Strong name (1) Protecting code integrity with strong names

A strong name consists of an assembly's identity plus a public key and a digital signature. The identity of the assembly includes the simple text name, version number, and culture information, if provided. A strong name is generated by using the appropriate private key, through the assembly file (the file that contains the assembly manifest, and thus the name and hash of all the files that make up the assembly). Microsoft Visual Studio. NET and other development tools that are available in the. NET Framework SDK can assign strong names to an assembly. Assemblies with the same strong name should be the same.

You can ensure the global uniqueness of a name by issuing a strong-named assembly. Strong names meet the following requirements:

1 The strong name relies on a unique key pair to ensure name uniqueness. The assembly name is not the same as any other assembly name because the name of the assembly generated with one private key is not the same as the name of the assembly that was generated with the other private key.

2) Strong name protects the version lineage of the assembly. A strong name ensures that no one can generate subsequent versions of the Assembly. Users can be sure that the version of the assembly they are loading comes from the same publisher who created the version that the application was built with.

Strong names provide a reliable integrity check. After the. NET Framework security Check, you can be sure that the contents of the assembly have not been changed since it was built. Note, however, that the strong name (or the strong name itself) does not imply a trust level, such as the trust provided by the digital signature and the support certificate. Protect code integrity with strong names although the strong name is. NET encryption domain, but also Microsoft's recommended application protection mechanism, but because the managed program can be disassembled into the IL code, change or remove the strong name is possible. The protection strength of strong names is thus greatly diminished.

When downloading an assembly from the Internet for local invocation, how do you ensure that the assembly is not maliciously tampered with by a third party? If two assemblies have the same name, size, and version number, does that mean that the two assembly files are the same?

The methods used to differentiate assemblies under the. NET platform are the same as WIN32, using names, but the names have strong or weak points. The weak name contains the version number, assembly name, and culture. A strong name adds a digital signature based on a weak name. There are three main functions of strong names:

Q distinguishes between different assemblies;

Q Ensure that the code has not been tampered with;

Q in. NET, only strong-name-signed assemblies can be placed in the global assembly cache.

Using a strong name to include an assembly first generate a key pair for asymmetric encryption, which will be used for signing and verifying the assembly. The process of signing and verifying is shown in Figure 9-7.

Figure 9-7 Signing (top) and verification (bottom) strong name process

As shown in Figure 9-7, when a strong name signature, the assembly (excluding the DOS head and the PE header) hash operation, get the hash value of the file, and then use the private key to the hash value encryption, get redaction. Saves the public key, the public key identity (the last 8 bytes of the ciphertext that was obtained after the public key is SHA-1 hashed), and the ciphertext three information in the assembly. When loading the assembly, first hash of the assembly to get a hash value (called "New Hash Value"), and then extract the public key from the assembly, decrypt the ciphertext to get the original hash value, if two hash values are the same, that is, through verification.

There are two ways to sign an assembly with normal signature and delay signature. Delay signing is used when the developer has access to the public key only, without access to the private key. You can then compile the assembly and reserve the signature space first. The Assembly at this point is not functioning correctly and debugging.

To create a strong name signature assembly in the SDK

Strong-name signing of assemblies, first ready keys. The 6th chapter of this book describes the use of the Strong Name tool (Sn.exe) provided in the Visual Studio SDK to generate a key pair. Generate a new key pair using the command shown in Figure 9-8 and save to the local file test.snk.

Figure 9-8 Generating the key file

Next, create a new console test project StrongName, the main code as shown in Listing 9-3.

Code listings 9-3 StrongName Project main code

Using System;
Using System.Collections.Generic;
Using System.Linq;
Using System.Text;
     
Using System.Reflection; Namespace StrongName {class Program {static void Main (string[] args) {string aa = "
    
";
            Assembly ass = assembly.getexecutingassembly (); Console.WriteLine (Ass.
            Fullname.tostring ()); byte[] Pkey = ass. GetName ().
            Getpublickey (); byte[] Pkeytoken = ass. GetName ().
            Getpublickeytoken ();
            String pkeystring = GetString (Pkey);
            String pkeytokenstring = GetString (Pkeytoken);
            Console.WriteLine ("Public key is: {0}", pkeystring);
            Console.WriteLine ("Public key identifier is {0}", pkeytokenstring);
        Console.read (); private static string GetString (byte[] bytes) {StringBuilder sb = new StringBuilder ()
            ; foreach (Byte b in bytes) {sb. Append (String.
            Format ("{0:x}", b)); Return SB. ToStRing (); }
    }
}