Imports System
Imports System.Security.Permissions
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
Imports System.Security
Imports System.IO
<Assembly: StorePermissionAttribute(SecurityAction.RequestMinimum, Flags:=StorePermissionFlags.DeleteStore)>
Public Class X509store2
Public Shared Sub Main(ByVal args() As String)
Console.WriteLine("Creating a permission with Flags = OpenStore.")
Dim sp As New System.Security.Permissions.StorePermission(StorePermissionFlags.OpenStore)
'Create a new X509 store named teststore from the local certificate store.
'You must put in a valid path to a certificate in the following constructor.
Dim certificate As New X509Certificate2("c:\certificates\*****.cer")
' Deny the permission to open a store.
sp.Deny()
' The following code results in an exception due to an attempt to open a store.
AddToStore(certificate)
' Remove the deny for opening a store.
CodeAccessPermission.RevertDeny()
' The following code results in an exception due to an attempt to add a certificate.
' The exception is thrown due to a StorePermissionAttribute on the method denying AddToStore permission.
AddToStore(certificate)
' The current code is not affected by the attribute in the previously called method, so the following
' intructions execute without an exception.
Dim store As New X509Store("teststore", StoreLocation.CurrentUser)
store.Open(OpenFlags.ReadWrite)
store.Add(certificate)
' Demonstrate the behavior of the class members.
ShowMembers()
Console.WriteLine("Press the Enter key to exit.")
Console.ReadKey()
Return
End Sub 'Main
'Deny the permission the ability to add to a store.
<StorePermission(SecurityAction.Deny, Flags:=StorePermissionFlags.AddToStore)> _
Private Shared Sub AddToStore(ByVal cert As X509Certificate2)
Try
Dim store As New X509Store("teststore", StoreLocation.CurrentUser)
store.Open(OpenFlags.ReadWrite)
' The following attempt to add a certificate results in an exception being thrown.
store.Add(cert)
Return
Catch e As SecurityException
Console.WriteLine("Security exception thrown when attempting: " + _
CType(e.FirstPermissionThatFailed, System.Security.Permissions.StorePermission).Flags)
Return
End Try
End Sub 'AddToStore
' The following method is intended to demonstrate only the behavior of
' StorePermission class members,and not their practical usage. Most properties
' and methods in this class are used for the resolution and enforcement of
' security policy by the security infrastructure code.
Private Shared Sub ShowMembers()
Console.WriteLine("Creating first permission with Flags = OpenStore.")
Dim sp1 As New System.Security.Permissions.StorePermission(StorePermissionFlags.OpenStore)
Console.WriteLine("Creating second permission with Flags = AllFlags.")
Dim sp2 As New System.Security.Permissions.StorePermission(StorePermissionFlags.AllFlags)
Console.WriteLine("Creating third permission as Unrestricted.")
Dim sp3 As New System.Security.Permissions.StorePermission(PermissionState.Unrestricted)
Console.WriteLine("Creating fourth permission with a permission state of none.")
Dim sp4 As New System.Security.Permissions.StorePermission(PermissionState.None)
Dim rc As Boolean = sp2.IsSubsetOf(sp3)
Console.WriteLine("Is the permission with complete store access (AllFlags) a subset of " + _
vbLf + vbTab + "the permission with an Unrestricted permission state? " + _
IIf(rc, "Yes", "No"))
rc = sp1.IsSubsetOf(sp2)
Console.WriteLine("Is the permission with OpenStore access a subset of the permission with " + _
vbLf + vbTab + "complete store access (AllFlags)? " + IIf(rc, "Yes", "No"))
rc = sp3.IsUnrestricted()
Console.WriteLine("Is the third permission unrestricted? " + IIf(rc, "Yes", "No"))
Console.WriteLine("Copying the second permission to the fourth permission.")
sp4 = CType(sp2.Copy(), System.Security.Permissions.StorePermission)
rc = sp4.Equals(sp2)
Console.WriteLine("Is the fourth permission equal to the second permission? " + _
IIf(rc, "Yes", "No"))
Console.WriteLine("Creating the intersection of the second and first permissions.")
sp4 = CType(sp2.Intersect(sp1), System.Security.Permissions.StorePermission)
Console.WriteLine("Value of the Flags property is: " + sp4.Flags.ToString())
Console.WriteLine("Creating the union of the second and first permissions.")
sp4 = CType(sp2.Union(sp1), System.Security.Permissions.StorePermission)
Console.WriteLine("Result of the union of the second permission with the first: " + _
sp4.Flags)
Console.WriteLine("Using an XML roundtrip to reset the fourth permission.")
sp4.FromXml(sp2.ToXml())
rc = sp4.Equals(sp2)
Console.WriteLine("Does the XML roundtrip result equal the original permission? " + _
IIf(rc, "Yes", "No"))
End Sub
End Class 'X509store2
using System;
using System.Security.Permissions;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Security;
using System.IO;
[assembly:
StorePermission(SecurityAction.RequestMinimum, Flags = StorePermissionFlags.DeleteStore)]
public class X509store2
{
public static void Main(string[] args)
{
Console.WriteLine("Creating a permission with Flags = OpenStore.");
StorePermission sp = new StorePermission(StorePermissionFlags.OpenStore);
//Create a new X509 store named teststore from the local certificate store.
