StrongNameIdentityPermission Class
Assembly: mscorlib (in mscorlib.dll)
'Declaration <SerializableAttribute> _ <ComVisibleAttribute(True)> _ Public NotInheritable Class StrongNameIdentityPermission Inherits CodeAccessPermission 'Usage Dim instance As StrongNameIdentityPermission
/** @attribute SerializableAttribute() */ /** @attribute ComVisibleAttribute(true) */ public final class StrongNameIdentityPermission extends CodeAccessPermission
SerializableAttribute ComVisibleAttribute(true) public final class StrongNameIdentityPermission extends CodeAccessPermission
Use StrongNameIdentityPermission to achieve versioning and naming protection by confirming that the calling code is in a particular strong-named code assembly.
A strong name identity is based on a cryptographic public key called a blob optionally combined with the name and version of a specific assembly. The key defines a unique namespace and provides strong verification that the name is genuine, because the definition of the name must be in an assembly signed by the corresponding private key.
Note that the validity of the strong name key is not dependent on a trust relationship or any certificate necessarily being issued for the key.
Note |
|---|
| Full demands for StrongNameIdentityPermission succeed only if all the assemblies in the stack have the correct evidence to satisfy the demand. Link demands using StrongNameIdentityPermissionAttribute succeed if only the immediate caller has the correct evidence. |
For a complete description of strong names, see StrongName. For more information on strong-named assemblies, see Strong-Named Assemblies.
The StrongNameIdentityPermission class is used to define strong-name requirements for access to the public members of a type. The StrongNameIdentityPermissionAttribute attribute can be used to define strong-name requirements at the assembly level. In .NET Framework version 2.0 you can also use InternalsVisibleToAttribute to specify that all nonpublic types in that assembly are visible to another assembly. For more information see Friend Assemblies (C# Programming Guide).
The following code example demonstrates the use of the StrongNameIdentityPermission class. The example is in the form of a class library, which applies both the StrongNameIdentityPermissionAttribute attribute and the StrongNameIdentityPermission to demand that the caller be signed with a specific strong name.
' The following commented code should be compiled as a console application to execute the ' class library example. ' 'Imports System 'Imports System.Reflection 'Imports StrongNamedLibVb '<Assembly: AssemblyVersion("1.0.0.0")> '<Assembly: AssemblyKeyFile("snKey.snk")> 'Public Class StrongNameTest ' ' Demonstrate the declarative and imperative forms of the StrongNameIdentityPermission. ' Public Shared Sub Main() ' Try ' Dim signed As New Signed ' signed.GetWindirImperative() ' signed.GetWindirDeclarative() ' Console.WriteLine("Called the signed library successfully.") ' Catch e As Exception ' Console.WriteLine(("Exception thrown in called assembly: " + e.Message)) ' End Try ' End Sub 'Main 'End Class 'StrongNameTest Imports System Imports System.Security.Permissions Imports System.Reflection Imports Microsoft.VisualBasic <assembly: AssemblyVersion("1.0.