Imported Upstream version 4.6.0.125

Former-commit-id: a2155e9bd80020e49e72e86c44da02a8ac0e57a4

mcs/class/referencesource/System.Web/Util/EnableViewStateMacRegistryHelper.cs

@@ -0,0 +1,77 @@
+//------------------------------------------------------------------------------
+// <copyright file="EnableViewStateMacRegistryHelper.cs" company="Microsoft">
+//     Copyright (c) Microsoft Corporation.  All rights reserved.
+// </copyright>
+//------------------------------------------------------------------------------
+
+namespace System.Web.Util {
+    using Microsoft.Win32;
+    using System;
+    using System.Globalization;
+    using System.Security.Permissions;
+
+    // See DevDiv #461378 for a description of why we authored the EnableViewStateMac patch using this helper class.
+    internal static class EnableViewStateMacRegistryHelper {
+
+        // Returns 'true' if the EnableViewStateMac patch (DevDiv #461378) is enabled,
+        // meaning that we always enforce EnableViewStateMac=true. Returns 'false' if
+        // the patch hasn't been activated on this machine.
+        public static readonly bool EnforceViewStateMac;
+
+        // Returns 'true' if all MAC validation errors should be considered harmless
+        // and ----ed.
+        public static readonly bool SuppressMacValidationErrorsAlways;
+
+        // Returns 'true' if we should suppress MAC validation errors from cross-page
+        // postbacks.
+        public static readonly bool SuppressMacValidationErrorsFromCrossPagePostbacks;
+
+        // Returns 'true' if we should write out a __VIEWSTATEGENERATOR field alongside
+        // each __VIEWSTATE field.
+        public static readonly bool WriteViewStateGeneratorField;
+
+        static EnableViewStateMacRegistryHelper() {
+            // If the reg key is applied, change the default values.
+            bool regKeyIsActive = IsMacEnforcementEnabledViaRegistry();
+            if (regKeyIsActive) {
+                EnforceViewStateMac = true;
+                SuppressMacValidationErrorsFromCrossPagePostbacks = true;
+            }
+
+            // Override the defaults with what the developer specified.
+            if (AppSettings.AllowInsecureDeserialization.HasValue) {
+                EnforceViewStateMac = !AppSettings.AllowInsecureDeserialization.Value;
+
+                // Exception: MAC errors from cross-page postbacks should be suppressed
+                // if either the <appSettings> switch is set or the reg key is set.
+                SuppressMacValidationErrorsFromCrossPagePostbacks |= !AppSettings.AllowInsecureDeserialization.Value;
+            }
+
+            SuppressMacValidationErrorsAlways = AppSettings.AlwaysIgnoreViewStateValidationErrors;
+            if (SuppressMacValidationErrorsAlways) {
+                // Cross-page postbacks fall under the "always" umbrella
+                SuppressMacValidationErrorsFromCrossPagePostbacks = true;
+            }
+            else {
+                // Need to write the __VIEWSTATEGENERATOR field to differentiate between cross-page
+                // and same-page postback scenarios.
+                if (SuppressMacValidationErrorsFromCrossPagePostbacks) {
+                    WriteViewStateGeneratorField = true;
+                }
+            }
+        }
+
+        [RegistryPermission(SecurityAction.Assert, Unrestricted = true)]
+        private static bool IsMacEnforcementEnabledViaRegistry() {
+            try {
+                string keyName = String.Format(CultureInfo.InvariantCulture, @"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v{0}", Environment.Version.ToString(3));
+                int rawValue = (int)Registry.GetValue(keyName, "AspNetEnforceViewStateMac", defaultValue: 0 /* disabled by default */);
+                return (rawValue != 0);
+            }
+            catch {
+                // If we cannot read the registry for any reason, fail safe and assume enforcement is enabled.
+                return true;
+            }
+        }
+    }
+}