|
|
You're in the
dotnet security
group:Strong names - are these cryptographic??
dotnet security:
XP". As you know, this involves getting a VeriSign ID. While enrolling for this, one question asked for the "Cryptographic Service Provider", giving a drop down containing smart-card providers like Inifineon, and also the three Microsoft offerings (Base/Enhanced/Strong). Do we need any of these? Can we just create a strong-named assembly, and if so, how do we incorporate the VeriSign ID into it? -- Cheers, Sholto Douglas CyTrack Telecommunications
Hi Sholto
1. You can allways create a stong name assembly without a VeriSignID. use Sn.exe http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cpgrfStrongNameUtilitySNexe.asp 2. You can sign an with a VeriSignID assembly by using the SignCode.exe http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cpgrfFileSigningToolSigncodeexe.asp Michael Willers posted this yesterday: .... strong name garanties referal integrity by providing a unique name. That's why versioning works with a strong name only. In addition it garanties code integrity. It uses public key encryption to create a digital signature that contains a hash of the assembly. At load time the CLR creates a hash again and "extracts" the hash embedded in the signature by using the public key. It then compares both hashes and if they are not equal the assembly has been tampered with. In this case the CLR will not load it and as a result no code gets executed. So in order to modify the assembly you need to have the private key. This is how a strong name provides code integrity. But where did the assembly come from? There is no proven identity. And this is where certificates come into play. They bind a public key to an identity. So the decision is up to you: If you know the issuer of the assembly personally and trust him there is no need for a certificate. If not, then certificates are the way to go.... For more visit his blog http://staff.newtelligence.net/michaelw/ -- Daniel Fisher(lennybacon) MCP C# ASP.NET Blog: http://www.lennybacon.com/
Hi Daniel,
Thanks for answering. In your response #2, do you mean I can create a strong-name assembly first and then sign it with SignCode? I was slightly confused by this because a strong-name assembly already contains a public key. If I sign it with a VeriSign ID, will this add yet another public key, or does it replace the existing one? Does it matter? Cheers, Sholto [quoted text, click to view] "Daniel Fisher(lennybacon)" wrote:
> Hi Sholto > > 1. You can allways create a stong name assembly without a VeriSignID. > use Sn.exe > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cpgrfStrongNameUtilitySNexe.asp > > 2. You can sign an with a VeriSignID assembly by using the SignCode.exe > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cpgrfFileSigningToolSigncodeexe.asp > > Michael Willers posted this yesterday: > > .... strong name garanties referal integrity by providing a unique name. > That's > why versioning works with a strong name only. In addition it garanties code > integrity. It uses public key encryption to create a digital signature that > contains a hash of the assembly. At load time the CLR creates a hash again > and "extracts" the hash embedded in the signature by using the public key. > It then compares both hashes and if they are not equal the assembly has been > tampered with. In this case the CLR will not load it and as a result no code > gets executed. So in order to modify the assembly you need to have the > private key. > This is how a strong name provides code integrity. But where did the > assembly come from? There is no proven identity. And this is where > certificates come into play. They bind a public key to an identity. > So the decision is up to you: If you know the issuer of the assembly > personally and trust him there is no need for a certificate. If not, then > certificates are the way to go.... > > For more visit his blog http://staff.newtelligence.net/michaelw/ > > > -- > Daniel Fisher(lennybacon) > MCP C# ASP.NET > Blog: http://www.lennybacon.com/ > >
SignCode will apply another layer of digital signature, called
an "Authenticode" signature to the managed .NET assembly. This signature layer involves certificate issuer trust verification (whereas Strong Name signature does not make explicit use of any certificate issuer trust hierarchy). An Authenticode signature is identical to the one applied to native PE files (e.g. for many trusted Microsoft software updated to .exe, .cab etc.. files) Generally, the public key used with an Authenticode signature is one encapsulated by a commercially issued code-signing certificate (e.g. VeriSign, Thawte etc..) - Mitch Gallant MVP Security [quoted text, click to view] "Sholto Douglas" <SholtoDouglas@discussions.microsoft.com> wrote in message news:B5493519-C884-4FDF-AC63-E0E3810C9A14@microsoft.com... > Hi Daniel, > Thanks for answering. > In your response #2, do you mean I can create a strong-name assembly first > and then sign it with SignCode? I was slightly confused by this because a > strong-name assembly already contains a public key. If I sign it with a > VeriSign ID, will this add yet another public key, or does it replace the > existing one? Does it matter? > > Cheers, > Sholto > > "Daniel Fisher(lennybacon)" wrote: > > > Hi Sholto > > > > 1. You can allways create a stong name assembly without a VeriSignID. > > use Sn.exe > > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cpgrfStrongNameUtilitySNexe.asp > > > > 2. You can sign an with a VeriSignID assembly by using the SignCode.exe > > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cptools/html/cpgrfFileSigningToolSigncodeexe.asp > > > > Michael Willers posted this yesterday: > > > > .... strong name garanties referal integrity by providing a unique name. > > That's > > why versioning works with a strong name only. In addition it garanties code > > integrity. It uses public key encryption to create a digital signature that > > contains a hash of the assembly. At load time the CLR creates a hash again > > and "extracts" the hash embedded in the signature by using the public key. > > It then compares both hashes and if they are not equal the assembly has been > > tampered with. In this case the CLR will not load it and as a result no code > > gets executed. So in order to modify the assembly you need to have the > > private key. > > This is how a strong name provides code integrity. But where did the > > assembly come from? There is no proven identity. And this is where > > certificates come into play. They bind a public key to an identity. > > So the decision is up to you: If you know the issuer of the assembly > > personally and trust him there is no need for a certificate. If not, then > > certificates are the way to go.... > > > > For more visit his blog http://staff.newtelligence.net/michaelw/ > > > > > > -- > > Daniel Fisher(lennybacon) > > MCP C# ASP.NET > > Blog: http://www.lennybacon.com/ > > > > > >
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
| home · blog · groups | Questions? Comments? Contact the dn |