Deprecate Code Access Security (CAS)

CHANGELOG.md

@@ -7,6 +7,10 @@ Enhancements:
 
 Deprecations:
  - Removed support for the .NET Framework < 4.5 and .NET Standard 1.x. (@stakx, #495, #496)
+ - Removed support for Code Access Security (CAS). (@stakx, #502)
+ - The following public members have been removed:
+    - `Castle.Core.Internal.PermissionUtil.IsGranted` (method)
+    - `Castle.DynamicProxy.Generators.Emitters.StrongNameUtil.CanStrongNameAssembly` (property)
 
 ## 4.4.1 (2020-05-06)
 

README.md

@@ -66,20 +66,20 @@ Symbol                              | .NET 4.5           | .NET Standard 2.x
 `FEATURE_ASSEMBLYBUILDER_SAVE`      | :white_check_mark: | :no_entry_sign:
 `FEATURE_EVENTLOG`                  | :white_check_mark: | :no_entry_sign:
 `FEATURE_REMOTING`                  | :white_check_mark: | :no_entry_sign:
-`FEATURE_SECURITY_PERMISSIONS`      | :white_check_mark: | :no_entry_sign:
 `FEATURE_SERIALIZATION`             | :white_check_mark: | :no_entry_sign:
 `FEATURE_SYSTEM_CONFIGURATION`      | :white_check_mark: | :no_entry_sign:
 `FEATURE_TEST_COM`                  | :white_check_mark: | :no_entry_sign:
 `FEATURE_TEST_PEVERIFY`             | :white_check_mark: | :no_entry_sign:
+`FEATURE_TEST_WINFORMS`             | :white_check_mark: | :no_entry_sign:
 ---                                 |                    |
 `DOTNET45`                          | :white_check_mark: | :no_entry_sign:
 
 * `FEATURE_APPDOMAIN` - enables support for features that make use of an AppDomain in the host.
 * `FEATURE_ASSEMBLYBUILDER_SAVE` - enabled support for saving the dynamically generated proxy assembly.
 * `FEATURE_EVENTLOG` - provides a diagnostics logger using the Windows Event Log.
 * `FEATURE_REMOTING` - supports remoting on various types including inheriting from MarshalByRefObject.
-* `FEATURE_SECURITY_PERMISSIONS` - enables the use of CAS and Security[Critical|SafeCritical|Transparent].
 * `FEATURE_SERIALIZATION` - enables support for serialization of dynamic proxies and other types.
 * `FEATURE_SYSTEM_CONFIGURATION` - enables features that use System.Configuration and the ConfigurationManager.
 * `FEATURE_TEST_COM` - enables COM Interop tests.
 * `FEATURE_TEST_PEVERIFY` - enables verification of dynamic assemblies using PEVerify during tests. (Only defined on Windows builds since Windows is currently the only platform where PEVerify is available.)
+* `FEATURE_TEST_WINFORMS` - enables Windows Forms tests.

buildscripts/CommonAssemblyInfo.cs

@@ -14,11 +14,6 @@
 
 using System;
 using System.Runtime.InteropServices;
-using System.Security;
 
 [assembly: ComVisible(false)]
 [assembly: CLSCompliant(true)]
-
-#if FEATURE_SECURITY_PERMISSIONS
-[assembly: SecurityRules(SecurityRuleSet.Level2)]
-#endif

buildscripts/common.props

@@ -45,7 +45,7 @@
 		<DiagnosticsConstants>DEBUG</DiagnosticsConstants>
 		<NetStandard20Constants>TRACE</NetStandard20Constants>
 		<NetStandard21Constants>TRACE</NetStandard21Constants>
-		<CommonDesktopClrConstants>TRACE;FEATURE_APPDOMAIN;FEATURE_ASSEMBLYBUILDER_SAVE;FEATURE_EVENTLOG;FEATURE_REMOTING;FEATURE_SECURITY_PERMISSIONS;FEATURE_SERIALIZATION;FEATURE_SYSTEM_CONFIGURATION;FEATURE_TEST_COM</CommonDesktopClrConstants>
+		<CommonDesktopClrConstants>TRACE;FEATURE_APPDOMAIN;FEATURE_ASSEMBLYBUILDER_SAVE;FEATURE_EVENTLOG;FEATURE_REMOTING;FEATURE_SERIALIZATION;FEATURE_SYSTEM_CONFIGURATION;FEATURE_TEST_COM;FEATURE_TEST_WINFORMS</CommonDesktopClrConstants>
 		<DesktopClrConstants Condition="'$(OS)'=='Unix'">$(CommonDesktopClrConstants)</DesktopClrConstants>
 		<DesktopClrConstants Condition="'$(OS)'=='Windows_NT'">$(CommonDesktopClrConstants);FEATURE_TEST_PEVERIFY</DesktopClrConstants>
 	</PropertyGroup>

