公钥和公钥之间的区别是什么？ [英] What is the difference between PublicKeyToken and public key?

问题描述

每个签署.NET同时具有公共密钥令牌（8字节）和一个公共密钥（128字节）。 是什么2之间的差异，以及为什么我们需要两个公开钥匙？

Each signed .NET has both a public key token (8 byte) and a public key (128 bytes). What is the difference between the 2, and why do we need two public "keys"?

推荐答案

公钥标记只是在散列公钥。这里信息。

Public Key token is just the hash of the public key. Here for info.

我们为什么需要公钥？

由于组件可以签名和签名的程序集包含公共密钥。当加载DLL .NET将使用的公钥来验证签名的程序集。签名可以使用私钥来仅产生而公共密钥本身可以用于验证签名。

Since assembly can be signed and signed assemblies will contain the public key. When loading DLL .NET will use the public key to validate the assembly against the signature. Signature can be only generated using the private key while public key itself can be used for validating the signature.

此过程可确保组件不被篡改。

This process makes sure assembly is not tampered with.

从CLR通过C＃：

程序集签名用私钥   确保的持有者   相应的公共密钥产生的   部件。当装配   安装到GAC，系统   散列文件的内容   包含清单，并比较   的散列值与RSA数字   嵌入在PE​​中签名值   文件（后unsigning它与   公钥）。如果值   同样的，该文件的内容还没有   被篡改了，你知道，   你的公钥   对应于出版商的私有   键。此外，该系统散列   大会的其他内容   文件，并比较这两个散列值   与存储在散列值   manifest文件的FileDef表。如果有任何   哈希值不匹配，在   大会的文件中至少有一个具有   被篡改，并装配   将无法安装到GAC。

Signing an assembly with a private key ensures that the holder of the corresponding public key produced the assembly. When the assembly is installed into the GAC, the system hashes the contents of the file containing the manifest and compares the hash value with the RSA digital signature value embedded within the PE file (after unsigning it with the public key). If the values are identical, the file's contents haven't been tampered with, and you know that you have the public key that corresponds to the publisher's private key. In addition, the system hashes the contents of the assembly's other files and compares the hash values with the hash values stored in the manifest file's FileDef table. If any of the hash values don't match, at least one of the assembly's files has been tampered with, and the assembly will fail to install into the GAC.

为什么公钥的标记的需要？由于公钥是太大了（从CLR签证C＃再次）一起工作，以便：

---

UPDATE 2

Why public key token needed? Since public key is too big to work with so (Again from CLR visa C#):

公钥的大小使得它们   难以处理。为了让事情   更容易为显影剂（以及端   用户也行），公钥令牌是   创建。公钥标记是一个   64位散列公共密钥。   SN.EXE的-tp开关显示，公众   对应于该密钥令牌   在年底完成公共密钥的   输出。   因为公共密钥是如此大   数字和一个大会可以   引用许多程序集，一大   生成的文件的百分比   总规模将与被占用   公钥信息。为了节省   存储空间，微软散列   公开密钥和开出最后8个字节   的散列值。这些减少   公共密钥值，称为公钥   令牌，是什么实际存储在   一个AssemblyRef表。一般来说，   开发人员和最终用户将看到   更公钥标记值   常常较完整的公钥   值。但是要注意的是，CLR   从不使用公共密钥令牌时，   使安全或信任决定   因为它是可能的几个   公钥可以散列到单个   公钥标记。

The size of public keys makes them difficult to work with. To make things easier for the developer (and for end users too), public key tokens were created. A public key token is a 64-bit hash of the public key. SN.exe's -tp switch shows the public key token that corresponds to the complete public key at the end of its output. Because public keys are such large numbers, and a single assembly might reference many assemblies, a large percentage of the resulting file's total size would be occupied with public key information. To conserve storage space, Microsoft hashes the public key and takes the last 8 bytes of the hashed value. These reduced public key values—known as public key tokens—are what are actually stored in an AssemblyRef table. In general, developers and end users will see public key token values much more frequently than full public key values. Note, however, that the CLR never uses public key tokens when making security or trust decisions because it is possible that several public keys could hash to a single public key token.

这篇关于公钥和公钥之间的区别是什么？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！