*")> <Assembly: AssemblyKeyFile("snKey.snk")> ' Demand that the calling assembly has a specific strong name key. ' Use Sn.exe to generate the public key string used for the demand. <StrongNameIdentityPermissionAttribute(SecurityAction.Demand, PublicKey:= _ "0024000004800000940000000602000000240000525341310004000001000100ed92913322617b" + _ "c45aae29aaaddd29c1af270797b200e698da08ceceaa546f911ad09ef0f6dbe4221fa30b8210c7" + _ "6fe004702e540068e526273f35bd009d2026226d00ab72f4223b09e896c0f7af688fab2adb4242" + _ "c2bfda793b5c2a259e0d6cd2bd09cbcc20305bd465c113e36b19854602dc53ce4766f568fc576d" + _ "be3822b4")> _ Public Class Signed ' Read the environment windir variable. Public Sub GetWindirImperative() Try ' Use Sn.exe to generate the byte array for the public key. Dim b1 As Byte() = {0, 36, 0, 0, 4, 128, 0, 0, 148, 0, 0, 0, 6, 2, 0, 0, 0, _ 36, 0, 0, 82, 83, 65, 49, 0, 4, 0, 0, 1, 0, 1, 0, 237, 146, 145, 51, 34, _ 97, 123, 196, 90, 174, 41, 170, 173, 221, 41, 193, 175, 39, 7, 151, 178, 0, _ 230, 152, 218, 8, 206, 206, 170, 84, 111, 145, 26, 208, 158, 240, 246, 219, _ 228, 34, 31, 163, 11, 130, 16, 199, 111, 224, 4, 112, 46, 84, 0, 104, 229, _ 38, 39, 63, 53, 189, 0, 157, 32, 38, 34, 109, 0, 171, 114, 244, 34, 59, 9, _ 232, 150, 192, 247, 175, 104, 143, 171, 42, 219, 66, 66, 194, 191, 218, 121, _ 59, 92, 42, 37, 158, 13, 108, 210, 189, 9, 203, 204, 32, 48, 91, 212, 101, _ 193, 19, 227, 107, 25, 133, 70, 2, 220, 83, 206, 71, 102, 245, 104, 252, _ 87, 109, 190, 56, 34, 180} ' Specify the version of the calling assembly. Dim v1 As New Version("1.0.0.0") Dim blob As New StrongNamePublicKeyBlob(b1) If (ComparePublicKeys()) Then Console.WriteLine("Calling assembly has same key as this assembly.") Else Console.WriteLine("Calling assembly has different key than this assembly.") End If ' Create different permissions to exercise the set operations. Dim snPerm As New StrongNameIdentityPermission(blob, "StrongNamedExeVb", v1) snPerm.Demand() ' Return the location of the Windows directory that is found in ' the windir environment variable. Console.WriteLine(Environment.GetEnvironmentVariable("windir")) Catch e As Exception Console.WriteLine(("Exception thrown in called assembly: " + e.Message)) End Try End Sub 'GetWindir Public Sub GetWindirDeclarative() Try ' Return the location of the Windows directory that is found in ' the windir environment variable. Console.WriteLine(Environment.GetEnvironmentVariable("windir")) Catch e As Exception Console.WriteLine(("Exception thrown in called assembly: " + e.Message)) End Try End Sub 'GetWindir Public Shared Function ComparePublicKeys() As Boolean Try Dim callingAssembly As [Assembly] ' Create a target object. Dim Integer1 As New Int32 Dim Type1 As Type ' Set the Type instance to the target class type. Type1 = Integer1.GetType() ' Create an instance of the assembly class to house the Integer type. callingAssembly = [Assembly].GetAssembly(Integer1.GetType()) ' Display the name of the calling assembly. Dim entryAssembly As [Assembly] = [Assembly].GetEntryAssembly() Dim mainAssembly As String = entryAssembly.FullName Console.WriteLine(("Calling assembly = " + entryAssembly.FullName)) ' Get the name of the assembly being called (this assembly). Dim thisAssembly As String = [Assembly].GetCallingAssembly().FullName Console.WriteLine(("Called assembly=" + thisAssembly)) Dim tokenIndex1 As Integer = thisAssembly.LastIndexOf("PublicKeyToken") Dim tokenIndex2 As Integer = mainAssembly.LastIndexOf("PublicKeyToken") Dim testString1 As String = thisAssembly.Substring(tokenIndex1, 31) Dim testString2 As String = mainAssembly.Substring(tokenIndex2, 31) Return testString1.Equals(testString2) Catch Console.WriteLine("This is an unexpected exception") Throw End Try End Function 'ComparePublicKeys End Class 'Signed
package SignedLib ;
// The following commented code should be compiled as an console application
// to execute the class library example.
// import System .* ;
// import System.Reflection .* ;
// import SignedLib .* ;
// /** @assembly AssemblyVersion("1.0.0.0")
// */
// /** @assembly AssemblyKeyFile("snKey.snk")
// */
// public class StrongNameTest
// {
// //Demonstrate the declarative and imperative forms of the
// // StrongNameIdentityPermission.
