Export (0) Print
Expand All

StrongNameIdentityPermission Class

Defines the identity permission for strong names. This class cannot be inherited.

Namespace: System.Security.Permissions
Assembly: mscorlib (in mscorlib.dll)

[SerializableAttribute] 
[ComVisibleAttribute(true)] 
public sealed class StrongNameIdentityPermission : CodeAccessPermission
/** @attribute SerializableAttribute() */ 
/** @attribute ComVisibleAttribute(true) */ 
public final class StrongNameIdentityPermission extends CodeAccessPermission
SerializableAttribute 
ComVisibleAttribute(true) 
public final class StrongNameIdentityPermission extends CodeAccessPermission

Use StrongNameIdentityPermission to achieve versioning and naming protection by confirming that the calling code is in a particular strong-named code assembly.

A strong name identity is based on a cryptographic public key called a blob optionally combined with the name and version of a specific assembly. The key defines a unique namespace and provides strong verification that the name is genuine, because the definition of the name must be in an assembly signed by the corresponding private key.

Note that the validity of the strong name key is not dependent on a trust relationship or any certificate necessarily being issued for the key.

NoteNote

Full demands for StrongNameIdentityPermission succeed only if all the assemblies in the stack have the correct evidence to satisfy the demand. Link demands using StrongNameIdentityPermissionAttribute succeed if only the immediate caller has the correct evidence.

For a complete description of strong names, see StrongName. For more information on strong-named assemblies, see Strong-Named Assemblies.

The StrongNameIdentityPermission class is used to define strong-name requirements for access to the public members of a type. The StrongNameIdentityPermissionAttribute attribute can be used to define strong-name requirements at the assembly level. In .NET Framework version 2.0 you can also use InternalsVisibleToAttribute to specify that all nonpublic types in that assembly are visible to another assembly. For more information see Friend Assemblies (C# Programming Guide).

The following code example demonstrates the use of the StrongNameIdentityPermission class. The example is in the form of a class library, which applies both the StrongNameIdentityPermissionAttribute attribute and the StrongNameIdentityPermission to demand that the caller be signed with a specific strong name.

//The following commented code should be compiled as an console application to execute the
// class library example.
//
//using System;
//using System.Reflection;
//using SignedLib;
//[assembly: AssemblyVersion("1.0.0.0")]
//[assembly: AssemblyKeyFile("snKey.snk")]
//public class StrongNameTest
//{
//  // Demonstrate the declarative and imperative forms of the StrongNameIdentityPermission.
//  public static void Main()
//  {
//      try
//      {
//            Signed signedLib = new Signed();
//            signedLib.GetWindirImperative();
//            signedLib.GetWindirDeclarative();
//            Console.WriteLine( "Called the signed library assembly methods successfully.");
//      }
//      catch (Exception e)
//      {
//            Console.WriteLine( "Exception thrown in called assembly: " + e.Message);
//      }
//   }
//}
//
// Class library example to demonstrate StrongNameIdentityPermission and 
// StrongNameIdentityPermissionAttribute.
using System;
using System.Security.Permissions;
using System.Reflection;
[assembly: AssemblyVersion("1.0.*")]
[assembly :AssemblyKeyFile("snKey.snk")]
namespace SignedLib
{

    public class Signed
    {
        // Read the windir environment variable.
        public void GetWindirImperative()
        {
            try
            {
                // Use Sn.exe to generate the byte array for the public key.
                byte[] b1 = { 0, 36, 0, 0, 4, 128, 0, 0, 148, 0, 0, 0, 6, 2, 0, 0, 0, 36, 
                    0, 0, 82, 83, 65, 49, 0, 4, 0, 0, 1, 0, 1, 0, 237, 146, 145, 51, 34, 
                    97, 123, 196, 90, 174, 41, 170, 173, 221, 41, 193, 175, 39, 7, 151, 
                    178, 0, 230, 152, 218, 8, 206, 206, 170, 84, 111, 145, 26, 208, 158, 
                    240, 246, 219, 228, 34, 31, 163, 11, 130, 16, 199, 111, 224, 4, 112, 
                    46, 84, 0, 104, 229, 38, 39, 63, 53, 189, 0, 157, 32, 38, 34, 109, 0, 
                    171, 114, 244, 34, 59, 9, 232, 150, 192, 247, 175, 104, 143, 171, 42, 
                    219, 66, 66, 194, 191, 218, 121, 59, 92, 42, 37, 158, 13, 108, 210, 
                    189, 9, 203, 204, 32, 48, 91, 212, 101, 193, 19, 227, 107, 25, 133, 
                    70, 2, 220, 83, 206, 71, 102, 245, 104, 252, 87, 109, 190, 56, 34, 180 };

