2

I'm adding my own custom loader to AssemblyResolve to load some embedded resources in a .net library;

AppDomain.CurrentDomain.AssemblyResolve += (sender, e) => { return Domain.Assemblies.LoadResource(e.Name, System.Reflection.Assembly.GetExecutingAssembly()); };

        public static System.Reflection.Assembly LoadResource(string fileName, System.Reflection.Assembly assembly)
        {
            fileName = assembly.GetName().Name + "." + fileName.Split(',')[0] + ".dll";
            var resFilestream = assembly.GetManifestResourceStream(fileName);
            byte[] ba = new byte[resFilestream.Length];
            resFilestream.Read(ba, 0, ba.Length);
            var byteArray = ba;
            resFilestream.Close();
            resFilestream.Dispose();
            return System.Reflection.Assembly.Load(byteArray);
        }

This works fine in many different environments(Winforms, Azure apps/webjobs/functions), but when I try to execute this code within an asp.net(4.7.2) MVC site, it breaks the anti-forgery? The issue seems to be related a DLL not being loaded correctly, and causes three seperate errors

TypeInitializationException: The type initializer for 'System.Web.Helpers.Claims.ClaimsIdentityConverter' threw an exception.

FileLoadException: Could not load file or assembly 'Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Invalid pointer (Exception from HRESULT: 0x80004003 (E_POINTER))

NullReferenceException: Object reference not set to an instance of an object.

If I remove the object initialising the class within the assembly loading dll, the site works with no error. If I put it back in it breaks. I also tried moving the code from the global.asax to in-line c#, but as soon as you run it, the next load of a page with a forgery token will error in the same way.

UPDATE Having run Fusion++ to check the DLL loading, I can see that the DLL that is erroring actually has the exact same load failure in both situations(A fairly generic "Could not find assembly"). But only when I load my DLL does it present itself as an exception.

Tony Cheetham
  • 877
  • 7
  • 18
  • Tony, please, let me see if I understand: Do you change Dot Net Core code to .NET Framework? Or you use only .NET Framework (with greatter version) and downgrades your code? – Antonio Leonardo Jul 19 '22 at 15:44
  • You can debug the assembly loading failure by using the Fusion log. Per Scott's [Back to Basics: Using Fusion Log Viewer to Debug Obscure Loader Errors](https://www.hanselman.com/blog/back-to-basics-using-fusion-log-viewer-to-debug-obscure-loader-errors) there is a more modern tool you can use: https://github.com/awaescher/Fusion?WT.mc_id=-blog-scottha – victor6510 Jul 20 '22 at 04:07
  • @AntonioLeonardo No, it is just .net framework, no downgrading happening, I just wanted to illustrate that the code runs OK in every other situation. – Tony Cheetham Jul 21 '22 at 11:28
  • @victor6510 When I run fusion I can see the identitymodel load event fails in both instances, but it only causes a noticeable exception when I load our Logging DLL first. – Tony Cheetham Jul 21 '22 at 11:36

1 Answers1

1

The problem is not with your code, but this dependecy Microsoft.IdentityModel: to exist this dependency and possibilty to consume into Windows client environment, probally the dll and dependecies needs to be installed at GAC (Global Assembly Cache); if Microsoft.IdentityModel not exists into GAC Folder, the code returns the error.

It's possible to install the Windows Identity Foundation 3.5 with Visual Studio or from Windows Features install the Windows Identity Foundation 3.5.

Antonio Leonardo
  • 1,805
  • 1
  • 8
  • 18
  • The issue is that if I don't load my DLL then the identitymodel does not error in this way. I don't want to just patch and ignore the issue, I need to work out why this is happening and fix it. – Tony Cheetham Jul 21 '22 at 12:35
  • My bounty is running out, and this is actually a solution to the problem, just not the one I wanted. Will mark as answered! – Tony Cheetham Jul 21 '22 at 12:46