//You must put in a valid path to a certificate in the following constructor.
X509Certificate2 certificate = new X509Certificate2("c:\\certificates\\*****.cer");
// Deny the permission to open a store.
sp.Deny();
// The following code results in an exception due to an attempt to open a store.
AddToStore(certificate);
// Remove the deny for opening a store.
CodeAccessPermission.RevertDeny();
// The following code results in an exception due to an attempt to add a certificate.
// The exception is thrown due to a StorePermissionAttribute on the method denying AddToStore permission.
AddToStore(certificate);
// The current code is not affected by the attribute in the previously called method, so the following
// intructions execute without an exception.
X509Store store = new X509Store("teststore", StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadWrite);
store.Add(certificate);
// Demonstrate the behavior of the class members.
ShowMembers();
Console.WriteLine("Press the Enter key to exit.");
Console.ReadKey();
return;
}
//Deny the permission the ability to add to a store.
[StorePermission(SecurityAction.Deny, Flags = StorePermissionFlags.AddToStore)]
private static void AddToStore(X509Certificate2 cert)
{
try
{
X509Store store = new X509Store("teststore", StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadWrite);
// The following attempt to add a certificate results in an exception being thrown.
store.Add(cert);
return;
}
catch (SecurityException e)
{
Console.WriteLine("Security exception thrown when attempting: " +
((StorePermission)e.FirstPermissionThatFailed).Flags);
return;
}
}
// The following method is intended to demonstrate only the behavior of
// StorePermission class members,and not their practical usage. Most properties
// and methods in this class are used for the resolution and enforcement of
// security policy by the security infrastructure code.
private static void ShowMembers()
{
Console.WriteLine("Creating first permission with Flags = OpenStore.");
StorePermission sp1 = new StorePermission(StorePermissionFlags.OpenStore);
Console.WriteLine("Creating second permission with Flags = AllFlags.");
StorePermission sp2 = new StorePermission(StorePermissionFlags.AllFlags);
Console.WriteLine("Creating third permission as Unrestricted.");
StorePermission sp3 = new StorePermission(PermissionState.Unrestricted);
Console.WriteLine("Creating fourth permission with a permission state of none.");
StorePermission sp4 = new StorePermission(PermissionState.None);
bool rc = sp2.IsSubsetOf(sp3);
Console.WriteLine("Is the permission with complete store access (AllFlags) a subset of \n" +
"\tthe permission with an Unrestricted permission state? " + (rc ? "Yes" : "No"));
rc = sp1.IsSubsetOf(sp2);
Console.WriteLine("Is the permission with OpenStore access a subset of the permission with \n" +
"\tcomplete store access (AllFlags)? " + (rc ? "Yes" : "No"));
rc = sp3.IsUnrestricted();
Console.WriteLine("Is the third permission unrestricted? " + (rc ? "Yes" : "No"));
Console.WriteLine("Copying the second permission to the fourth permission.");
sp4 = (StorePermission)sp2.Copy();
rc = sp4.Equals(sp2);
Console.WriteLine("Is the fourth permission equal to the second permission? " + (rc ? "Yes" : "No"));
Console.WriteLine("Creating the intersection of the second and first permissions.");
sp4 = (StorePermission)sp2.Intersect(sp1);
Console.WriteLine("Value of the Flags property is: " + sp4.Flags.ToString());
Console.WriteLine("Creating the union of the second and first permissions.");
sp4 = (StorePermission)sp2.Union(sp1);
Console.WriteLine("Result of the union of the second permission with the first: " + sp4.Flags);
Console.WriteLine("Using an XML roundtrip to reset the fourth permission.");
sp4.FromXml(sp2.ToXml());
rc = sp4.Equals(sp2);
Console.WriteLine("Does the XML roundtrip result equal the original permission? " + (rc ? "Yes" : "No"));
}
}
#using <System.Security.dll>
using namespace System;
using namespace System::Security::Permissions;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::Security;
using namespace System::IO;
[assembly:StorePermissionAttribute(SecurityAction::RequestMinimum,
Flags=StorePermissionFlags::DeleteStore)];
void AddToStore( X509Certificate2 ^ cert );
void ShowMembers();
int main()
{
Console::WriteLine( "Creating a permission with Flags = OpenStore." );
StorePermission ^ sp = gcnew StorePermission( StorePermissionFlags::OpenStore );
//Create a new X509 store named teststore from the local certificate store.
