.NET
If you use .NET as a development tool for a long time, you will definitely go back to "Strong Name" concept. This concept does not mean that your component naming mode must be similar to the way mycompany.gorilla.biceps. The strong sense of power is reflected in the protection of the components, .NET Framework uses a strong name to identify components and protection components from damage. In this article, I will show how to build a strong name and use a strong name in .NET.
1. Hash and signature
In order to understand the working principle of the strong name, you must first understand two concepts in cryptography: havehing and digital signatures (Digital Signatures). Hash is used to create a unique compressed value for the plaintext information. The "information" here is a very broad concept. For components, the information is it itself. As shown in FIG. 1, the information is processed as a hash as a hash algorithm, and the SHA1 algorithm is adopted for a strong name.
Figure 1 Calculate the hash
The hash is irreversible, once calculated, it is impossible to decrypt. However, hash is very useful in comparison values. If the two components generate the same hash value, you can think that both components are the same. In contrast, through the value calculated by the hash and the previous calculated value, some places in the component are modified.
Therefore, you can know if you can be known by the quota value, and the component is modified or destroyed. However, how do you prevent others from modifying your components through a column value? Here is the "digital signature" I want to say.
Although the specific mathematics principles of digital signatures are complicated, the concept is simple. A digital signature relies on two related numbers: public key and private key. As shown in Figure 2, when the data is encrypted by the public, it can only decrypt through the private key, and vice versa.
Figure 2 Using the key to
2. Strong name for components
In the .NET CPT, you can protect your components from destruction using hashes and digital signatures. The principle is shown in Figure 3, first generating a hash value from the component, then this hash value is encrypted through your private key, and then this hash value and the public key are prevented from in the component.
Figure 3 Adding a strong name in the component
When running, the public language runtime (CLR) is verified by comparing the hash value validation component. First public key is used to decrypt the hash, and a new hash is calculated from the current components. If it and the original value, it passes verification, as shown in Figure 4.
Figure 4 Check the colony in the component
So what happens if a component will happen after the signature? Obviously, the hash value calculated from the components at runtime will not dissemble with a hash value encrypted in the component by private key encryption, so that the component will be refused to load the component.
Note that the name is just guaranteed the integrity of the component, not its security, there is no way to prevent someone from creating a malicious component and sign it by a strong name. You can verify that a component is destroyed after signing. Based on your choice for information. All this will make you decide whether to believe in components and code information from a place.
3. Strong named information
In addition to the hash from the contents of the component, a strong name also contains three information.
l Component simple text name
l Component version number
l Component language culture code
All of this information will provide a unique identifier for each component. With this information, the public language can determine if a component is called by another component by reference. When you reference another component from one component, the component will store the public key of the called component. When running, the public language is running to determine whether the component comes from the correct supplier. In addition, other information in the homogeneous name is used to determine if the components meet the requirements of the reference binding policy. 4. Use a strong nameful skill
.NET FRAMWORK SDK and VISUAL Studio.net provide a lot of tools for specifying a strong name, which is meaningful because create more components through Visual Studio.net. Before you sign, you must create a pair of keys (public key and private key), usually in the files placed in the file ended in .snk. It can be implemented by a strong name tool sn.exe.
Sn -k mykeyfile.snk
If you use the command line compiler (VBC.exe or CSC.exe, you can specify the key to the component connector Al.exe, specify the key. As shown in the command line below, you can use the key in myKeyFile.snk as a MyFile.dll signature.
Al /out:myfile.dll myfile.netModule /keyfile: mykeyfile.snk
If you use Visual Studio .NET, you can still produce your key pair by means of a command line. After you have a key to you, you can include it to the component by setting the [AssemblyKeyFile] property of the component information file (askSEMBLYINFO.VB or SEMBLYINFO.CS). For example, C # projects, you can generate a signature component through this property.
[assmbly: assemblykeykeyfile ("..//// mykeyfile.snk")]
From the compiled components to key files, the file name in the [AssemblyKeyFile] property must contain a complete relative path.
5. Encryption by delay signature
Protecting your private key is very important. If a malicious person gets your key, he generated the component will be like the components you have signed. Therefore, you should set your key to the highly confidential state, and there may be only a few people in the company. Since this, how do you sign your component? If you only know the key alone, it will be cumbersome, because you have to sign each component developer in the company.
Fortunately, .NET provides a good way to this problem: delay signature. By delaying the signature, you can create and test components when you only know the public key. The private key is included in the component only when the component is actually distributed to the user. Below is some tips for using the delayed signature process summary:
1. Extract public keys from the public / private key key. In order to extract public keys, it is to store public / private key pairs, you can use a strong sense tool, command line as follows:
sn.exe -p mykeyfile.snk mypublicKeyFile.snk
2. Distribute the file containing the public key to all the developers of the company, while the file containing the public / private key pair is securely stored.
3. The file containing the public key in the component information file and indicates the latency signature.
[assmbly: assemblydelaysign (true)]
[assembly: assemblykeyKeyfile ("..//// mypublicKeyfile.snk")]
If you use the component connection tool, not the Visual Studio .NET, you can use the / delaySign command line to indicate the latency signature.
4. If you save the component in the Global Assembly Cache (GAC), you should turn off the verification of the component because the GAC defaults to verify the name of each component. This verification will fail if the component does not use a private key to sign. Therefore, for the purpose of development and testing, you can enter the following names:
sn.exe -vr myfile.dll
5. This way, you can use the components when developing and tested.
6. When deploying a latency signature, you must sign it through private key.
sn.exe -r myfile.dll mykeyfile.snk
7. Finally, you must notify the GAC to re-open the verification of the component. Name the line as follows:
sn.exe -vu myfile.dll
6. Trustworthy computing
You must have heard that Microsoft's "trusted calculations" measures have included many security measures for Microsoft products. Microsoft is slow and inevitably developing in a direction, that is, they will make all the software products are default security. If you know what you are doing, you can reduce the security level of software (such as Windows Server 2003). Although the security level is reduced, it is too likely to attack the emergency attack.
When you give you a strong name, you are doing "trustful calculations". By disseminating your components, the components are unlikely to become a carrier of Trojans and other attacks. The tools provided by .NET Framework and Visual Studio .NET ensure the integrity of your distribution component. So I strongly recommend that you use these tools to make the world get more secure through these tools.