Re: problem with StrongNameIdentityPermissionAttribute

From: Davide Bedin (davide@bedin.it)
Date: 04/17/03 

From: "Davide Bedin" <davide@bedin.it>
Date: Thu, 17 Apr 2003 14:34:05 +0200

Thanks for the response. I read the documentation about security but still
experiencing troubles, that's why I'm asking this in the newsgroups.

Something I haven't said describing the issue is that I already tried to use
LinkDemand without success, that is what lead me to consider Demand. Using
LinkDemand action for the attribute at method level it doesn't seem it is
considered. I suppose this because it doesn't matter If I use the public key
blob of Microsoft.Web.Services.dll or from one of my assemblies, the code
runs in both cases and the decryption occurs.

If I use the attribute at class level It is checked but I always get an
exception when valuating the permission attribute, using the wrong public
key blob (the one from my assemblies) or the right one (from Microsoft WSE
assembly). I checked the public key blob several times so it seems it's
correct.

Here's the exception I get:
 System.Security.SecurityException: Request for the permission of type
System.Security.Permissions.StrongNameIdentityPermission, mscorlib,
Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.
at System.Security.CodeAccessSecurityEngine.CheckTokenBasedSetHelper(Boolean
ignoreGrants, TokenBasedSet grants, TokenBasedSet denied, TokenBasedSet
demands) at
System.Security.CodeAccessSecurityEngine.CheckSetHelper(PermissionSet
grants, PermissionSet denied, PermissionSet demands) at
System.Reflection.RuntimeConstructorInfo.InternalInvoke(BindingFlags
invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean
isBinderDefault) at
System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture) at
Microsoft.Web.Services.Security.Configuration.ProviderFactory.CreateInstance
() at
Microsoft.Web.Services.Security.Configuration.SecurityConfiguration.get_Pass
wordProvider() at
Microsoft.Web.Services.Security.UsernameToken.GetPassword() at
Microsoft.Web.Services.Security.UsernameToken.LoadXml(XmlElement element) at
Microsoft.Web.Services.Security.SecurityToken..ctor(XmlElement element) at
Microsoft.Web.Services.Security.UsernameToken..ctor(XmlElement element) at
Microsoft.Web.Services.Security.Security.LoadXml(XmlElement element) at
Microsoft.Web.Services.Security.SecurityInputFilter.ProcessMessage(SoapEnvel
ope envelope) at
Microsoft.Web.Services.Pipeline.ProcessInputMessage(SoapEnvelope envelope)
at
Microsoft.Web.Services.WebServicesExtension.BeforeDeserializeServer(SoapMess
age message) The state of the failed permission was: <IPermission
class="System.Security.Permissions.StrongNameIdentityPermission, mscorlib,
Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
PublicKeyBlob="0024000004800000940000000602000000240000525341310004000001000
100B5FC90E7027F67871E773A8FDE8938C81DD402BA65B9201D60593E96C492651E889CC13F1
415EBB53FAC1131AE0BD333C5EE6021672D9718EA31A8AEBD0DA0072F25D87DBA6FC90FFD598
ED4DA35E44C398C454307E8E33B8426143DAEC9F596836F97C8F74750E5975C64E2189F45DEF
46B2A2B1247ADC3652BF5C308055DA9

Note that the class/method I want to protect is dynamically loaded as this
is the way WSE works.

Thanks in advance,
Davide Bedin

"Ivan Medvedev [MS]" <ivanmed@online.microsoft.com> wrote in message
news:edPcqiqADHA.3208@TK2MSFTNGP11.phx.gbl...
> Davide -
> it sounds like SecurityAction.LinkDemand is what you need. It will verify
> that just the immediate caller of the method has the identity. Demand does
a
> full stack walk and verifies all the frames on the stack, and Assert does
> not perform any checks at all, it is used to modify stack walk behavior.
> http://msdn.microsoft.com/net/security might be a good resource for you to
> start learning about .net security.
> --Ivan
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
>
> "Davide Bedin" <davide@bedin.it> wrote in message
> news:e4DXkhpADHA.33376@TK2MSFTNGP10.phx.gbl...
> > I'm using the Web Service Extensions provided by the
> Microsoft.Web.Services
> > assembly in order to digitally sign and encrypt incoming and outgoing
soap
> > messages.
> >
> > As suggested on the WSE documentation I'm trying to protect the access
to
> > the class that implements the IDecryptionProvider in order to just let
the
> > Microsoft.Web.Services assembly to call the methods.
> >
> > I'm using the StrongNameIdentityPermissionAttribute attribute in the
> > GetDecryptionKey method, using the public key of the
> > Microsoft.Web.Services.dll assembly, as follows
> >
> > <StrongNameIdentityPermissionAttribute(SecurityAction.Assert, _
> > PublicKey:="key of Microsoft.Web.Services.dll")>_
> > Public Function GetDecryptionKey(ByVal algorithmUri As String, ByVal
> keyInfo
> > As KeyInfo) As Microsoft.Web.Services.Security.DecryptionKey Implements
> > Microsoft.Web.Services.Security.IDecryptionKeyProvider.GetDecryptionKey
> >
> > Is Assert the action that has to be requested for this kind of control?
> > If I use Demand the assemblies higher in the stack get a permission
> > exception as they have different strong names than
Microsoft.Web.Services.
> >
> > The problem is that If I use Assert and I change the PublicKey with the
> > strong name of another
> > assembly (for example the public key of assemblies from my company) it
> > doesn't encounter an exception.
> >
> > I'm probably missing something here, any advice will be really
> appreciated.
> >
> > Thanks,
> > Davide Bedin
> >
> >
> >
>
>

Relevant Pages

  • Re: Code Acess Security
    ... Assert is used to prevent a stack walk. ... - My assembly is granted permission A as well as the permission to Assert ... Note that there are some major assemblies in the ...
    (microsoft.public.dotnet.security)
  • Re: When to use Public/Private Key & when to gen new one?
    ... The key pair is uniquely bound to each other: you can't have one private key ... options for extracting the public key, but not one for 'build new public key ... I was including in assemblies whatever it had spat one ... probably keep the same snk file across various builds of an assembly, ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: security/strong name/zones clarification needed
    ... Does the Assert code go in its ... >>this AppDomain needs to be setup before your assembly can ... >>will recieve the permission grant you expect (in this ... All my assemblies are strong named. ...
    (microsoft.public.dotnet.security)
  • Re: assembly doesn permit partially trustets calls
    ... To mitigate the risk, think very carefully about the permissions that you assign to the application running on the file share so that it permits exactly and only the request to satisfy the permission demand, block everything else. ... we can give all the assemblies in the ... Microsoft Online Community Support ...
    (microsoft.public.dotnet.framework)
  • Re: security/strong name/zones clarification needed
    ... Does the Assert code go in its ... >this AppDomain needs to be setup before your assembly can ... >will recieve the permission grant you expect (in this ... All my assemblies are strong named. ...
    (microsoft.public.dotnet.security)