                // Specify the version of the calling assembly.
                Version v1 = new Version("1.0.0.0");
                StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob(b1);
                Console.WriteLine(ComparePublicKeys() ? "Calling assembly has same key as this assembly " : "Calling assembly has different key than this assembly");
                // Create different permissions to exercise the set operations.
                StrongNameIdentityPermission snPerm = new StrongNameIdentityPermission(blob, "StrongNamedExe", v1);
                snPerm.Demand();
                // Return the location of the Windows directory that is found in 
                // the windir environment variable.
                Console.WriteLine(Environment.GetEnvironmentVariable("windir"));
            }
            catch (Exception e)
            {
                Console.WriteLine("Exception thrown in called assembly: " + e.Message);
            }
        }
    // Use an attribute to demand that the calling assembly has a specific strong name key.
    // Use Sn.exe to generate the public key string used for the demand.
    [StrongNameIdentityPermissionAttribute(SecurityAction.Demand, PublicKey = 
        "0024000004800000940000000602000000240000525341310004000001000100ed92913322617b" +
        "c45aae29aaaddd29c1af270797b200e698da08ceceaa546f911ad09ef0f6dbe4221fa30b8210c7" +
        "6fe004702e540068e526273f35bd009d2026226d00ab72f4223b09e896c0f7af688fab2adb4242" +
        "c2bfda793b5c2a259e0d6cd2bd09cbcc20305bd465c113e36b19854602dc53ce4766f568fc576d" +
        "be3822b4")]
        public void GetWindirDeclarative()
        {
            try
            {
                // Return the location of the Windows directory that is found in 
                // the windir environment variable.
                Console.WriteLine(Environment.GetEnvironmentVariable("windir"));
            }
            catch (Exception e)
            {
                Console.WriteLine("Exception thrown in called assembly: " + e.Message);
            }
        }
        public static bool ComparePublicKeys()
        {
            try
            {
                Assembly callingAssembly;

                // Create a target object.
                Int32 integer1 = new Int32();
                Type type1;

                // Set the Type instance to the target class type.
                type1 = integer1.GetType();

                // Create an instance of the assembly class to house the Integer type.  
                callingAssembly = Assembly.GetAssembly(integer1.GetType());

                // Display the name of the calling assembly.
                Assembly entryAssembly = Assembly.GetEntryAssembly();
                string mainAssembly = entryAssembly.FullName;

                Console.WriteLine("Calling assembly = " + entryAssembly.FullName);

                // Get the name of the assembly being called (this assembly).
                string thisAssembly = Assembly.GetCallingAssembly().FullName;

                Console.WriteLine("Called assembly=" + thisAssembly);

                int tokenIndex1 = thisAssembly.LastIndexOf("PublicKeyToken");
                int tokenIndex2 = mainAssembly.LastIndexOf("PublicKeyToken");
                string testString1 = thisAssembly.Substring(tokenIndex1, 31);
                string testString2 = mainAssembly.Substring(tokenIndex2, 31);

                return testString1.Equals(testString2);
            }
            catch
            {
                Console.WriteLine("This is an unexpected exception");
                throw;
            }
        }
    }
}


package SignedLib ; 

//  The following commented code should be compiled as an console application 
//  to execute the class library example.

//    import System .* ;
//    import System.Reflection .* ;
//    import SignedLib .* ;
//    /** @assembly AssemblyVersion("1.0.0.0")
//     */
//    /** @assembly AssemblyKeyFile("snKey.snk")
//     */
//    public class StrongNameTest
//    {
   
//        //Demonstrate the declarative and imperative forms of the 
//        // StrongNameIdentityPermission.
//        public static void main(String[] args)
//        {
//            try {
//                Signed signedLib =  new Signed();
//                signedLib.GetWindirImperative();
//                signedLib.GetWindirDeclarative();
//                Console.WriteLine(("Called the signed library assembly " 
//                    + "methods successfully."));
//            }
//            catch(System.Exception e) {
//                Console.WriteLine(("Exception thrown in called assembly: " 
//                    + e.get_Message()));
//            }
//        } //main
//    } //StrongNameTest

// Class library example to demonstrate StrongNameIdentityPermission and 
// StrongNameIdentityPermissionAttribute.