// public static void main(String[] args)
// {
// try {
// Signed signedLib = new Signed();
// signedLib.GetWindirImperative();
// signedLib.GetWindirDeclarative();
// Console.WriteLine(("Called the signed library assembly "
// + "methods successfully."));
// }
// catch(System.Exception e) {
// Console.WriteLine(("Exception thrown in called assembly: "
// + e.get_Message()));
// }
// } //main
// } //StrongNameTest
// Class library example to demonstrate StrongNameIdentityPermission and
// StrongNameIdentityPermissionAttribute.
import System.*;
import System.Security.Permissions.*;
import System.Reflection.*;
/** @assembly AssemblyVersion("1.0.*")
*/
/** @assembly AssemblyKeyFile("snKey.snk")
*/
public class Signed
{
// Read the windir environment variable.
public void GetWindirImperative()
{
try {
// Use Sn.exe to generate the byte array for the public key.
ubyte b1[] = { 0, 36, 0, 0, 4, 128, 0, 0, 148, 0, 0, 0, 6, 2,
0, 0, 0, 36, 0, 0, 82, 83, 65, 49, 0, 4, 0, 0, 1, 0, 1, 0,
237, 146, 145, 51, 34, 97, 123, 196, 90, 174, 41, 170, 173,
221, 41, 193, 175, 39, 7, 151, 178, 0, 230, 152, 218, 8,
206, 206, 170, 84, 111, 145, 26, 208, 158, 240, 246, 219,
228, 34, 31, 163, 11, 130, 16, 199, 111, 224, 4, 112, 46,
84, 0, 104, 229, 38, 39, 63, 53, 189, 0, 157, 32, 38, 34,
109, 0, 171, 114, 244, 34, 59, 9, 232, 150, 192, 247, 175,
104, 143, 171, 42, 219, 66, 66, 194, 191, 218, 121, 59, 92,
42, 37, 158, 13, 108, 210, 189, 9, 203, 204, 32, 48, 91,
212, 101, 193, 19, 227, 107, 25, 133, 70, 2, 220, 83, 206,
71, 102, 245, 104, 252, 87, 109, 190, 56, 34, 180};
// Specify the version of the calling assembly.
Version v1 = new Version("1.0.0.0");
StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob(b1);
Console.WriteLine((ComparePublicKeys()) ? "Calling assembly "
+ "has same key as this assembly " : "Calling assembly has "
+ "different key than this assembly");
// Create different permissions to exercise the set operations.
StrongNameIdentityPermission snPerm =
new StrongNameIdentityPermission(blob, "StrongNamedExe", v1);
snPerm.Demand();
// Return the location of the Windows directory that is found in
// the windir environment variable.
Console.WriteLine(Environment.GetEnvironmentVariable("windir"));
}
catch (System.Exception e) {
Console.WriteLine(("Exception thrown in called assembly: "
+ e.get_Message()));
}
} //GetWindirImperative
// Use an attribute to demand that the calling assembly has a
// specific strong name key.
// Use Sn.exe to generate the public key string used for the demand.
/** @attribute StrongNameIdentityPermissionAttribute(
SecurityAction.Demand, PublicKey =
"0024000004800000940000000602000000240000525341310004000001000100ed" +
"92913322617b" + "c45aae29aaaddd29c1af270797b200e698da08ceceaa546f" +
"911ad09ef0f6dbe4221fa30b8210c7" + "6fe004702e540068e526273f35bd009d" +
"2026226d00ab72f4223b09e896c0f7af688fab2adb4242" + "c2bfda793b5c2a259" +
"e0d6cd2bd09cbcc20305bd465c113e36b19854602dc53ce4766f568fc576d" +
"be3822b4")
*/
public void GetWindirDeclarative()
{
try {
// Return the location of the Windows directory that is found in
// the windir environment variable.
Console.WriteLine(Environment.GetEnvironmentVariable("windir"));
}
catch (System.Exception e) {
Console.WriteLine(("Exception thrown in called assembly: "
+ e.get_Message()));
}
} //GetWindirDeclarative
public static boolean ComparePublicKeys() throws Exception
{
try {
Assembly callingAssembly;
// Create a target object.
Int32 integer1 = new Int32();
Type type1;
// Set the Type instance to the target class type.
type1 = integer1.GetType();
// Create an instance of the assembly class to house the Integer
// type.
callingAssembly = Assembly.GetAssembly(integer1.GetType());
// Display the name of the calling assembly.
Assembly entryAssembly = Assembly.GetEntryAssembly();
String mainAssembly = entryAssembly.get_FullName();
Console.WriteLine(("Calling assembly = "
+ entryAssembly.get_FullName()));
// Get the name of the assembly being called (this assembly).