ref/Castle.Core-net45.cs

@@ -2,7 +2,6 @@
 [assembly: System.Runtime.CompilerServices.InternalsVisibleToAttribute(@"Castle.Core.Tests, PublicKey=002400000480000094000000060200000024000052534131000400000100010077f5e87030dadccce6902c6adab7a987bd69cb5819991531f560785eacfc89b6fcddf6bb2a00743a7194e454c0273447fc6eec36474ba8e5a3823147d214298e4f9a631b1afee1a51ffeae4672d498f14b000e3d321453cdd8ac064de7e1cf4d222b7e81f54d4fd46725370d702a05b48738cc29d09228f1aa722ae1a9ca02fb")]
 [assembly: System.Runtime.InteropServices.ComVisibleAttribute(false)]
 [assembly: System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.5", FrameworkDisplayName=".NET Framework 4.5")]
-[assembly: System.Security.SecurityRulesAttribute(System.Security.SecurityRuleSet.Level2)]
 namespace Castle.Components.DictionaryAdapter
 {
     public abstract class AbstractDictionaryAdapter : System.Collections.ICollection, System.Collections.IDictionary, System.Collections.IEnumerable
@@ -1990,11 +1989,6 @@ public abstract class Lock
         public abstract Castle.Core.Internal.ILockHolder ForWriting();
         public abstract Castle.Core.Internal.ILockHolder ForWriting(bool waitForLock);
     }
-    public class static PermissionUtil
-    {
-        [System.Security.SecuritySafeCriticalAttribute()]
-        public static bool IsGranted(this System.Security.IPermission permission) { }
-    }
 }
 namespace Castle.Core.Logging
 {
@@ -2182,7 +2176,6 @@ public abstract class LevelFilteredLogger : System.MarshalByRefObject, Castle.Co
         public void InfoFormat(System.Exception exception, string format, params object[] args) { }
         public void InfoFormat(System.IFormatProvider formatProvider, string format, params object[] args) { }
         public void InfoFormat(System.Exception exception, System.IFormatProvider formatProvider, string format, params object[] args) { }
-        [System.Security.SecurityCriticalAttribute()]
         public override object InitializeLifetimeService() { }
         protected abstract void Log(Castle.Core.Logging.LoggerLevel loggerLevel, string loggerName, string message, System.Exception exception);
         public void Trace(string message) { }
@@ -2300,21 +2293,16 @@ public class StreamLoggerFactory : Castle.Core.Logging.AbstractLoggerFactory
     }
     public class TraceLogger : Castle.Core.Logging.LevelFilteredLogger
     {
-        [System.Security.SecuritySafeCriticalAttribute()]
         public TraceLogger(string name) { }
-        [System.Security.SecuritySafeCriticalAttribute()]
         public TraceLogger(string name, Castle.Core.Logging.LoggerLevel level) { }
-        [System.Security.SecuritySafeCriticalAttribute()]
         public override Castle.Core.Logging.ILogger CreateChildLogger(string loggerName) { }
         protected override void Log(Castle.Core.Logging.LoggerLevel loggerLevel, string loggerName, string message, System.Exception exception) { }
     }
     public class TraceLoggerFactory : Castle.Core.Logging.AbstractLoggerFactory
     {
         public TraceLoggerFactory() { }
         public TraceLoggerFactory(Castle.Core.Logging.LoggerLevel level) { }
-        [System.Security.SecuritySafeCriticalAttribute()]
         public override Castle.Core.Logging.ILogger Create(string name) { }
-        [System.Security.SecuritySafeCriticalAttribute()]
         public override Castle.Core.Logging.ILogger Create(string name, Castle.Core.Logging.LoggerLevel level) { }
     }
 }
@@ -2468,13 +2456,9 @@ public class DefaultSmtpSender : Castle.Core.Smtp.IEmailSender
         public int Timeout { get; set; }
         public bool UseSsl { get; set; }
         public string UserName { get; set; }
-        [System.Security.SecurityCriticalAttribute()]
         protected virtual void Configure(System.Net.Mail.SmtpClient smtpClient) { }
-        [System.Security.SecuritySafeCriticalAttribute()]
         public void Send(string from, string to, string subject, string messageText) { }
-        [System.Security.SecuritySafeCriticalAttribute()]
         public void Send(System.Net.Mail.MailMessage message) { }
-        [System.Security.SecuritySafeCriticalAttribute()]
         public void Send(System.Collections.Generic.IEnumerable<System.Net.Mail.MailMessage> messages) { }
     }
     public interface IEmailSender
@@ -2734,7 +2718,6 @@ public class ProxyGenerationOptions : System.Runtime.Serialization.ISerializable
         public void AddMixinInstance(object instance) { }
         public override bool Equals(object obj) { }
         public override int GetHashCode() { }
-        [System.Security.SecurityCriticalAttribute()]
         public void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) { }
         public void Initialize() { }
         public object[] MixinsAsArray() { }
@@ -2794,7 +2777,6 @@ public TInterface CreateInterfaceProxyWithTargetInterface<TInterface>(TInterface
             where TInterface :  class { }
         public object CreateInterfaceProxyWithTargetInterface(System.Type interfaceToProxy, System.Type[] additionalInterfacesToProxy, object target, params Castle.DynamicProxy.IInterceptor[] interceptors) { }
         public object CreateInterfaceProxyWithTargetInterface(System.Type interfaceToProxy, object target, Castle.DynamicProxy.ProxyGenerationOptions options, params Castle.DynamicProxy.IInterceptor[] interceptors) { }
-        [System.Security.SecuritySafeCriticalAttribute()]
         public virtual object CreateInterfaceProxyWithTargetInterface(System.Type interfaceToProxy, System.Type[] additionalInterfacesToProxy, object target, Castle.DynamicProxy.ProxyGenerationOptions options, params Castle.DynamicProxy.IInterceptor[] interceptors) { }
         public TInterface CreateInterfaceProxyWithoutTarget<TInterface>(Castle.DynamicProxy.IInterceptor interceptor)
             where TInterface :  class { }
@@ -3444,7 +3426,6 @@ public sealed class StindOpCodesDictionary : System.Collections.Generic.Dictiona
     }
     public class static StrongNameUtil
     {
-        public static bool CanStrongNameAssembly { get; set; }
         public static bool IsAnyTypeFromUnsignedAssembly(System.Collections.Generic.IEnumerable<System.Type> types) { }
         public static bool IsAnyTypeFromUnsignedAssembly(System.Type baseType, System.Collections.Generic.IEnumerable<System.Type> interfaces) { }
         public static bool IsAssemblySigned(this System.Reflection.Assembly assembly) { }
@@ -3823,21 +3804,14 @@ public class CacheMappingsAttribute : System.Attribute
     }
     public class ProxyObjectReference : System.Runtime.Serialization.IDeserializationCallback, System.Runtime.Serialization.IObjectReference, System.Runtime.Serialization.ISerializable
     {
-        [System.Security.SecurityCriticalAttribute()]
         protected ProxyObjectReference(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) { }
         public static Castle.DynamicProxy.ModuleScope ModuleScope { get; }
-        [System.Security.SecurityCriticalAttribute()]
         public void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) { }
-        [System.Security.SecurityCriticalAttribute()]
         public object GetRealObject(System.Runtime.Serialization.StreamingContext context) { }
         protected void InvokeCallback(object target) { }
-        [System.Security.SecuritySafeCriticalAttribute()]
         public void OnDeserialization(object sender) { }
-        [System.Security.SecurityCriticalAttribute()]
         public object RecreateClassProxy() { }
-        [System.Security.SecurityCriticalAttribute()]
         public object RecreateInterfaceProxy(string generatorType) { }
-        [System.Security.SecurityCriticalAttribute()]
         protected virtual object RecreateProxy() { }
         public static void ResetScope() { }
         public static void SetScope(Castle.DynamicProxy.ModuleScope scope) { }

