473,320 Members | 2,027 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Signing

Hello,

I'm new to .NET and have this thing I didn't understand from docs:

When signing my assembly with sn.exe, do I protect the assembly content
in any way? If someone alters the code inside, will the .NET framework
still load this assembly?

If yes, how to do to protect the contents as well? Is there some kind of
checksum I can add, or any protection?

Thanks,
Patric

Jul 21 '05 #1
5 1457
Whether or not the CLR will load the an assembly signed with a certain key depends entirely on the context from which the assembly is running
Try this: http://msdn.microsoft.com/library/de...essSecurity.as
There's a wealth of information there, and yes, there is checking you can do if need be

If you have any specific questions, feel free to drop me an e-mail

Travis Merke
v-******@microsoft.com
Jul 21 '05 #2
Travis,

Thanks for your fast answer.
What I understand is that signing won't secure the assembly by itself,
and that there's more to be done to do this.

What I am trying to achieve is to build an assembly that won't load if
altered from the original code. I'll read more from the link you
provided. If you have any more hints in this direction, I'll be very
grateful.

Thanks,
Patric

Travis Merkel wrote:
Whether or not the CLR will load the an assembly signed with a certain key depends entirely on the context from which the assembly is running.
Try this: http://msdn.microsoft.com/library/de...ssSecurity.asp
There's a wealth of information there, and yes, there is checking you can do if need be.


Jul 21 '05 #3
Hello,

Sorry I have not been clearer. I'm very new to .NET and confused a bit
about all the new terms and concepts.

What I am trying to do is to make sure the CLR checks the integrity of
the assembly. What I want to achieve is a having very difficult to crack
assembly (this is because assemblies are so easy to decompile, even when
obfuscated).

I am not sure what to do more besides signing to improve security in
this direction (prevent altering the assembly contents).

Thanks a lot for your answers,
Patric
Travis Merkel wrote:
just let me know what you're trying to do. And if you do have any more questions regarding CAS, feel free to ask.

Jul 21 '05 #4
I think this article may be closer to the info you're looking for: http://msdn.microsoft.com/library/de...strongnames.as

There's no real way to verify the integrity of the first executing exe. This could be accomplished by locking down the My Computer zone to Low Trust and adding policies for only those apps that need Full Trust, but this is not a feasible solution

If you build an exe that references a signed dll, the hash of the key is stored in the manifest for the exe. The CLR will then use this hash to make sure the dll being called by the exe is still good

The issue of the first executing assembly will be addressed in the next version of the framework. This will be accomplished by the My Computer zone being given a lower level of permissions by default. That way, the first executing assembly will have to request higher permissions, and thus signing it will determine whether or not it's granted them

I hope I've helped more than I've confused you. I'll be happy to try and clarify if you want

Travis Merke
v-******@microsoft.com
Jul 21 '05 #5
Travis,

Thanks a lot, the article clarified it quite well. I understood now that
the assmebly contents cannot be protected per se, and that in order to
achive this an additional operation has to be done on the computer where
the assembly is to be loaded (involving the customization of security
settings etc).

It makes sense. I was hoping for some magic :))) but it makes sense as
it is.

Thanks a lot for your help,
Patric
Travis Merkel wrote:
There's no real way to verify the integrity of the first executing exe.


Jul 21 '05 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: Joel Leong | last post by:
I wish to know the industrial practices for signing assemblies with key files. I genereted a key file to sign my assemblies. Should I sign all my assemblies with a single key files or I shall...
1
by: Martin | last post by:
I have a couple of questions around code signing with MS technology: 1. Is there a way to transfer the generated strong name signing private key directly to a smartcard (or generate it on the...
4
by: Todd Richardson | last post by:
Two questions. We would like to have users complete ASP.NET web forms for submission. Once these are completed I would like to generate an XML document from the form. The XML document should...
0
by: cl | last post by:
I am using the "VeriSign Class 3 Code Signing" certificate for signing my Access program in Office 2003. Up to now, when program was installed on client machine, a form was appearing and user...
3
by: bob | last post by:
Hello, I thought assembly signing might add protection against people reverse engineering my program, removing the protection and using it illegally. But it seems they can just stop the clr...
1
by: AVL | last post by:
Hi I need some clarification on signing. what does it mean--signing an assembly? where is ti used? How is it used?
0
by: Daniel | last post by:
Hi, I need help signing SOAP/XML. Have been stuck with this for a couple of days now. I get the following error message from the server: "The security token could not be authenticated or...
0
by: Raffi Basmajian | last post by:
I am trying to understand the difference between signing ClickOnce manifests and signing shared assemblies. My company is building .Net 2005 WinForm applications for internal company use only....
6
by: raylopez99 | last post by:
Anybody use Strong Name Signing? I think this is used by default for Resource files, which is one reason perhaps I can't get my resource files to work (somehow the public key is messed up, perhaps...
1
by: BillE | last post by:
<extreme frustration> I have googled and read about this, but can't seem to get a grip on it. Apparently I am being coerced into digitally signing applications. Is this true? What if I don't...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.