import System.*;
import System.Security.Permissions.*;
import System.Reflection.*;

/** @assembly AssemblyVersion("1.0.*")
 */
/** @assembly AssemblyKeyFile("snKey.snk")
 */
public class Signed
{
    // Read the windir environment variable.
    public void GetWindirImperative()
    {
        try {
            // Use Sn.exe to generate the byte array for the public key.
            ubyte b1[] =  { 0, 36, 0, 0, 4, 128, 0, 0, 148, 0, 0, 0, 6, 2, 
                0, 0, 0, 36, 0, 0, 82, 83, 65, 49, 0, 4, 0, 0, 1, 0, 1, 0,
                237, 146, 145, 51, 34, 97, 123, 196, 90, 174, 41, 170, 173,
                221, 41, 193, 175, 39, 7, 151, 178, 0, 230, 152, 218, 8, 
                206, 206, 170, 84, 111, 145, 26, 208, 158, 240, 246, 219,
                228, 34, 31, 163, 11, 130, 16, 199, 111, 224, 4, 112, 46,
                84, 0, 104, 229, 38, 39, 63, 53, 189, 0, 157, 32, 38, 34,
                109, 0, 171, 114, 244, 34, 59, 9, 232, 150, 192, 247, 175,
                104, 143, 171, 42, 219, 66, 66, 194, 191, 218, 121, 59, 92,
                42, 37, 158, 13, 108, 210, 189, 9, 203, 204, 32, 48, 91, 
                212, 101, 193, 19, 227, 107, 25, 133, 70, 2, 220, 83, 206,
                71, 102, 245, 104, 252, 87, 109, 190, 56, 34, 180};

            // Specify the version of the calling assembly.
            Version v1 = new Version("1.0.0.0");
            StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob(b1);

            Console.WriteLine((ComparePublicKeys()) ? "Calling assembly " 
                + "has same key as this assembly " : "Calling assembly has " 
                + "different key than this assembly");

            // Create different permissions to exercise the set operations.
            StrongNameIdentityPermission snPerm = 
                new StrongNameIdentityPermission(blob, "StrongNamedExe", v1);

            snPerm.Demand();

            // Return the location of the Windows directory that is found in 
            // the windir environment variable.
            Console.WriteLine(Environment.GetEnvironmentVariable("windir"));
        }
        catch (System.Exception e) {
            Console.WriteLine(("Exception thrown in called assembly: " 
                + e.get_Message()));
        }
    } //GetWindirImperative

    // Use an attribute to demand that the calling assembly has a 
    // specific strong name key.
    // Use Sn.exe to generate the public key string used for the demand.
    /** @attribute StrongNameIdentityPermissionAttribute(
        SecurityAction.Demand, PublicKey = 
        "0024000004800000940000000602000000240000525341310004000001000100ed" + 
        "92913322617b" + "c45aae29aaaddd29c1af270797b200e698da08ceceaa546f" + 
        "911ad09ef0f6dbe4221fa30b8210c7" + "6fe004702e540068e526273f35bd009d" + 
        "2026226d00ab72f4223b09e896c0f7af688fab2adb4242" + "c2bfda793b5c2a259" + 
        "e0d6cd2bd09cbcc20305bd465c113e36b19854602dc53ce4766f568fc576d" + 
        "be3822b4")
     */

    public void GetWindirDeclarative()
    {
        try {
            // Return the location of the Windows directory that is found in 
            // the windir environment variable.
            Console.WriteLine(Environment.GetEnvironmentVariable("windir"));
        }
        catch (System.Exception e) {
            Console.WriteLine(("Exception thrown in called assembly: " 
                + e.get_Message()));
        }
    } //GetWindirDeclarative

    public static boolean ComparePublicKeys() throws Exception
    {
        try {
            Assembly callingAssembly;

            // Create a target object.
            Int32 integer1 = new Int32();
            Type type1;

            // Set the Type instance to the target class type.
            type1 = integer1.GetType();

            // Create an instance of the assembly class to house the Integer 
            // type.  
            callingAssembly = Assembly.GetAssembly(integer1.GetType());

            // Display the name of the calling assembly.
            Assembly entryAssembly = Assembly.GetEntryAssembly();
            String mainAssembly = entryAssembly.get_FullName();

            Console.WriteLine(("Calling assembly = " 
                + entryAssembly.get_FullName()));

            // Get the name of the assembly being called (this assembly).
            String thisAssembly = Assembly.GetCallingAssembly().
                get_FullName();

