StorePermission クラスとは？ わかりやすく解説

.NET Framework クラス ライブラリ リファレンス

StorePermission クラス

メモ : このクラスは、.NET Framework version 2.0 で新しく追加されたものです。

X.509 証明書を格納しているストアへのアクセス権を制御します。このクラスは継承できません。

名前空間: System.Security.Permissions
アセンブリ: System (system.dll 内)
構文

Visual Basic (宣言)

<SerializableAttribute> _
Public NotInheritable Class
 StorePermission
    Inherits CodeAccessPermission
    Implements IUnrestrictedPermission

Visual Basic (使用法)

Dim instance As StorePermission

C#

[SerializableAttribute] 
public sealed class StorePermission : CodeAccessPermission,
 IUnrestrictedPermission

C++

[SerializableAttribute] 
public ref class StorePermission sealed : public
 CodeAccessPermission, IUnrestrictedPermission

J#

/** @attribute SerializableAttribute() */ 
public final class StorePermission extends
 CodeAccessPermission implements IUnrestrictedPermission

JScript

SerializableAttribute 
public final class StorePermission extends
 CodeAccessPermission implements IUnrestrictedPermission

解説

StorePermission は、コードで X.509 ストアに対して付与されたアクセス権を制御します。アクセス許可は、各ストアに適用するアクセス レベルを表すフラグに基づいています。

使用例

StorePermission クラスのメンバを使用する方法を次のコード例に示します。

Visual Basic

Imports System
Imports System.Security.Permissions
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
Imports System.Security
Imports System.IO

<Assembly: StorePermissionAttribute(SecurityAction.RequestMinimum, Flags:=StorePermissionFlags.DeleteStore)>
 

Public Class X509store2

    Public Shared Sub Main(ByVal
 args() As String)
        Console.WriteLine("Creating a permission with Flags =
 OpenStore.")
        Dim sp As New System.Security.Permissions.StorePermission(StorePermissionFlags.OpenStore)
        'Create a new X509 store named teststore from the local certificate
 store.
        'You must put in a valid path to a certificate in the following
 constructor.
        Dim certificate As New
 X509Certificate2("c:\certificates\*****.cer")
        ' Deny the permission to open a store.
        sp.Deny()
        ' The following code results in an exception due to an attempt
 to open a store.
        AddToStore(certificate)
        ' Remove the deny for opening a store.
        CodeAccessPermission.RevertDeny()
        ' The following code results in an exception due to an attempt
 to add a certificate.
        ' The exception is thrown due to a StorePermissionAttribute
 on the method denying AddToStore permission.
        AddToStore(certificate)
        ' The current code is not affected by the attribute in the previously
 called method, so the following
        ' intructions execute without an exception.
        Dim store As New
 X509Store("teststore", StoreLocation.CurrentUser)
        store.Open(OpenFlags.ReadWrite)
        store.Add(certificate)

        ' Demonstrate the behavior of the class members.
        ShowMembers()

        Console.WriteLine("Press the Enter key to exit.")
        Console.ReadKey()
        Return

    End Sub 'Main

    'Deny the permission the ability to add to a store.
    <StorePermission(SecurityAction.Deny, Flags:=StorePermissionFlags.AddToStore)>
 _
    Private Shared Sub AddToStore(ByVal
 cert As X509Certificate2)
        Try
            Dim store As New
 X509Store("teststore", StoreLocation.CurrentUser)
            store.Open(OpenFlags.ReadWrite)
            ' The following attempt to add a certificate results in
 an exception being thrown.
            store.Add(cert)
            Return
        Catch e As SecurityException
            Console.WriteLine("Security exception thrown when
 attempting: " + _
            CType(e.FirstPermissionThatFailed, System.Security.Permissions.StorePermission).Flags)
            Return
        End Try

    End Sub 'AddToStore

    ' The following method is intended to demonstrate only the behavior
 of 
    ' StorePermission class members,and not their practical usage. 
 Most properties 
    ' and methods in this class are used for the resolution and enforcement
 of
    ' security policy by the security infrastructure code.
    Private Shared Sub ShowMembers()
        Console.WriteLine("Creating first permission with Flags
 = OpenStore.")

        Dim sp1 As New System.Security.Permissions.StorePermission(StorePermissionFlags.OpenStore)

        Console.WriteLine("Creating second permission with Flags
 = AllFlags.")

