检查程序集的强名称
检查程序集的强名称
提问于 2008-11-21 13:30:08
是否可以检查动态加载的程序集是否已使用特定的强名称进行签名?
比较从AssemblyName.GetPublicKey()方法返回的值是否足够/安全?
Assembly loaded = Assembly.LoadFile(path);
byte[] evidenceKey = loaded.GetName().GetPublicKey();
if (evidenceKey != null)
{
byte[] internalKey = Assembly.GetExecutingAssembly().GetName().GetPublicKey();
if (evidenceKey.SequenceEqual(internalKey))
{
return extension;
}
}这难道不能被欺骗吗?我不确定SetPublicKey()方法对构建的程序集是否有任何影响,但即使是MSDN文档也说明了如何在动态生成的程序集(反射发出)上使用它,这意味着您可以从宿主应用程序中提取公钥并将其注入到您自己的程序集中,然后运行恶意代码,如果上面的代码是安全的,或者我错过了什么?
有没有更正确、更安全的方法?我知道如果情况正好相反,也就是说,我想确保程序集不被签名的主机调用,那么我就可以用StrongNameIdentityPermission属性来标记程序集。
回答 3
Stack Overflow用户
回答已采纳
发布于 2008-11-21 16:49:01
没有检查程序集签名的托管方法,检查公钥使您容易受到欺骗。您必须使用StrongNameSignatureVerificationEx并调用P/Invoke函数来检查签名
[DllImport("mscoree.dll", CharSet=CharSet.Unicode)]
static extern bool StrongNameSignatureVerificationEx(string wszFilePath, bool fForceVerification, ref bool pfWasVerified);Stack Overflow用户
发布于 2008-11-21 13:59:47
在加载程序集之后测试强名称几乎没有什么意义。攻击者可以简单地在程序集中插入模块构造函数并执行所需的任何代码。该框架的.NET 3.5 SP1版本紧随其后,不再验证从受信任位置加载的程序集的强名称。启动时间缩短了约40%。
关键的一点是:一旦攻击者破坏了机器,使其能够在应用程序的探测路径中注入程序集,他就不会费心费力地去做这件事。他只是替换了你的EXE文件。
Stack Overflow用户
发布于 2014-12-17 22:05:21
根据http://msdn.microsoft.com/pl-pl/library/ms232579.aspx,在.NET 4中不建议使用mscoree.dll中的StrongNameSignatureVerificationEx检查强名称。
.NET 4的方法是:
var clrStrongName = (IClrStrongName)RuntimeEnvironment.GetRuntimeInterfaceAsObject(new Guid("B79B0ACD-F5CD-409b-B5A5-A16244610B92"), new Guid("9FD93CCF-3280-4391-B3A9-96E1CDE77C8D"));
bool verificationForced;
int result = clrStrongName.StrongNameSignatureVerificationEx(@"PATH\TO\ASSEMBLY.DLL", true, out verificationForced);
if (result == 0)
{
Console.WriteLine("Valid.");
}
[ComConversionLoss, Guid("9FD93CCF-3280-4391-B3A9-96E1CDE77C8D"), InterfaceType(ComInterfaceType.InterfaceIsIUnknown), SecurityCritical]
[ComImport]
internal interface IClrStrongName
{
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromAssemblyFile([MarshalAs(UnmanagedType.LPStr)] [In] string pszFilePath, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromAssemblyFileW([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromBlob([In] IntPtr pbBlob, [MarshalAs(UnmanagedType.U4)] [In] int cchBlob, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 4)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromFile([MarshalAs(UnmanagedType.LPStr)] [In] string pszFilePath, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromFileW([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int GetHashFromHandle([In] IntPtr hFile, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int piHashAlg, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbHash, [MarshalAs(UnmanagedType.U4)] [In] int cchHash, [MarshalAs(UnmanagedType.U4)] out int pchHash);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameCompareAssemblies([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzAssembly1, [MarshalAs(UnmanagedType.LPWStr)] [In] string pwzAssembly2, [MarshalAs(UnmanagedType.U4)] out int dwResult);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameFreeBuffer([In] IntPtr pbMemory);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameGetBlob([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 2)] [Out] byte[] pbBlob, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int pcbBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameGetBlobFromImage([In] IntPtr pbBase, [MarshalAs(UnmanagedType.U4)] [In] int dwLength, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [Out] byte[] pbBlob, [MarshalAs(UnmanagedType.U4)] [In] [Out] ref int pcbBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameGetPublicKey([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 2)] [In] byte[] pbKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbKeyBlob, out IntPtr ppbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbPublicKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameHashSize([MarshalAs(UnmanagedType.U4)] [In] int ulHashAlg, [MarshalAs(UnmanagedType.U4)] out int cbSize);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameKeyDelete([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameKeyGen([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.U4)] [In] int dwFlags, out IntPtr ppbKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameKeyGenEx([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.U4)] [In] int dwFlags, [MarshalAs(UnmanagedType.U4)] [In] int dwKeySize, out IntPtr ppbKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameKeyInstall([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 2)] [In] byte[] pbKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameSignatureGeneration([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.LPWStr)] [In] string pwzKeyContainer, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [In] byte[] pbKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbKeyBlob, [In] [Out] IntPtr ppbSignatureBlob, [MarshalAs(UnmanagedType.U4)] out int pcbSignatureBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameSignatureGenerationEx([MarshalAs(UnmanagedType.LPWStr)] [In] string wszFilePath, [MarshalAs(UnmanagedType.LPWStr)] [In] string wszKeyContainer, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 3)] [In] byte[] pbKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbKeyBlob, [In] [Out] IntPtr ppbSignatureBlob, [MarshalAs(UnmanagedType.U4)] out int pcbSignatureBlob, [MarshalAs(UnmanagedType.U4)] [In] int dwFlags);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameSignatureSize([MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 1)] [In] byte[] pbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbSize);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameSignatureVerification([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.U4)] [In] int dwInFlags, [MarshalAs(UnmanagedType.U4)] out int dwOutFlags);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameSignatureVerificationEx([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, [MarshalAs(UnmanagedType.I1)] [In] bool fForceVerification, [MarshalAs(UnmanagedType.I1)] out bool fWasVerified);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
[return: MarshalAs(UnmanagedType.U4)]
int StrongNameSignatureVerificationFromImage([In] IntPtr pbBase, [MarshalAs(UnmanagedType.U4)] [In] int dwLength, [MarshalAs(UnmanagedType.U4)] [In] int dwInFlags, [MarshalAs(UnmanagedType.U4)] out int dwOutFlags);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameTokenFromAssembly([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, out IntPtr ppbStrongNameToken, [MarshalAs(UnmanagedType.U4)] out int pcbStrongNameToken);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameTokenFromAssemblyEx([MarshalAs(UnmanagedType.LPWStr)] [In] string pwzFilePath, out IntPtr ppbStrongNameToken, [MarshalAs(UnmanagedType.U4)] out int pcbStrongNameToken, out IntPtr ppbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] out int pcbPublicKeyBlob);
[MethodImpl(MethodImplOptions.PreserveSig | MethodImplOptions.InternalCall)]
int StrongNameTokenFromPublicKey([MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 1)] [In] byte[] pbPublicKeyBlob, [MarshalAs(UnmanagedType.U4)] [In] int cbPublicKeyBlob, out IntPtr ppbStrongNameToken, [MarshalAs(UnmanagedType.U4)] out int pcbStrongNameToken);
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/308756
复制相关文章
相似问题