            Console.WriteLine(("Called assembly=" + thisAssembly));

            int tokenIndex1 = thisAssembly.LastIndexOf("PublicKeyToken");
            int tokenIndex2 = mainAssembly.LastIndexOf("PublicKeyToken");
            String testString1 = thisAssembly.Substring(tokenIndex1, 31);
            String testString2 = mainAssembly.Substring(tokenIndex2, 31);

            return testString1.Equals(testString2);
        }
        catch (System.Exception exp) {
            Console.WriteLine("This is an unexpected exception");
            throw new Exception();
        }
    } //ComparePublicKeys
} //Signed

The following code example demonstrates the behavior of the StrongNameIdentityPermission methods. The purpose of this sample is to show the results of the methods, not to show how the methods are used.


using System;
using System.Security;
using System.Security.Permissions;


public class StrongNameIdentityDemo
{
    // Public key
    static byte[] b1 = { 0, 36, 0, 0, 4, 128, 0, 0, 148, 0, 0, 0, 6, 2, 0, 0, 0, 36, 0, 0,
82, 83, 65, 49, 0, 4, 0, 0, 1, 0, 1, 0, 237, 146, 145, 51, 34,
97, 123, 196, 90, 174, 41, 170, 173, 221, 41, 193, 175, 39, 7,
151, 178, 0, 230, 152, 218, 8, 206, 206, 170,84, 111, 145, 26,
208, 158, 240, 246, 219, 228, 34, 31, 163, 11, 130, 16, 199, 111,
224, 4, 112, 46, 84, 0, 104, 229, 38, 39, 63, 53, 189, 0, 157,
32, 38, 34, 109, 0, 171, 114, 244, 34, 59, 9, 232, 150, 192, 247,
175, 104, 143, 171, 42, 219, 66, 66, 194, 191, 218, 121, 59, 92,
42, 37, 158, 13, 108, 210, 189, 9, 203, 204, 32, 48, 91, 212, 101,
193, 19, 227, 107, 25, 133, 70, 2, 220, 83, 206, 71, 102, 245, 104,
252, 87, 109, 190, 56, 34, 180};

    StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob(b1);
    // Use this version number.
    Version v1 = new Version("1.0.0.0");
    // IsSubsetOf determines whether the current permission is a subset of the specified permission.
    private bool IsSubsetOfDemo()
    {

        bool returnValue = true;

        StrongNameIdentityPermission snIdPerm1, snIdPerm2;

        snIdPerm1 = new StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", new Version("1.0.0.0"));
        snIdPerm2 = new StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.MyFile", new Version("1.0.0.0"));

        if (snIdPerm1.IsSubsetOf(snIdPerm2))
        {

            Console.WriteLine("MyCompany.MyDepartment.* is a subset " +
            "of MyCompany.MyDepartment.MyFile \n");
        }
        else
        {
            Console.WriteLine("MyCompany.MyDepartment.*" +
            " is not a subset of MyCompany.MyDepartment.MyFile \n");
        }

        return returnValue;
    }
    // Union creates a new permission that is the union of the current permission and the specified permission.
    private bool UnionDemo()
    {

        bool returnValue = true;

        StrongNameIdentityPermission snIdPerm1, snIdPerm2;
        IPermission snIdPerm3;

        snIdPerm1 = new StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", new Version("1.0.0.0"));
        snIdPerm2 = new StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.MyFile", new Version("1.0.0.0"));

        snIdPerm3 = (StrongNameIdentityPermission)snIdPerm1.Union(snIdPerm2);

        try
        {
            Console.WriteLine("The union of MyCompany.MyDepartment.*" +
            "and MyCompany.MyDepartment.MyFile is " +
            ((StrongNameIdentityPermission)snIdPerm3).Name.ToString());
        }
        catch (Exception e)
        {
            Console.WriteLine("An expected exception was thrown: " + e.Message);
        }


        return returnValue;

    }
    // Intersect creates and returns a new permission that is the intersection of the current
    // permission and the permission specified.
    private bool IntersectDemo()
    {

        bool returnValue = true;

        StrongNameIdentityPermission snIdPerm1, snIdPerm2, snIdPerm3;

        snIdPerm1 = new StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", new Version("1.0.0.0"));
        snIdPerm2 = new StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.MyFile", new Version("1.0.0.0"));

        try
        {

            snIdPerm3 = (StrongNameIdentityPermission)snIdPerm1.Intersect(snIdPerm2);