        Dim sp2 As New System.Security.Permissions.StorePermission(StorePermissionFlags.AllFlags)

        Console.WriteLine("Creating third permission as Unrestricted.")
        Dim sp3 As New System.Security.Permissions.StorePermission(PermissionState.Unrestricted)
        Console.WriteLine("Creating fourth permission with a permission
 state of none.")

        Dim sp4 As New System.Security.Permissions.StorePermission(PermissionState.None)
        Dim rc As Boolean
 = sp2.IsSubsetOf(sp3)
        Console.WriteLine("Is the permission with complete store
 access (AllFlags) a subset of " + _
        vbLf + vbTab + "the permission with an Unrestricted permission
 state? " + _
        IIf(rc, "Yes", "No"))
        rc = sp1.IsSubsetOf(sp2)
        Console.WriteLine("Is the permission with OpenStore access
 a subset of the permission with " + _
        vbLf + vbTab + "complete store access (AllFlags)? "
 + IIf(rc, "Yes", "No"))
        rc = sp3.IsUnrestricted()
        Console.WriteLine("Is the third permission unrestricted?
 " + IIf(rc, "Yes", "No"))
        Console.WriteLine("Copying the second permission to the
 fourth permission.")
        sp4 = CType(sp2.Copy(), System.Security.Permissions.StorePermission)
        rc = sp4.Equals(sp2)
        Console.WriteLine("Is the fourth permission equal to the
 second permission? " + _
        IIf(rc, "Yes", "No"))
        Console.WriteLine("Creating the intersection of the second
 and first permissions.")
        sp4 = CType(sp2.Intersect(sp1), System.Security.Permissions.StorePermission)
        Console.WriteLine("Value of the Flags property is: "
 + sp4.Flags.ToString())

        Console.WriteLine("Creating the union of the second and
 first permissions.")
        sp4 = CType(sp2.Union(sp1), System.Security.Permissions.StorePermission)
        Console.WriteLine("Result of the union of the second permission
 with the first:  " + _
        sp4.Flags)

        Console.WriteLine("Using an XML roundtrip to reset the
 fourth permission.")
        sp4.FromXml(sp2.ToXml())
        rc = sp4.Equals(sp2)
        Console.WriteLine("Does the XML roundtrip result equal
 the original permission? " + _
        IIf(rc, "Yes", "No"))
    End Sub
End Class 'X509store2

C#

using System;
using System.Security.Permissions;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Security;
using System.IO;
[assembly:
StorePermission(SecurityAction.RequestMinimum, Flags = StorePermissionFlags.DeleteStore)]
public class X509store2
{
    public static void Main(string[]
 args)
    {
        Console.WriteLine("Creating a permission with Flags = OpenStore.");
        StorePermission sp = new StorePermission(StorePermissionFlags.OpenStore);
        //Create a new X509 store named teststore from the local certificate
 store.
        //You must put in a valid path to a certificate in the following
 constructor.
        X509Certificate2 certificate = new X509Certificate2("c:\\certificates\\*****.cer");
        //      Deny the permission to open a store.
        sp.Deny();
        // The following code results in an exception due to an attempt
 to open a store.
        AddToStore(certificate);
        // Remove the deny for opening a store.
        CodeAccessPermission.RevertDeny();
        // The following code results in an exception due to an attempt
 to add a certificate.
        // The exception is thrown due to a StorePermissionAttribute
 on the method denying AddToStore permission.
        AddToStore(certificate);
        // The current code is not affected by the attribute in the
 previously called method, so the following
        // intructions execute without an exception.
        X509Store store = new X509Store("teststore"
,
 StoreLocation.CurrentUser);
        store.Open(OpenFlags.ReadWrite);
        store.Add(certificate);

        // Demonstrate the behavior of the class members.
        ShowMembers();

        Console.WriteLine("Press the Enter key to exit.");
        Console.ReadKey();
        return;
    }
    //Deny the permission the ability to add to a store.
    [StorePermission(SecurityAction.Deny, Flags = StorePermissionFlags.AddToStore)]
    private static void
 AddToStore(X509Certificate2 cert)
    {
        try
        {
            X509Store store = new X509Store("teststore"
,
 StoreLocation.CurrentUser);

            store.Open(OpenFlags.ReadWrite);

