Best IT Recipes

Signing .NET assemblies

What makes a digital signature for strong name assemblies. I read that a strongly named assembly has a public key and a digital signature.

From the Wikipedia article “Assembly (CLI)” :

“Signing an assembly involves obtaining a hash of important parts of the assembly, and then encrypting the hash with the private key. The signed hash is stored in the assembly along with the public key. The public key decrypts the signed hash. When the CLR loads the strongly named assembly, it generates a hash from the assembly and then compares this with the decrypted hash. If the comparison succeeds, it means that the public key in the file (and therefore the public key token) is associated with the private key used to sign the assembly. This will mean that open th key in the assembly is the public key of the assembly publisher, and therefore spoofing attack is interrupted. "

Exact information above? It does not have a digital signature link. I could not find an MSDN page explaining how assemblies are signed, how signatures are verified, and how hacking is eliminated. I would like to know more about this.

+23
c #
Aug 26 '09 at 13:18
source share
5 answers
>> assemblies, so you can apply strong> security policies to determine what permissions are granted to the assembly .

They differ not in their technical details, but in the problems that they must solve.

The purpose of a strong name is solely to ensure that when you load an assembly by name, you load the exact assembly that you think you are loading . This is only for the intended purpose of a strong name. You say, "I want to download Frobber, version 4, which appeared in FooCorp." A strong naming convention ensures that you are actually loading this particular DLL, and not another assembly called Frobber, version 4, which comes from Dr. Evil Enterprises.

To achieve this, all that is required is that you know the public key token associated with the FooCorp private key. How do you know that a public key token is your business. There is no infrastructure to help you get this information safely. You just have to know what it is.

The purpose of a digital signature from a publisher’s certificate is to establish a verifiable chain of identification and trust . The chain of trust runs from a piece of code of unknown or uncertain origin to the "trusted root" - the object that you configured your operating system to trust. You are downloading some code, and the code is digitally signed with a certificate from FooCorp. You check the certificate, and it says: "This program comes from FooCorp. VeriSign has assigned the accuracy of this certificate." Since VeriSign is one of your trusted roots, you now have the confidence that this code has really appeared in FooCorp.

Notice how much more difficult the problem is solved by digital signatures. We are not trying to simply determine if this code is code associated with this name or not? Instead, we are trying to determine where this code came from, and who scolds the existence of the company supposedly responsible, and should we trust this company?

The distinction between strong names and digital signatures emphasizes that it is difficult to use for crypto protection. The tough problem is not cryptography; it's just math. A tough problem is the secure management of the distribution of key information and their binding to the correct objects. Strong names, because they are trying to solve a very small but important problem, do not have management problems. Or rather, they are imposing a key management problem on you, the user. Digital signatures aim to automate the secure distribution of key information through certificates to solve much more complex issues of trust and identification.

It is clear?

(Big question: it will be my blog on September 3rd)

+44
Aug 26 '09 at 16:45
source share
— -

As you can read in this previous related question , avoiding faking a strong named assembly is not as easy as you might expect.

+3
Aug 26 '09 at 13:29
source share

This Strong Naming vs Digital Signatures blog post explains this pretty well.

+2
Aug 26 '09 at 13:32
source share

A digital signature is essentially a bit that prevents counterfeiting. After the assembly is signed, any changes to it will invalidate the signature, and clr will know that it will not be downloaded.

Read the Wikipedia article. Digital signatures prevent the falsification of any digital document. Not just builds. This explains it better than ever.

+1
Aug 26 '09 at 13:24
source share

I found an interesting explanation here . Post here for the paper track. Hope this can help someone.

0
Aug 26 '09 at 21:03
source share


More articles:


All Articles