroup matchRoot = new FileCodeGroup(MembershipCondition, m_access);
this.assembly = assembly;
}
-#if NET_2_0
internal Hash ()
{
}
-#endif
+
+ internal Hash (SerializationInfo info, StreamingContext context)
+ {
+ data = (byte[]) info.GetValue ("RawData", typeof (byte[]));
+ }
//
// Public Properties
return hashAlg.ComputeHash (GetData ());
}
- [MonoTODO]
public void GetObjectData (SerializationInfo info, StreamingContext context)
{
if (info == null)
throw new ArgumentNullException ("info");
- throw new NotImplementedException ();
+ info.AddValue ("RawData", GetData ());
}
[MonoTODO("The Raw data seems to be different than the raw data I have")]
// interface IBuiltInEvidence
- [MonoTODO]
int IBuiltInEvidence.GetRequiredSize (bool verbose)
{
- return 0;
+ return (verbose ? 5 : 0); // as documented
}
[MonoTODO]
}
#endif
- [MonoTODO]
+ [MonoTODO ("no children processing")]
public override PolicyStatement Resolve (Evidence evidence)
{
if (evidence == null)
throw new ArgumentNullException ("evidence");
- throw new NotImplementedException ();
+ if (!MembershipCondition.Check (evidence))
+ return null;
+
+ PolicyStatement pst = this.PolicyStatement.Copy ();
+ if (this.Children.Count > 0) {
+ foreach (CodeGroup cg in this.Children) {
+ PolicyStatement child = cg.Resolve (evidence);
+ if (child != null) {
+ // TODO union
+ }
+ }
+ }
+ return pst;
}
#if NET_2_0
public override CodeGroup ResolveMatchingCodeGroups (Evidence evidence)
{
if (evidence == null)
- throw new ArgumentNullException ();
+ throw new ArgumentNullException ("evidence");
CodeGroup return_group = null;
if (MembershipCondition.Check (evidence)) {