ref/Castle.Core-netstandard2.0.cs

@@ -3367,7 +3367,6 @@ public sealed class StindOpCodesDictionary : System.Collections.Generic.Dictiona
     }
     public class static StrongNameUtil
     {
-        public static bool CanStrongNameAssembly { get; set; }
         public static bool IsAnyTypeFromUnsignedAssembly(System.Collections.Generic.IEnumerable<System.Type> types) { }
         public static bool IsAnyTypeFromUnsignedAssembly(System.Type baseType, System.Collections.Generic.IEnumerable<System.Type> interfaces) { }
         public static bool IsAssemblySigned(this System.Reflection.Assembly assembly) { }

ref/Castle.Core-netstandard2.1.cs

@@ -3367,7 +3367,6 @@ public sealed class StindOpCodesDictionary : System.Collections.Generic.Dictiona
     }
     public class static StrongNameUtil
     {
-        public static bool CanStrongNameAssembly { get; set; }
         public static bool IsAnyTypeFromUnsignedAssembly(System.Collections.Generic.IEnumerable<System.Type> types) { }
         public static bool IsAnyTypeFromUnsignedAssembly(System.Type baseType, System.Collections.Generic.IEnumerable<System.Type> interfaces) { }
         public static bool IsAssemblySigned(this System.Reflection.Assembly assembly) { }

