1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
#if !UNITY_WINRT
using System;
using System.IO;
using System.Security;
using System.Security.Cryptography;
using System.Reflection;
using System.Collections.Generic;
using Mono.Security;
using Mono.Security.Cryptography;
namespace UnityEngine
{
public sealed partial class Security
{
#if UNITY_EDITOR || UNITY_WEBPLAYER
static List<Assembly> _verifiedAssemblies = new List<Assembly>();
#endif
static MethodInfo GetUnityCrossDomainHelperMethod(string methodname)
{
//todo: enter strong name with public key here
Type type = Types.GetType ("UnityEngine.UnityCrossDomainHelper", "CrossDomainPolicyParser, Version=1.0.0.0, Culture=neutral");
if (type == null)
throw new SecurityException("Cant find type UnityCrossDomainHelper");
var result = type.GetMethod (methodname);
if (result == null)
throw new SecurityException("Cant find "+methodname);
return result;
}
internal static string TokenToHex (byte[] token)
{
if (null == token || 8 > token.Length)
return string.Empty;
return string.Format ("{0:x2}{1:x2}{2:x2}{3:x2}{4:x2}{5:x2}{6:x2}{7:x2}",
token[0],
token[1],
token[2],
token[3],
token[4],
token[5],
token[6],
token[7]
);
}
#if UNITY_EDITOR
internal static void ClearVerifiedAssemblies ()
{
_verifiedAssemblies.Clear ();
}
#endif
[SecuritySafeCritical]
public static Assembly LoadAndVerifyAssembly (byte[] assemblyData)
{
#if UNITY_EDITOR || UNITY_WEBPLAYER
var assembly = Assembly.Load (assemblyData);
byte[] publicKey = assembly.GetName ().GetPublicKey ();
if (null == publicKey || 0 == publicKey.Length)
return null;
var rsa = new RSACryptoServiceProvider ();
rsa.ImportCspBlob (publicKey);
var strongName = new StrongName (rsa);
using (var stream = new MemoryStream (assemblyData))
{
if (strongName.Verify (stream))
{
_verifiedAssemblies.Add(assembly);
return assembly;
} else
{
return null;
}
}
#else
return null;
#endif
}
#if UNITY_EDITOR
static readonly string kSignatureExtension = ".signature";
internal static bool VerifySignature (string file, byte[] publicKey)
{
try {
string signature = file + kSignatureExtension;
if (!File.Exists (signature))
return false;
using (var provider = new RSACryptoServiceProvider ())
{
provider.ImportCspBlob (publicKey);
using (var sha1 = new SHA1CryptoServiceProvider ())
return provider.VerifyData (File.ReadAllBytes (file), sha1, File.ReadAllBytes (signature));
}
} catch (Exception e) {
Debug.LogException (e);
}
return false;
}
#endif
}
public static class Types
{
public static Type GetType(string typeName, string assemblyName)
{
try
{
return Assembly.Load(assemblyName).GetType(typeName);
}
catch (Exception)
{
return null;
}
}
}
}
#endif
|