String thisAssembly = Assembly.GetCallingAssembly().
get_FullName();
Console.WriteLine(("Called assembly=" + thisAssembly));
int tokenIndex1 = thisAssembly.LastIndexOf("PublicKeyToken");
int tokenIndex2 = mainAssembly.LastIndexOf("PublicKeyToken");
String testString1 = thisAssembly.Substring(tokenIndex1, 31);
String testString2 = mainAssembly.Substring(tokenIndex2, 31);
return testString1.Equals(testString2);
}
catch (System.Exception exp) {
Console.WriteLine("This is an unexpected exception");
throw new Exception();
}
} //ComparePublicKeys
} //Signed
The following code example demonstrates the behavior of the StrongNameIdentityPermission methods. The purpose of this sample is to show the results of the methods, not to show how the methods are used.
Imports System Imports System.Security Imports System.Security.Permissions Public Class StrongNameIdentityDemo ' Public key Private Shared b1 As Byte() = {0, 36, 0, 0, 4, 128, 0, 0, 148, 0, 0, 0, 6, 2, 0, 0, 0, 36, 0, 0, 82, 83, 65, 49, 0, 4, 0, 0, 1, 0, 1, 0, 237, 146, 145, 51, 34, 97, 123, 196, 90, 174, 41, 170, 173, 221, 41, 193, 175, 39, 7, 151, 178, 0, 230, 152, 218, 8, 206, 206, 170, 84, 111, 145, 26, 208, 158, 240, 246, 219, 228, 34, 31, 163, 11, 130, 16, 199, 111, 224, 4, 112, 46, 84, 0, 104, 229, 38, 39, 63, 53, 189, 0, 157, 32, 38, 34, 109, 0, 171, 114, 244, 34, 59, 9, 232, 150, 192, 247, 175, 104, 143, 171, 42, 219, 66, 66, 194, 191, 218, 121, 59, 92, 42, 37, 158, 13, 108, 210, 189, 9, 203, 204, 32, 48, 91, 212, 101, 193, 19, 227, 107, 25, 133, 70, 2, 220, 83, 206, 71, 102, 245, 104, 252, 87, 109, 190, 56, 34, 180} Private blob As New StrongNamePublicKeyBlob(b1) ' Use this version number. Private v1 As New Version("1.0.0.0") ' IsSubsetOf determines whether the current permission is a subset of the specified permission. Private Function IsSubsetOfDemo() As Boolean Dim returnValue As Boolean = True Dim snIdPerm1, snIdPerm2 As StrongNameIdentityPermission snIdPerm1 = New StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", New Version("1.0.0.0")) snIdPerm2 = New StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.MyFile", New Version("1.0.0.0")) If snIdPerm1.IsSubsetOf(snIdPerm2) Then Console.WriteLine("MyCompany.MyDepartment.* is a subset " + "of MyCompany.MyDepartment.MyFile " + vbLf) Else Console.WriteLine("MyCompany.MyDepartment.*" + " is not a subset of MyCompany.MyDepartment.MyFile " + vbLf) End If Return returnValue End Function 'IsSubsetOfDemo ' Union creates a new permission that is the union of the current permission and the specified permission. Private Function UnionDemo() As Boolean Dim returnValue As Boolean = True Dim snIdPerm1, snIdPerm2 As StrongNameIdentityPermission Dim snIdPerm3 As IPermission snIdPerm1 = New StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", New Version("1.0.0.0")) snIdPerm2 = New StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.MyFile", New Version("1.0.0.0")) snIdPerm3 = CType(snIdPerm1.Union(snIdPerm2), StrongNameIdentityPermission) Try Console.WriteLine("The union of MyCompany.MyDepartment.*" + "and MyCompany.MyDepartment.MyFile is " + CType(snIdPerm3, StrongNameIdentityPermission).Name.ToString()) Catch e As Exception Console.WriteLine("An expected exception was thrown: " + e.Message) End Try Return returnValue End Function 'UnionDemo ' Intersect creates and returns a new permission that is the intersection of the current ' permission and the permission specified. Private Function IntersectDemo() As Boolean Dim returnValue As Boolean = True Dim snIdPerm1, snIdPerm2, snIdPerm3 As StrongNameIdentityPermission snIdPerm1 = New StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", New Version("1.0.0.0")) snIdPerm2 = New StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.MyFile", New Version("1.0.0.0")) Try snIdPerm3 = CType(snIdPerm1.Intersect(snIdPerm2), StrongNameIdentityPermission) Console.WriteLine("The intersection of MyCompany.MyDepartment.