            Console.WriteLine("The intersection of MyCompany.MyDepartment.*"
            + "MyCompany.MyDepartment.MyFile is "
            + ((StrongNameIdentityPermission)snIdPerm3).Name.ToString());

        }
        catch (Exception e)
        {
            Console.WriteLine("An exception was thrown: " + e);
            returnValue = false;
        }

        return returnValue;

    }
    //Copy creates and returns an identical copy of the current permission.
    private bool CopyDemo()
    {
        bool returnValue = true;

        StrongNameIdentityPermission snIdPerm1, snIdPerm2;

        snIdPerm1 = new StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", new Version("1.0.0.0"));
        snIdPerm2 = new StrongNameIdentityPermission(PermissionState.None);

        snIdPerm2 = (StrongNameIdentityPermission)snIdPerm1.Copy();
        Console.WriteLine("Result of copy = " + snIdPerm2.ToString() + "\n");

        return returnValue;
    }
    // ToXml creates an XML encoding of the permission and its current state;
    //FromXml reconstructs a permission with the specified state from the XML encoding.
    private bool ToFromXmlDemo()
    {

        bool returnValue = true;

        StrongNameIdentityPermission snIdPerm1, snIdPerm2;

        snIdPerm1 = new StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", new Version("1.0.0.0"));    
        snIdPerm2 = new StrongNameIdentityPermission(PermissionState.None);
        snIdPerm2.FromXml(snIdPerm1.ToXml());
        Console.WriteLine("Result of ToFromXml = " + snIdPerm2.ToString() + "\n");

        return returnValue;

    }
    // Invoke all demos.
    public bool RunDemo()
    {

        bool ret = true;
        bool retTmp;
        // Call the IsSubsetOf demo.
        if (retTmp = IsSubsetOfDemo()) Console.Out.WriteLine("IsSubsetOf demo completed successfully.");
        else
            Console.Out.WriteLine("IsSubsetOf demo failed.");
        ret = retTmp && ret;

        // Call the Union demo.
        if (retTmp = UnionDemo()) Console.Out.WriteLine("Union demo completed successfully.");
        else
            Console.Out.WriteLine("Union demo failed.");
        ret = retTmp && ret;

        // Call the Intersect demo.
        if (retTmp = IntersectDemo()) Console.Out.WriteLine("Intersect demo completed successfully.");
        else
            Console.Out.WriteLine("Intersect demo failed.");
        ret = retTmp && ret;


        // Call the Copy demo.
        if (retTmp = CopyDemo()) Console.Out.WriteLine("Copy demo completed successfully");
        else
            Console.Out.WriteLine("Copy demo failed.");
        ret = retTmp && ret;

        // Call the ToFromXml demo.
        if (retTmp = ToFromXmlDemo()) Console.Out.WriteLine("ToFromXml demo completed successfully");
        else
            Console.Out.WriteLine("ToFromXml demo failed.");
        ret = retTmp && ret;

        Console.WriteLine("********************************************************\n");


        return (ret);






    }
    // Test harness.
    public static void Main(String[] args)
    {
        try
        {
            StrongNameIdentityDemo democase = new StrongNameIdentityDemo();
            bool ret = democase.RunDemo();
            if (ret)
            {
                Console.Out.WriteLine("StrongNameIdentity demo completed successfully.");
                Console.Out.WriteLine("Press the Enter key to exit.");
                string consoleInput = Console.ReadLine();
                System.Environment.ExitCode = 100;
            }
            else
            {
                Console.Out.WriteLine("StrongNameIdentity demo failed.");
                Console.Out.WriteLine("Press the Enter key to exit.");
                string consoleInput = Console.ReadLine();
                System.Environment.ExitCode = 101;
            }
        }
        catch (Exception e)
        {
            Console.Out.WriteLine("StrongNameIdentity demo failed.");
            Console.WriteLine(e.ToString());
            Console.Out.WriteLine("Press the Enter key to exit.");
            string consoleInput = Console.ReadLine();
            System.Environment.ExitCode = 101;
        }
        // Catch non-CLSCompliant exceptions.
        catch
        {
            Console.WriteLine("An unexpected non-CLSCompliant exception was thrown.");
        }
    }
}


System.Object
   System.Security.CodeAccessPermission
    System.Security.Permissions.StrongNameIdentityPermission

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0, 1.1, 1.0

Community Additions

ADD
Show:
© 2014 Microsoft