Evidence Class


The .NET API Reference documentation has a new home. Visit the .NET API Browser on docs.microsoft.com to see the new experience.

Defines the set of information that constitutes input to security policy decisions. This class cannot be inherited.

Namespace:   System.Security.Policy
Assembly:  mscorlib (in mscorlib.dll)


Public NotInheritable Class Evidence
	Implements ICollection, IEnumerable


Initializes a new empty instance of the Evidence class.


Initializes a new instance of the Evidence class from a shallow copy of an existing one.

System_CAPS_pubmethodEvidence(EvidenceBase(), EvidenceBase())

Initializes a new instance of the Evidence class from multiple sets of host and assembly evidence.

System_CAPS_pubmethodEvidence(Object(), Object())

Obsolete. Initializes a new instance of the Evidence class from multiple sets of host and assembly evidence.


Obsolete. Gets the number of evidence objects in the evidence set.


Gets a value indicating whether the evidence set is read-only.


Gets a value indicating whether the evidence set is thread-safe.


Gets or sets a value indicating whether the evidence is locked.


Gets the synchronization root.


Obsolete. Adds the specified assembly evidence to the evidence set.

System_CAPS_pubmethodAddAssemblyEvidence(Of T)(T)

Adds an evidence object of the specified type to the assembly-supplied evidence list.


Obsolete. Adds the specified evidence supplied by the host to the evidence set.

System_CAPS_pubmethodAddHostEvidence(Of T)(T)

Adds host evidence of the specified type to the host evidence collection.


Removes the host and assembly evidence from the evidence set.


Returns a duplicate copy of this evidence object.

System_CAPS_pubmethodCopyTo(Array, Int32)

Obsolete. Copies evidence objects to an Array.


Determines whether the specified object is equal to the current object.(Inherited from Object.)


Enumerates evidence provided by the assembly.

System_CAPS_pubmethodGetAssemblyEvidence(Of T)()

Gets assembly evidence of the specified type from the collection.


Obsolete. Enumerates all evidence in the set, both that provided by the host and that provided by the assembly.


Serves as the default hash function. (Inherited from Object.)


Enumerates evidence supplied by the host.

System_CAPS_pubmethodGetHostEvidence(Of T)()

Gets host evidence of the specified type from the collection.


Gets the Type of the current instance.(Inherited from Object.)


Merges the specified evidence set into the current evidence set.


Removes the evidence for a given type from the host and assembly enumerations.


Returns a string that represents the current object.(Inherited from Object.)


Overloaded. Enables parallelization of a query.(Defined by ParallelEnumerable.)


Overloaded. Converts an IEnumerable to an IQueryable.(Defined by Queryable.)

System_CAPS_pubmethodCast(Of TResult)()

Casts the elements of an IEnumerable to the specified type.(Defined by Enumerable.)

System_CAPS_pubmethodOfType(Of TResult)()

Filters the elements of an IEnumerable based on a specified type.(Defined by Enumerable.)

Common forms of evidence include signatures and location of origin of code, but can potentially be anything. Objects of any type that are recognized by security policy represent evidence.

Security policy is composed of code groups; a particular assembly (the basic unit of code for granting security permissions) is a member of a code group if it satisfies the code group's membership condition. Evidence is the set of inputs to policy that membership conditions use to determine to which code groups an assembly belongs.

The Evidence class is a collection (see ICollection) that holds a set of objects that represent evidence. This class holds two sets that correspond to the source of the evidence: host evidence and assembly evidence.

Policy can get evidence from two different sources when evaluating permissions for code.

  • Host evidence is provided by the host, and can only be provided by hosts that have been granted the ControlEvidence permission. Typically, this is evidence of the origin of the code and digital signatures on the assembly. Evidence about origin typically includes Url, Site, and Zone evidence. Signatures refer to software publisher (AuthentiCode X.509v3 signature) and strong name identities. Both kinds of digital signature-based identity are built into the assembly, but must be validated and passed to policy by the host; when loaded, the security system verifies the signature. The system then creates the appropriate evidence and passes it to policy only if the corresponding signature is valid.

  • Assembly evidence is part of the assembly itself. Developers or administrators can attach custom evidence to the assembly to extend the set of evidence for policy. Assembly evidence can only be added at the time of assembly generation, which occurs before the assembly is signed. The default policy of the security system ignores assembly-provided evidence, but policy can be extended to accept it.

The following code example demonstrates how to create new Evidence classes with both host evidence and assembly evidence.

Imports System
Imports System.Collections
Imports System.Security
Imports System.Security.Policy
Imports System.Security.Permissions
Imports System.Globalization
Imports Microsoft.VisualBasic

Public Class Evidence_Example

    Public Function CreateEvidence() As Boolean
        Dim retVal As Boolean = True

            ' Create empty evidence using the default contructor.
            Dim ev1 As New Evidence
            Console.WriteLine("Created empty evidence with the default constructor.")

            ' Constructor used to create null host evidence.
            Dim ev2a As New Evidence(Nothing)
            Console.WriteLine("Created an Evidence object with null host evidence.")