ref/Castle.Services.Logging.NLogIntegration-net45.cs

@@ -1,7 +1,6 @@
 [assembly: System.CLSCompliantAttribute(true)]
 [assembly: System.Runtime.InteropServices.ComVisibleAttribute(false)]
 [assembly: System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.5", FrameworkDisplayName=".NET Framework 4.5")]
-[assembly: System.Security.SecurityRulesAttribute(System.Security.SecurityRuleSet.Level2)]
 namespace Castle.Services.Logging.NLogIntegration
 {
     public class ExtendedNLogFactory : Castle.Core.Logging.AbstractExtendedLoggerFactory

ref/Castle.Services.Logging.log4netIntegration-net45.cs

@@ -1,7 +1,6 @@
 [assembly: System.CLSCompliantAttribute(true)]
 [assembly: System.Runtime.InteropServices.ComVisibleAttribute(false)]
 [assembly: System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.5", FrameworkDisplayName=".NET Framework 4.5")]
-[assembly: System.Security.SecurityRulesAttribute(System.Security.SecurityRuleSet.Level2)]
 namespace Castle.Services.Logging.Log4netIntegration
 {
     public class ExtendedLog4netFactory : Castle.Core.Logging.AbstractExtendedLoggerFactory

src/Castle.Core.Tests/Castle.Core.Tests.csproj

@@ -47,6 +47,9 @@
 		<ProjectReference Include="..\Castle.Services.Logging.NLogIntegration\Castle.Services.Logging.NLogIntegration.csproj" />
 		<ProjectReference Include="..\Castle.Services.Logging.SerilogIntegration\Castle.Services.Logging.SerilogIntegration.csproj" />
 	</ItemGroup>
+	<ItemGroup Condition="'$(TargetFramework)'=='netcoreapp2.1'OR'$(TargetFramework)'=='netcoreapp3.1'">
+		<PackageReference Include="System.Security.Permissions" Version="4.7.0" />
+	</ItemGroup>
 	<ItemGroup Condition="'$(TargetFramework)'=='netcoreapp3.1'">
 		<PackageReference Include="System.Net.Primitives" Version="4.3.0" />
 	</ItemGroup>

src/Castle.Core.Tests/DynamicProxy.Tests/AttributesToAvoidReplicatingTestCase.cs

@@ -17,12 +17,9 @@ namespace Castle.DynamicProxy.Tests
 	using System;
 	using System.Linq;
 	using System.Reflection;
-
-	using Castle.DynamicProxy.Generators;
-#if FEATURE_SECURITY_PERMISSIONS
 	using System.Security.Permissions;
-#endif
 
+	using Castle.DynamicProxy.Generators;
 	using Castle.DynamicProxy.Tests.Classes;
 
 	using NUnit.Framework;
@@ -70,7 +67,6 @@ public class AttributedClass_Inheritable
 		{
 		}
 
-#if FEATURE_SECURITY_PERMISSIONS
 		[Test]
 		public void SecurityPermissionAttribute_should_not_be_replicated_as_it_is_part_of_cas()
 		{
@@ -94,7 +90,6 @@ public void ReflectionPermissionAttribute_should_not_be_replicated_as_it_is_part
 		public class AttributedClass_ReflectionPermission
 		{
 		}
-#endif
 
 		private int AttributeCount<TAttribute>(object proxy)
 			where TAttribute : Attribute

src/Castle.Core.Tests/DynamicProxy.Tests/WinFormsTestCase.cs

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-#if FEATURE_SECURITY_PERMISSIONS
+#if FEATURE_TEST_WINFORMS
 
 namespace Castle.DynamicProxy.Tests
 {

src/Castle.Core/Core/Logging/LevelFilteredLogger.cs

@@ -16,9 +16,6 @@ namespace Castle.Core.Logging
 {
 	using System;
 	using System.Globalization;
-#if FEATURE_SECURITY_PERMISSIONS
-	using System.Security;
-#endif
 
 	/// <summary>
 	/// The Level Filtered Logger class.  This is a base class which
@@ -63,9 +60,6 @@ protected LevelFilteredLogger(String loggerName, LoggerLevel loggerLevel) : this
 		/// <summary>
 		/// Keep the instance alive in a remoting scenario
 		/// </summary>
-#if FEATURE_SECURITY_PERMISSIONS
-		[SecurityCritical]
-#endif
 		public override object InitializeLifetimeService()
 		{
 			return null;