            // The following attempt to add a certificate results in
 an exception being thrown.
            store.Add(cert);
            return;
        }
        catch (SecurityException e)
        {
            Console.WriteLine("Security exception thrown when attempting: "
 + 
                ((StorePermission)e.FirstPermissionThatFailed).Flags);
            return;
        }
    }

    // The following method is intended to demonstrate only the behavior
 of 
    // StorePermission class members,and not their practical usage.
  Most properties 
    // and methods in this class are used for the resolution and enforcement
 of
    // security policy by the security infrastructure code.
    private static void
 ShowMembers()
    {
        Console.WriteLine("Creating first permission with Flags = OpenStore.");

        StorePermission sp1 = new StorePermission(StorePermissionFlags.OpenStore);

        Console.WriteLine("Creating second permission with Flags = AllFlags.");

        StorePermission sp2 = new StorePermission(StorePermissionFlags.AllFlags);

        Console.WriteLine("Creating third permission as Unrestricted.");
        StorePermission sp3 = new StorePermission(PermissionState.Unrestricted);
        Console.WriteLine("Creating fourth permission with a permission state
 of none.");

        StorePermission sp4 = new StorePermission(PermissionState.None);
        bool rc = sp2.IsSubsetOf(sp3);
        Console.WriteLine("Is the permission with complete store access (AllFlags)
 a subset of \n" +
            "\tthe permission with an Unrestricted permission state? "
 + (rc ? "Yes" : "No"));
        rc = sp1.IsSubsetOf(sp2);
        Console.WriteLine("Is the permission with OpenStore access a subset
 of the permission with \n" +
            "\tcomplete store access (AllFlags)? " + (rc ? "Yes"
 : "No"));
        rc = sp3.IsUnrestricted();
        Console.WriteLine("Is the third permission unrestricted? " + (rc
 ? "Yes" : "No"));
        Console.WriteLine("Copying the second permission to the fourth permission.");
        sp4 = (StorePermission)sp2.Copy();
        rc = sp4.Equals(sp2);
        Console.WriteLine("Is the fourth permission equal to the second permission?
 " + (rc ? "Yes" : "No"));

        Console.WriteLine("Creating the intersection of the second and first
 permissions.");
        sp4 = (StorePermission)sp2.Intersect(sp1);
        Console.WriteLine("Value of the Flags property is: " + sp4.Flags.ToString());

        Console.WriteLine("Creating the union of the second and first permissions.");
        sp4 = (StorePermission)sp2.Union(sp1);
        Console.WriteLine("Result of the union of the second permission with
 the first:  " + sp4.Flags);

        Console.WriteLine("Using an XML roundtrip to reset the fourth permission.");
        sp4.FromXml(sp2.ToXml());
        rc = sp4.Equals(sp2);
        Console.WriteLine("Does the XML roundtrip result equal the original
 permission? " + (rc ? "Yes" : "No"));
    }
}

J#

import System.*;
import System.Security.Permissions.*;
import System.Security.Cryptography.*;
import System.Security.Cryptography.X509Certificates.*;
import System.Security.*;
import System.IO.*;

/** @assembly StorePermission(SecurityAction.RequestMinimum,
    Flags = StorePermissionFlags.DeleteStore)
 */
public class X509store2
{
    public static void main(String[]
 args)
    {
        Console.WriteLine("Creating a permission with Flags = OpenStore.");
        StorePermission sp = new StorePermission(StorePermissionFlags.OpenStore);
        //Create a new X509 store named teststore from the local certificate
 
        // store.
        //You must put in a valid path to a certificate in the following
 
        // constructor.
        X509Certificate2 certificate =
            new X509Certificate2("c:\\certificates\\*****.cer");
        //      Deny the permission to open a store.
        sp.Deny();
        // The following code results in an exception due to an attempt
 
        // to open a store.
        AddToStore(certificate);
        // Remove the deny for opening a store.
        CodeAccessPermission.RevertDeny();
        // The following code results in an exception due to an attempt
 to 
        // add a certificate.
        // The exception is thrown due to a StorePermissionAttribute
 
        // on the method denying AddToStore permission.
        AddToStore(certificate);
        // The current code is not affected by the attribute in the
        // previously called method, so the following
        // intructions execute without an exception.
        X509Store store = new X509Store("teststore"
,
            StoreLocation.CurrentUser);
        store.Open(OpenFlags.ReadWrite);
        store.Add(certificate);
        // Demonstrate the behavior of the class members.
        ShowMembers();