//You must put in a valid path to a certificate in the following constructor.
X509Certificate2 ^ certificate = gcnew X509Certificate2( "c:\\certificates\\*****.cer" );
// Deny the permission to open a store.
sp->Deny();
// The following code results in an exception due to an attempt to open a store.
AddToStore( certificate );
// Remove the deny for opening a store.
CodeAccessPermission::RevertDeny();
// The following code results in an exception due to an attempt to add a certificate.
// The exception is thrown due to a StorePermissionAttribute on the method denying AddToStore permission.
AddToStore( certificate );
// The current code is not affected by the attribute in the previously called method, so the following
// intructions execute without an exception.
X509Store ^ store = gcnew X509Store( "teststore",StoreLocation::CurrentUser );
store->Open( OpenFlags::ReadWrite );
store->Add( certificate );
// Demonstrate the behavior of the class members.
ShowMembers();
Console::WriteLine( "Press the Enter key to exit." );
Console::ReadKey();
}
//Deny the permission the ability to add to a store.
[StorePermission(SecurityAction::Deny,Flags=StorePermissionFlags::AddToStore)]
void AddToStore( X509Certificate2 ^ cert )
{
try
{
X509Store ^ store = gcnew X509Store( "teststore",StoreLocation::CurrentUser );
store->Open( OpenFlags::ReadWrite );
// The following attempt to add a certificate results in an exception being thrown.
store->Add( cert );
return;
}
catch ( SecurityException^ e )
{
Console::WriteLine( "Security exception thrown when attempting: {0}",
(dynamic_cast<StorePermission^>(e->FirstPermissionThatFailed))->Flags );
return;
}
}
// The following function is intended to demonstrate only the behavior of
// StorePermission class members,and not their practical usage. Most properties
// and methods in this class are used for the resolution and enforcement of
// security policy by the security infrastructure code.
void ShowMembers()
{
Console::WriteLine( "Creating first permission with Flags = OpenStore." );
StorePermission ^ sp1 = gcnew StorePermission( StorePermissionFlags::OpenStore );
Console::WriteLine( "Creating second permission with Flags = AllFlags." );
StorePermission ^ sp2 = gcnew StorePermission( StorePermissionFlags::AllFlags );
Console::WriteLine( "Creating third permission as Unrestricted." );
StorePermission ^ sp3 = gcnew StorePermission( PermissionState::Unrestricted );
Console::WriteLine( "Creating fourth permission with a permission state of none." );
StorePermission ^ sp4 = gcnew StorePermission( PermissionState::None );
bool rc = sp2->IsSubsetOf( sp3 );
Console::WriteLine( "Is the permission with complete store access (AllFlags) a subset of \n"
"\tthe permission with an Unrestricted permission state? {0}", (rc ? (String^)"Yes" : "No") );
rc = sp1->IsSubsetOf( sp2 );
Console::WriteLine( "Is the permission with OpenStore access a subset of the permission with \n"
"\tcomplete store access (AllFlags)? {0}", (rc ? (String^)"Yes" : "No") );
rc = sp3->IsUnrestricted();
Console::WriteLine( "Is the third permission unrestricted? {0}", (rc ? (String^)"Yes" : "No") );
Console::WriteLine( "Copying the second permission to the fourth permission." );
sp4 = dynamic_cast<StorePermission^>(sp2->Copy());
rc = sp4->Equals( sp2 );
Console::WriteLine( "Is the fourth permission equal to the second permission? {0}", (rc ? (String^)"Yes" : "No") );
Console::WriteLine( "Creating the intersection of the second and first permissions." );
sp4 = dynamic_cast<StorePermission^>(sp2->Intersect( sp1 ));
Console::WriteLine( "Value of the Flags property is: {0}", sp4->Flags );
Console::WriteLine( "Creating the union of the second and first permissions." );
sp4 = dynamic_cast<StorePermission^>(sp2->Union( sp1 ));
Console::WriteLine( "Result of the union of the second permission with the first: {0}", sp4->Flags );
Console::WriteLine( "Using an XML roundtrip to reset the fourth permission." );
sp4->FromXml( sp2->ToXml() );
rc = sp4->Equals( sp2 );
Console::WriteLine( "Does the XML roundtrip result equal the original permission? {0}", (rc ? (String^)"Yes" : "No") );
}