2 // System.Security.Policy.Hash
5 // Jackson Harper (Jackson@LatitudeGeo.com)
6 // Sebastien Pouliot <sebastien@ximian.com>
8 // (C) 2002 Jackson Harper, All rights reserved.
9 // Portions (C) 2002 Motus Technologies Inc. (http://www.motus.com)
10 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
12 // Permission is hereby granted, free of charge, to any person obtaining
13 // a copy of this software and associated documentation files (the
14 // "Software"), to deal in the Software without restriction, including
15 // without limitation the rights to use, copy, modify, merge, publish,
16 // distribute, sublicense, and/or sell copies of the Software, and to
17 // permit persons to whom the Software is furnished to do so, subject to
18 // the following conditions:
20 // The above copyright notice and this permission notice shall be
21 // included in all copies or substantial portions of the Software.
23 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
27 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
28 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
29 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
35 using System
.Reflection
;
36 using System
.Runtime
.InteropServices
;
37 using System
.Runtime
.Serialization
;
38 using System
.Security
.Cryptography
;
39 using System
.Security
.Permissions
;
42 namespace System
.Security
.Policy
{
46 public sealed class Hash
: ISerializable
, IBuiltInEvidence
{
48 private Assembly assembly
;
52 internal byte[] _sha1
;
54 public Hash (Assembly assembly
)
57 throw new ArgumentNullException ("assembly");
58 this.assembly
= assembly
;
65 internal Hash (SerializationInfo info
, StreamingContext context
)
67 data
= (byte[]) info
.GetValue ("RawData", typeof (byte[]));
76 // Case 1: we have a MD5 value - either precalculated or static (FX 2.0)
80 // Case 2: we don't have a MD5 value precalculated so we either
81 // (a): have an assembly reference - and can calculate the hash; or
82 // (b): have been initialized with a static MD5 value (FX 2.0)
83 if ((assembly
== null) && (_sha1
!= null)) {
84 string msg
= Locale
.GetText ("No assembly data. This instance was initialized with an MSHA1 digest value.");
85 throw new SecurityException (msg
);
87 // fully named to avoid conflit between MD5 property and class name
88 HashAlgorithm hash
= System
.Security
.Cryptography
.MD5
.Create ();
89 _md5
= GenerateHash (hash
);
96 // Case 1: we have a SHA1 value - either precalculated or static (FX 2.0)
100 // Case 2: we don't have a SHA1 value precalculated so we either
101 // (a): have an assembly reference - and can calculate the hash; or
102 // (b): have been initialized with a static MD5 value (FX 2.0)
103 if ((assembly
== null) && (_md5
!= null)) {
104 string msg
= Locale
.GetText ("No assembly data. This instance was initialized with an MD5 digest value.");
105 throw new SecurityException (msg
);
107 // fully named to avoid conflit between SHA1 property and class name
108 HashAlgorithm hash
= System
.Security
.Cryptography
.SHA1
.Create ();
109 _sha1
= GenerateHash (hash
);
118 public byte[] GenerateHash (HashAlgorithm hashAlg
)
121 throw new ArgumentNullException ("hashAlg");
122 return hashAlg
.ComputeHash (GetData ());
125 public void GetObjectData (SerializationInfo info
, StreamingContext context
)
128 throw new ArgumentNullException ("info");
129 info
.AddValue ("RawData", GetData ());
132 public override string ToString ()
134 SecurityElement se
= new SecurityElement (GetType ().FullName
);
135 se
.AddAttribute ("version", "1");
137 StringBuilder sb
= new StringBuilder ();
138 byte[] raw
= GetData ();
139 for (int i
=0; i
< raw
.Length
; i
++)
140 sb
.Append (raw
[i
].ToString ("X2"));
142 se
.AddChild (new SecurityElement ("RawData", sb
.ToString ()));
143 return se
.ToString ();
150 // FIXME: be more restrictive when imperative security is implemented
151 [FileIOPermission (SecurityAction
.Assert
, Unrestricted
= true)]
152 private byte[] GetData ()
154 if ((assembly
== null) && (data
== null)) {
155 string msg
= Locale
.GetText ("No assembly data.");
156 throw new SecurityException (msg
);
159 // TODO (Pre-Fx-2.0) we mustn't hash the complete assembly!
160 // ---- Look at ToString (MS version) for what to hash (and what not to)
161 // TODO we must drop the authenticode signature (if present)
162 FileStream stream
= new
163 FileStream (assembly
.Location
, FileMode
.Open
, FileAccess
.Read
);
164 data
= new byte [stream
.Length
];
165 stream
.Read (data
, 0, (int)stream
.Length
);
171 // interface IBuiltInEvidence
173 int IBuiltInEvidence
.GetRequiredSize (bool verbose
)
175 return (verbose
? 5 : 0); // as documented
178 [MonoTODO ("IBuiltInEvidence")]
179 int IBuiltInEvidence
.InitFromBuffer (char [] buffer
, int position
)
184 [MonoTODO ("IBuiltInEvidence")]
185 int IBuiltInEvidence
.OutputToBuffer (char [] buffer
, int position
, bool verbose
)
190 static public Hash
CreateMD5 (byte[] md5
)
193 throw new ArgumentNullException ("md5");
194 Hash h
= new Hash ();
199 static public Hash
CreateSHA1 (byte[] sha1
)
202 throw new ArgumentNullException ("sha1");
203 Hash h
= new Hash ();