            ' Constructor used to create host evidence.
            Dim url As New Url("http://www.treyresearch.com")
            Console.WriteLine(("Adding host evidence " & url.ToString()))
            Dim ev2b As New Evidence(ev2a)
            Console.WriteLine("Copy evidence into new evidence")
            Dim enum1 As IEnumerator = ev2b.GetHostEnumerator()
            ' Constructor used to create both host and assembly evidence.
            Dim oa1() As [Object]
            Dim site As New Site("www.wideworldimporters.com")
            Dim oa2 As [Object]() = {url, site}
            Dim ev3a As New Evidence(oa1, oa2)
            enum1 = ev3a.GetHostEnumerator()
            Dim enum2 As IEnumerator = ev3a.GetAssemblyEnumerator()
            Dim obj1 As [Object] = enum2.Current
            Console.WriteLine(("URL = " & obj1.ToString() & "  Site = " & enum2.Current.ToString()))
            ' Constructor used to create null host and null assembly evidence.
            Dim ev3b As New Evidence(Nothing, Nothing)
            Console.WriteLine("Create new evidence with null host and assembly evidence")

        Catch e As Exception
            Console.WriteLine("Fatal error: {0}", e.ToString())
            Return False
        End Try

        Return retVal
    End Function 'CreateEvidence

    Public Function DemonstrateEvidenceMembers() As Evidence
        Dim myEvidence As New Evidence
        Dim sPubKeyBlob As String = "00240000048000009400000006020000" & "00240000525341310004000001000100" & "19390E945A40FB5730204A25FA5DC4DA" & "B18688B412CB0EDB87A6EFC50E2796C9" & "B41AD3040A7E46E4A02516C598678636" & "44A0F74C39B7AB9C38C01F10AF4A5752" & "BFBCDF7E6DD826676AD031E7BCE63393" & "495BAD2CA4BE03B529A73C95E5B06BE7" & "35CA0F622C63E8F54171BD73E4C8F193" & "CB2664163719CA41F8159B8AC88F8CD3"
        Dim pubkey As [Byte]() = HexsToArray(sPubKeyBlob)

        ' Create a strong name.
        Dim mSN As New StrongName(New StrongNamePublicKeyBlob(pubkey), "SN01", New Version(""))

        ' Create assembly and host evidence.
        Console.WriteLine("Adding assembly evidence.")
        myEvidence.AddAssembly(New Version(""))
        Console.WriteLine(("Count of evidence items = " & myEvidence.Count.ToString()))
        Dim url As New Url("http://www.treyresearch.com")
        Console.WriteLine(("Adding host evidence " & url.ToString()))
        Console.WriteLine(("Count of evidence items = " & myEvidence.Count.ToString()))
        Console.WriteLine(ControlChars.Lf & "Copy the evidence to an array using CopyTo, then display the array.")
        Dim evidenceArray(myEvidence.Count - 1) As Object
        myEvidence.CopyTo(evidenceArray, 0)
        Dim obj As Object
        For Each obj In evidenceArray
        Next obj
        Console.WriteLine(ControlChars.Lf & "Display the contents of the properties.")
        Console.WriteLine("Locked is the only property normally used by code.")
        Console.WriteLine("IsReadOnly, IsSynchronized, and SyncRoot properties are not normally used.")
        Console.WriteLine((ControlChars.Lf & "The default value for the Locked property = " & myEvidence.Locked.ToString()))
        Console.WriteLine(ControlChars.Lf & "Get the hashcode for the evidence.")
        Console.WriteLine(("HashCode = " & myEvidence.GetHashCode().ToString()))
        Console.WriteLine(ControlChars.Lf & "Get the type for the evidence.")
        Console.WriteLine(("Type = " & myEvidence.GetType().ToString()))
        Console.WriteLine(ControlChars.Lf & "Merge new evidence with the current evidence.")
        Dim oa1() As [Object]
        Dim site As New Site("www.wideworldimporters.com")
        Dim oa2 As [Object]() = {url, site}
        Dim newEvidence As New Evidence(oa1, oa2)

        Console.WriteLine(("Evidence count = " & PrintEvidence(myEvidence).ToString()))
        Console.WriteLine(ControlChars.Lf & "Remove URL evidence.")
        Console.WriteLine(("Evidence count is now: " & myEvidence.Count.ToString()))
        Console.WriteLine(ControlChars.Lf & "Make a copy of the current evidence.")
        Dim evidenceCopy As New Evidence(myEvidence)
        Console.WriteLine(("Count of new evidence items = " & evidenceCopy.Count.ToString()))
        Console.WriteLine(("Does the copy equal the current evidence? " & myEvidence.Equals(evidenceCopy)))
        Console.WriteLine(ControlChars.Lf & "Clear the current evidence.")
        Console.WriteLine(("Count is now " & myEvidence.Count.ToString()))
        Return myEvidence
    End Function 'DemonstrateEvidenceMembers

    Public Shared Function PrintEvidence(ByVal myEvidence As Evidence) As Integer
        Dim p As Integer = 0
        Console.WriteLine(ControlChars.Lf & "Current evidence = ")
        If myEvidence Is Nothing Then
            Return 0
        End If
        Dim list As IEnumerator = myEvidence.GetEnumerator()
        Dim obj As Object
        While list.MoveNext()
            p = p + 1
        End While
        Return p
    End Function 'PrintEvidence

    ' Convert a hexidecimal string to an array.
    Public Shared Function HexsToArray(ByVal sHexString As String) As Byte()
        Dim array(sHexString.Length / 2) As [Byte]
        Dim i As Integer
        For i = 0 To sHexString.Length - 2 Step 2
            array((i / 2)) = [Byte].Parse(sHexString.Substring(i, 2), NumberStyles.HexNumber)
        Next i
        Return array
    End Function 'HexsToArray

    ' Main method.
    Public Shared Sub Main()
            Dim EvidenceTest As New Evidence_Example
            Dim ret As Boolean = EvidenceTest.CreateEvidence()
            If ret Then
                Console.WriteLine("Evidence successfully created.")
                Console.WriteLine("Evidence creation failed.")
            End If

        Catch e As Exception
            Environment.ExitCode = 101
        End Try
    End Sub 'Main
End Class 'Evidence_Example

.NET Framework
Available since 1.1

Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top