*" + "MyCompany.MyDepartment.MyFile is " + CType(snIdPerm3, StrongNameIdentityPermission).Name.ToString()) Catch e As Exception Console.WriteLine("An exception was thrown: " + e.ToString()) returnValue = False End Try Return returnValue End Function 'IntersectDemo 'Copy creates and returns an identical copy of the current permission. Private Function CopyDemo() As Boolean Dim returnValue As Boolean = True Dim snIdPerm1, snIdPerm2 As StrongNameIdentityPermission snIdPerm1 = New StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", New Version("1.0.0.0")) snIdPerm2 = New StrongNameIdentityPermission(PermissionState.None) snIdPerm2 = CType(snIdPerm1.Copy(), StrongNameIdentityPermission) Console.WriteLine("Result of copy = " + snIdPerm2.ToString() + vbLf) Return returnValue End Function 'CopyDemo ' ToXml creates an XML encoding of the permission and its current state; 'FromXml reconstructs a permission with the specified state from the XML encoding. Private Function ToFromXmlDemo() As Boolean Dim returnValue As Boolean = True Dim snIdPerm1, snIdPerm2 As StrongNameIdentityPermission snIdPerm1 = New StrongNameIdentityPermission(blob, "MyCompany.MyDepartment.*", New Version("1.0.0.0")) snIdPerm2 = New StrongNameIdentityPermission(PermissionState.None) snIdPerm2.FromXml(snIdPerm1.ToXml()) Console.WriteLine("Result of ToFromXml = " + snIdPerm2.ToString() + vbLf) Return returnValue End Function 'ToFromXmlDemo ' Invoke all demos. Public Function runDemo() As Boolean Dim ret As Boolean = True Dim retTmp As Boolean ' Call the IsSubsetOf demo. retTmp = IsSubsetOfDemo() If retTmp Then Console.Out.WriteLine("IsSubsetOf demo completed successfully.") Else Console.Out.WriteLine("IsSubsetOf demo failed.") End If ret = retTmp AndAlso ret ' Call the Union demo. retTmp = UnionDemo() If retTmp Then Console.Out.WriteLine("Union demo completed successfully.") Else Console.Out.WriteLine("Union demo failed.") End If ret = retTmp AndAlso ret ' Call the Intersect demo. retTmp = IntersectDemo() If retTmp Then Console.Out.WriteLine("Intersect demo completed successfully.") Else Console.Out.WriteLine("Intersect demo failed.") End If ret = retTmp AndAlso ret ' Call the Copy demo. retTmp = CopyDemo() If retTmp Then Console.Out.WriteLine("Copy demo completed successfully") Else Console.Out.WriteLine("Copy demo failed.") End If ret = retTmp AndAlso ret ' Call the ToFromXml demo. retTmp = ToFromXmlDemo() If retTmp Then Console.Out.WriteLine("ToFromXml demo completed successfully") Else Console.Out.WriteLine("ToFromXml demo failed.") End If ret = retTmp AndAlso ret Console.WriteLine("********************************************************" + ControlChars.Lf) Return ret End Function 'runDemo ' Test harness. Public Overloads Shared Sub Main(ByVal args() As [String]) Try Dim democase As New StrongNameIdentityDemo() Dim ret As Boolean = democase.runDemo() If ret Then Console.Out.WriteLine("StrongNameIdentity demo completed successfully.") Console.Out.WriteLine("Press the Enter key to exit.") Dim consoleInput As String = Console.ReadLine() System.Environment.ExitCode = 100 Else Console.Out.WriteLine("StrongNameIdentity demo failed.") Console.Out.WriteLine("Press the Enter key to exit.") Dim consoleInput As String = Console.ReadLine() System.Environment.ExitCode = 101 End If Catch e As Exception Console.Out.WriteLine("StrongNameIdentity demo failed.") Console.WriteLine(e.ToString()) Console.Out.WriteLine("Press the Enter key to exit.") Dim consoleInput As String = Console.ReadLine() System.Environment.ExitCode = 101 End Try End Sub 'Main End Class 'StrongNameIdentityDemo
System.Security.CodeAccessPermission
System.Security.Permissions.StrongNameIdentityPermission
Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.
Note