C# dll 强命名,不检测修改
据我了解,强命名会创建程序集的加密哈希,用作加载 dll 的强名称。
我希望使用此功能来检测二进制文件的损坏,以通知用户该软件存在问题并且需要重新安装。
这适用于对二进制文件的一些更改,但是我发现修改二进制文件,尤其是二进制文件中的静态字符串,不会导致应用程序报告它无法找到具有适当强名称的 dll。
谁能向我解释一下程序集中的哪些数据用于创建强名称,以及为什么强命名并不总是检测到 dll 的修改?有没有一种方法可以强制它在强命名中包含附加信息?
有没有其他方法可以检测二进制文件的损坏?
干杯
瑞安
It is my understanding that strong naming creates a cryptographic Hash of the a assembly to which is used as a strong name to load the dll.
I was hoping to use this feature to detect corruption of a binary to inform the user there is a problem with the software and they need to reinstall it.
This works for some changes to the binary, however i've found modifying the binary, especially static strings within the binary, does not cause the application to report that it cannot locate a dll of the appropriate strong name.
Can anyone explain to me what data from an assembly is used to create the strong name, and why strong naming does not always detect the modification of the dll? Is there a way that i can force it to include additional information in the strong naming?
Is there a alternate way i can detect a corruption of a binary?
Cheers
Ryan
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
据我所知,强命名中使用的哈希包括整个文件,所以我不确定为什么某些更改没有触发验证。
您的程序集是否有可能添加到跳过验证列表中?
As far as I know, the hash used in strong-naming includes the entire file, so I am not sure why some changes are not tripping the verification.
Is there any chance your assembly is added in skip-verification list?
对程序集进行强命名时创建的数字签名会对程序集的内容进行哈希处理(任何 Authenticode 签名例外)、程序集的强名称数据以及 PE 标头校验和,然后使用私有签名对哈希进行签名钥匙。
也许它是您要更改的排除项目之一,在这种情况下,强名称仍将正确验证,并且程序集仍将正常加载。
根据定义,强名称由四个属性组成:文件名(减去扩展名)、版本号、区域性标识和公钥令牌(公钥的哈希值)。无法在强命名约定中包含附加信息。
The digital signature created when strong naming an assembly hashes the contents of the assembly, with the exception of any Authenticode Signature, the assembly's strong name data, and the PE header checksum, then signs the hash with the private key.
Perhaps it was one of the excluded items that you were changing, in which case the strong name will still verify correctly and the assembly will still load just fine.
A strong name by definition consists of four attributes: a file name (minus extension), a version number, a culture identity, and a public key token (a hash of the public key). There is no way to include additional information in the strong naming convention.
我检测到同样的行为。我对程序集进行了强命名,然后使用十六进制编辑器修改了一些静态字符串。令人惊讶的是,加载程序集的可执行文件没有抛出任何异常,而只是加载了更改后的库。
在 Microsoft 文档中进行一些搜索后,我发现了一个对我有帮助的提示。
据说有一种旁路机制,当某些条件成立时,可以更快地加载程序集。
https://learn.microsoft.com/de-de/dotnet/standard/ assembly/create-use-strong-named#bypass-signature-verification-of-trusted-assemblies
要禁用此功能,绕过您在 app.config 中放置了一个标志。
执行此操作后,修改程序集时可执行文件将引发异常。
I detected the same behaviour. I strong named the assemblies then I modified some static strings with an hex editor. Suprisingly, the executable that is loading the assembly did not throw any exception but just loaded the altered library.
After some searching in Microsoft docs I found a hint that helped me.
It is saying that there is a bypass mechanism that shall load the assemblies faster when some conditions are true.
https://learn.microsoft.com/de-de/dotnet/standard/assembly/create-use-strong-named#bypass-signature-verification-of-trusted-assemblies
To disable this bypassing you have put a flag in the app.config.
After doing that the executable is throwing an exception when the assembly was modified.
您应该看看这里:Authenticode 签名和强名称签名和如何使用 Authenticode 签名对 .Net 程序集进行签名?
和
You should take a look here: Authenticode Signatures and Strong Name Signatures and How do I Sign .Net assemblies with Authenticode signature?
And