Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / .NET Framework / Security / January 2006

Tip: Looking for answers? Try searching our database.

Publisher Security

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Vadim Malishev - 19 Jan 2006 15:28 GMT
Hello All.

Can anybody describe me why this code:

string assemblyPath = "myassembly.dll";
X509Certificate cert = X509Certificate.CreateFromSignedFile(assemblyPath);

Evidence evidence = new Evidence();

evidence.AddHost(new Publisher(cert));

AssemblyName asmName = AssemblyName.GetAssemblyName ( assemblyPath );

Assembly asm1 = Assembly.Load(asmName);

Assembly asm2 = Assembly.Load(asmName, evidence);

Assembly asm3 = Assembly.LoadFrom(assemblyPath);

PublisherMembershipCondition cond = new PublisherMembershipCondition(cert);

Console.WriteLine("Evidence check: {0}", cond.Check(evidence));

Console.WriteLine("1 assembly check: {0}", cond.Check(asm1.Evidence));

Console.WriteLine("2 assembly check: {0}", cond.Check(asm2.Evidence));

Console.WriteLine("3 assembly check: {0}", cond.Check(asm3.Evidence));

//------------------------------------

output:
Evidence check: true

1 assembly check: false

2 assembly check: false

3 assembly check: false

I signed assembly by call:

signtool.exe sign /f key.pfx /p mypassword /v myassembly.dll

When I create AppDomain, I set domain policy:
PolicyLevel policyLevel = PolicyLevel.CreateAppDomainLevel();

string assemblyPath = "myassembly.dll";

X509Certificate cert = X509Certificate.CreateFromSignedFile(assemblyPath);

CodeGroup codeGroup = new UnionCodeGroup(new
PublisherMembershipCondition(cert), new PolicyStatement(new
PermissionSet(PermissionState.Unrestricted)));

policyLevel.RootCodeGroup = codeGroup;

domain.SetAppDomainPolicy(policyLevel);

Thanks a lot for any help.
Vadim
Reply to this Message
Nicole Calinoiu - 20 Jan 2006 14:46 GMT
Is the issuing hierarchy for the signing cert verifiable and trusted?  For
example, if you've issued the signing cert yourself using makecert, have you
added the fake root CA as a trusted root CA on your test machine?

> Hello All.
>
[quoted text clipped - 58 lines]
> Thanks a lot for any help.
> Vadim
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.