.NET程序集的签名 [英] Signing of .NET Assemblies

问题描述

什么是数字签名都与强命名程序集。我读了一个强命名程序集具有公共密钥和数字签名它。

What does digital signature have to do with strong named assemblies. I read that a strongly named assembly has public key and digital signature with it.

参考：

签约大会涉及服用大会的重要组成部分散，然后用加密私钥的哈希值。签名的哈希值存储在装配一起的公共密钥。公钥解密将已签名的哈希值。当CLR加载一个强命名组件就会产生从组装的散列，然后用解密的散列进行比较。如果比较成功，那么就意味着，在文件（并因此公钥令牌）的公共密钥与用于签署组件私钥相关联。这将意味着，在程序集的公钥是程序集的出版商的公开密钥，从而欺骗攻击受挫。

Signing the assembly involves taking a hash of important parts of the assembly and then encrypting the hash with the private key. The signed hash is stored in the assembly along with the public key. The public key will decrypt the signed hash. When the CLR loads a strongly named assembly it will generate a hash from the assembly and then compare this with the decrypted hash. If the comparison succeeds then it means that the public key in the file (and hence the public key token) is associated with the private key used to sign the assembly. This will mean that the public key in the assembly is the public key of the assembly publisher and hence a spoofing attack is thwarted.

是上面的信息是否准确？它不具有任何引用数字签名。我找不到一个MSDN页面解释如何组件签约，如何验证签名及如何黑客攻击的可能性被消除。想知道更多关于这些。

Is the above info accurate? It doesn't have any reference to digital signature. I couldn't find an MSDN page explaining how assemblies are signed, how signature is verified and how possibility of hacking is eliminated. Would like to know more on these.

推荐答案

这两种强命名和数字签名使用公钥加密提供的证据关于在起源的程序集，这样就可以使用安全策略以确定哪些权限被授予的组装

Both strong naming and digital signatures use public key cryptography to provide evidence about the origin of an assembly, so that you can apply security policy to determine what permissions are granted to the assembly.

它们的区别不是在它们的技术的细节，但在什么问题，因为它们的目的是解决

They differ not in their technical details, but in what problems they are intended to solve.

强名称的目的完全是为了确保当你通过名称加载程序集，要装载完全组装你以为你是装。这是一个强名称的仅按设计用途。你说：我想加载Frobber，4版本，来自FooCorp。强名称齿轮确保您实际加载precisely该DLL，而不是所谓的Frobber另一个程序集，第4版，即来自邪恶博士的企业。

The purpose of a strong name is solely to ensure that when you load an assembly by name, you are loading exactly the assembly you think you are loading. That is the only by-design purpose of a strong name. You say "I want to load Frobber, version 4, that came from FooCorp". The strong name gear ensures that you actually load precisely that DLL, and not another assembly called Frobber, version 4, that came from Dr. Evil Enterprises.

为了实现这一点，所需要的所有的是，你知道与FooCorp的私钥相关联的公钥标记。你怎么会知道，公钥标记完全是您的业务。有没有适当的基础架构，旨在帮助您安全地获取信息。你只是希望知道它是什么，不知何故。

In order to achieve this, all that is required is that you know the public key token associated with FooCorp's private key. How you come to know that public key token is entirely your business. There is no infrastructure in place designed to help you get that information safely. You're just expected to know what it is, somehow.

从发行者证书的数字签名的目的是为建立身份和信任的核查的链条。信任链去从$ C $不明或来源不明了c进行大块到受信任的根 - 这已配置操作系统信任的实体。您下载一些code和code具有数字签名与FooCorp证书。您检查证书，它说：这个计划源于FooCorp，此证书的精度是由VeriSign我担保。由于VeriSign是您值得信赖的根源之一，你现在有信心，这code实际上确实来自FooCorp。

The purpose of a digital signature from a publisher certificate is to establish a verifiable chain of identity and trust. The chain of trust goes from a hunk of code of unknown or uncertain origin up to a "trusted root" -- an entity which you have configured your operating system to trust. You download some code, and the code has a digital signature with a certificate from FooCorp. You examine the certificate and it says "this program comes from FooCorp. The accuracy of this certificate is vouched for by VeriSign." Since VeriSign is one of your trusted roots, you now have confidence that this code actually did come from FooCorp.

注意通过数字签名解决了这个问题有多么复杂得多的。我们不是简单地确定就是这个大块头的code这个名字，还是没有关联？相反，我们正在努力，以确定没有此code从哪里来，谁先天不足的公司涉嫌责任人的存在，我们应该相信那家公司？

Notice how much more complex the problem solved by digital signatures is. We're not trying to simply determine "is this hunk of code associated with this name, or not?" Instead we're trying to determine where did this code come from, and who vouches for the existence of the company allegedly responsible, and should we trust that company?

强名称与数字签名的区别强调的是好好的，密码的安全性。硬的问题不是密码;这只是数学。硬的问题是安全管理的有关密钥的信息分布，将它们与正确的实体相关联。强大的名字，因为他们试图解决一个很小但很重要的问题，没有密钥管理问题。或者说，他们强加于密钥管理问题，关你的用户。数字签名都是关于想要自动执行的密钥信息经由证书安全分发，为了解决信任和身份的更复杂的问题。

The difference between strong names and digital signatures emphasizes what is hard about crypto-based security. The hard problem isn't the cryptography; that's just math. The hard problem is safely managing distribution of information about the keys and associating them with the correct entities. Strong names, because they attempt to solve a very small but important problem, do not have key management issues. Or, rather, they foist the key management problem off to you, the user. Digital signatures are all about trying to automate safe distribution of key information via certificates, in order to solve much more complex problems of trust and identity.

清楚了吗？

（大问题;这将上去的<一个href="http://blogs.msdn.com/ericlippert/archive/2009/09/03/what-s-the-difference-part-five-certificate-signing-vs-strong-naming.aspx">my博客 9月3日。）

(Great question; this will go up on my blog on September 3rd.)

这篇关于.NET程序集的签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！