        Console.WriteLine("Press the Enter key to exit.");
        Console.ReadKey();
        return;
    } //main

    //Deny the permission the ability to add to a store.
    /** @attribute StorePermission(SecurityAction.Deny, Flags =
        StorePermissionFlags.AddToStore)
     */
    private static void
 AddToStore(X509Certificate2 cert)
    {
        try
        {
            X509Store store = new X509Store("teststore"
,
                StoreLocation.CurrentUser);
            store.Open(OpenFlags.ReadWrite);
            // The following attempt to add a certificate results in
 
            // an exception being thrown.
            store.Add(cert);
            return;
        }
        catch (System.Security.SecurityException e)
        {
            Console.WriteLine("Security exception thrown when attempting: "
                + ((StorePermission)e.get_FirstPermissionThatFailed()).get_Flags());
            return;
        }
    } //AddToStore

    // The following method is intended to demonstrate only the behavior
 of 
    // StorePermission class members,and not their practical usage.
 
    // Most properties 
    // and methods in this class are used for the resolution and enforcement
 
    // of security policy by the security infrastructure code.
    private static void
 ShowMembers()
    {
        Console.WriteLine("Creating first permission with Flags = OpenStore.");
        StorePermission sp1 = new StorePermission(StorePermissionFlags.
            OpenStore);
        Console.WriteLine("Creating second permission with Flags = AllFlags.");
        StorePermission sp2 = new StorePermission(StorePermissionFlags.AllFlags);
        Console.WriteLine("Creating third permission as Unrestricted.");
        StorePermission sp3 = new StorePermission(PermissionState.Unrestricted);
        Console.WriteLine("Creating fourth permission with a permission "
            + "state of none.");
        StorePermission sp4 = new StorePermission(PermissionState.None);
        boolean rc = sp2.IsSubsetOf(sp3);
        Console.WriteLine("Is the permission with complete store access "
            + "(AllFlags) a subset of \n"
            + "\tthe permission with an Unrestricted permission state? "
            + ((rc) ? "Yes" : "No"));
        rc = sp1.IsSubsetOf(sp2);
        Console.WriteLine("Is the permission with OpenStore access "
            + "a subset of the permission with \n"
            + "\tcomplete store access (AllFlags)? "
            + ((rc) ? "Yes" : "No"));
        rc = sp3.IsUnrestricted();
        Console.WriteLine("Is the third permission unrestricted? "
            + ((rc) ? "Yes" : "No"));
        Console.WriteLine("Copying the second permission to the fourth "
            + "permission.");
        sp4 = (StorePermission)sp2.Copy();
        rc = sp4.Equals(sp2);
        Console.WriteLine("Is the fourth permission equal to the second "
            + "permission? " + ((rc) ? "Yes" : "No"));
        Console.WriteLine("Creating the intersection of the second and "
            + "first permissions.");
        sp4 = (StorePermission)sp2.Intersect(sp1);
        Console.WriteLine("Value of the Flags property is: "
            + sp4.get_Flags().ToString());
        Console.WriteLine("Creating the union of the second and first "
            + "permissions.");
        sp4 = (StorePermission)sp2.Union(sp1);
        Console.WriteLine("Result of the union of the second permission "
            + "with the first:  " + sp4.get_Flags());
        Console.WriteLine("Using an XML roundtrip to reset the fourth "
            + "permission.");
        sp4.FromXml(sp2.ToXml());
        rc = sp4.Equals(sp2);
        Console.WriteLine("Does the XML roundtrip result equal the original
 "
            + "permission? " + ((rc) ? "Yes" : "No"));
    } //ShowMembers 
} //X509store2

継承階層

System.Object
   System.Security.CodeAccessPermission
    System.Security.Permissions.StorePermission

スレッド セーフ

この型の public static (Visual Basic では Shared) メンバはすべて、スレッド セーフです。インスタンス メンバの場合は、スレッド セーフであるとは限りません。

プラットフォーム

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

開発プラットフォームの中には、.NET Framework によってサポートされていないバージョンがあります。サポートされているバージョンについては、「システム要件」を参照してください。

バージョン情報

.NET Framework
サポート対象 : 2.0

参照

関連項目
StorePermission メンバ
System.Security.Permissions 名前空間
StorePermissionAttribute
StorePermissionFlags
その他の技術情報
アクセス許可
アクセス許可の要求