C# 检查程序集的强名称
是否可以检查动态加载的程序集是否已使用特定的强名称签名 比较从AssemblyName.GetPublicKey()方法返回的值是否足够/安全C# 检查程序集的强名称,c#,security,strongname,C#,Security,Strongname,是否可以检查动态加载的程序集是否已使用特定的强名称签名 比较从AssemblyName.GetPublicKey()方法返回的值是否足够/安全 Assembly loaded = Assembly.LoadFile(path); byte[] evidenceKey = loaded.GetName().GetPublicKey(); if (evidenceKey != null) { byte[] internalKey = Assembly.GetExecutingAssemb
Assembly loaded = Assembly.LoadFile(path);
byte[] evidenceKey = loaded.GetName().GetPublicKey();
if (evidenceKey != null)
{
byte[] internalKey = Assembly.GetExecutingAssembly().GetName().GetPublicKey();
if (evidenceKey.SequenceEqual(internalKey))
{
return extension;
}
}
是否有更正确、更安全的方法?我知道如果情况正好相反,也就是说,我想保护程序集不被签名主机调用,那么我可以使用StrongNameIdentityPermission属性标记程序集。在加载程序集后测试强名称没有什么意义。攻击者可以简单地在程序集中插入模块构造函数并执行所需的任何代码。NET 3.5 SP1版本的框架也遵循了这一原则,不再验证从受信任位置加载的程序集的强名称。启动时间提高约40%
关键的一点是:一旦攻击者破坏了机器,使其能够在应用程序的探测路径中注入程序集,他就不会费心费劲了。他只会替换你的EXE文件。没有可管理的方法来检查程序集的签名,检查公钥会使你容易受到欺骗。您必须使用并调用strongNameSignatureReferenceEx函数来检查签名
[DllImport("mscoree.dll", CharSet=CharSet.Unicode)]
static extern bool StrongNameSignatureVerificationEx(string wszFilePath, bool fForceVerification, ref bool pfWasVerified);
根据,在.NET 4下不推荐使用mscoree.dll中的strongNameSignatureReferationEx检查强名称 .NET 4执行此操作的方法是:
var clrStrongName = (IClrStrongName)RuntimeEnvironment.GetRuntimeInterfaceAsObject(new Guid("B79B0ACD-F5CD-409b-B5A5-A16244610B92"), new Guid("9FD93CCF-3280-4391-B3A9-96E1CDE77C8D"));
bool verificationForced;
int result = clrStrongName.StrongNameSignatureVerificationEx(@"PATH\TO\ASSEMBLY.DLL", true, out verificationForced);
if (result == 0)
{
Console.WriteLine("Valid.");
}
[ComConversionLoss, Guid("9FD93CCF-3280-4391-B3A9-96E1CDE77C8D"), InterfaceType(ComInterfaceType.InterfaceIsIUnknown), SecurityCritical]
[ComImport]
internal interface IClrStrongName
{
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromAssemblyFile([MarshalAs(UnmanagedType.LPStr)] [In] string pszFilePath, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromAssemblyFileW([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromBlob([In] IntPtr pbBlob, [MarshalAs(UnmanagedType.U4)] [In] int cchBlob, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 4)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromFile([MarshalAs(UnmanagedType.LPStr)] [In] string pszFilePath, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromFileW([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromHandle([In] IntPtr hFile, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameCompareAssemblies([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzAssembly1, [MarshalAs(UnmanagedType.LPWStr)] [In] string pwzAssembly2, [MarshalAs(UnmanagedType.U4)] out int dwResult);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameFreeBuffer([In] IntPtr pbMemory);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameGetBlob([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 2)] [Out] byte[] pbBlob, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int pcbBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameGetBlobFromImage([In] IntPtr pbBase, [MarshalAs(UnmanagedType.U4)] [In] int dwLength, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbBlob, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int pcbBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameGetPublicKey([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 2)] [In] byte[] pbKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbKeyBlob, out IntPtr ppbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbPublicKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameHashSize([MarshalAs(UnmanagedType.U4)] [In] int ulHashAlg, [MarshalAs(UnmanagedType.U4)] out int cbSize);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameKeyDelete([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameKeyGen([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.U4)] [In] int dwFlags, out IntPtr ppbKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameKeyGenEx([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.U4)] [In] int dwFlags, [MarshalAs(UnmanagedType.U4)] [In] int dwKeySize, out IntPtr ppbKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameKeyInstall([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 2)] [In] byte[] pbKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameSignatureGeneration([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [In] byte[] pbKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbKeyBlob, [In] [Out] IntPtr ppbSignatureBlob, [MarshalAs(UnmanagedType.U4)] out int pcbSignatureBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameSignatureGenerationEx([MarshalAs(UnmanagedType.LPWStr)] [In] string wszFilePath, [MarshalAs(UnmanagedType.LPWStr)] [In] string wszKeyContainer, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [In] byte[] pbKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbKeyBlob, [In] [Out] IntPtr ppbSignatureBlob, [MarshalAs(UnmanagedType.U4)] out int pcbSignatureBlob, [MarshalAs(UnmanagedType.U4)] [In] int dwFlags);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameSignatureSize([MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 1)] [In] byte[] pbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbSize);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameSignatureVerification([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.U4)] [In] int dwInFlags, [MarshalAs(UnmanagedType.U4)] out int dwOutFlags);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameSignatureVerificationEx([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.I1)] [In] bool fForceVerification, [MarshalAs(UnmanagedType.I1)] out bool fWasVerified);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameSignatureVerificationFromImage([In] IntPtr pbBase, [MarshalAs(UnmanagedType.U4)] [In] int dwLength, [MarshalAs(UnmanagedType.U4)] [In] int dwInFlags, [MarshalAs(UnmanagedType.U4)] out int dwOutFlags);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameTokenFromAssembly([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, out IntPtr ppbStrongNameToken, [MarshalAs(UnmanagedType.U4)] out int pcbStrongNameToken);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameTokenFromAssemblyEx([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, out IntPtr ppbStrongNameToken, [MarshalAs(UnmanagedType.U4)] out int pcbStrongNameToken, out IntPtr ppbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbPublicKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameTokenFromPublicKey([MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 1)] [In] byte[] pbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbPublicKeyBlob, out IntPtr ppbStrongNameToken, [MarshalAs(UnmanagedType.U4)] out int pcbStrongNameToken);
}
实际上,这是一种扩展(以程序集的形式)的情况可以添加到应用程序,即使用Assembly.LoadFile从目录加载,我只希望能够加载已使用与主机应用程序相同的强名称签名的扩展名。因此,这不是安全保护整个系统或应用程序的情况,但是限制谁能够为应用程序本身编写扩展。没有强名称,很抱歉,您的分机将不可用loaded@Hans我认为测试强名称仍然有用。如果exe A引用dll B,并且两者都是强名称,并且在app.config中启用了强名称验证,则黑客可以通过某种黑客文件级别(字节)覆盖来删除这两个文件上的强名称。我们可以检查程序启动,如果程序集具有任何强名称(即签名),那么您所做的任何操作都可能导致欺骗,因为攻击者可以轻松绕过程序集中的检查,重新组装修改后的IL并使用自己的密钥退出程序集。当您说没有托管方式时,你的意思是说从技术上讲这是不可能的,还是说没有一个标准的库/例程来做这件事?非常好的帮助。这对我很管用。非常感谢你救了我的命。非常感谢。