Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is it a bad practice to use a digital signature to sign a strongly named assembly?

I am curious, through Google research I have been learning about digital signatures and strongly named assemblies. It appears possible to use a digital signature to sign a strongly named assembly if you really try hard.

I speculate that with this practice it is possible to circumvent the purpose of a digital signature by using it this way.

Microsoft says:

"strong names in and of themselves do not imply a level of trust like that provided, for example, by a digital signature and supporting certificate."
-- http://msdn.microsoft.com/en-us/library/wd40t7ad%28v=vs.110%29.aspx

Am I correct in guessing that using a digital signature in this way is actually a bad practice, that may create a security hole and definitely serves no purpose? Or is it even possible? Is using a digital signature as the strong name possible or better then then doing nothing? Does it provide some extra security beyond using a digital signature properly.

like image 496
amalgamate Avatar asked Dec 02 '22 20:12

amalgamate


1 Answers

Is it a bad practice to use a digital signature to sign a strongly named assembly?

No. That's a perfectly good practice.

It appears possible to use a digital signature to sign a strongly named assembly if you really try hard.

It's a bit tricky, because both strong naming and digital signing modify the assembly. The assembly must be first strong named and then signed.

I speculate that with this practice it is possible to circumvent the purpose of a digital signature by using it this way, as the strongly named assembly can be hacked

OK, so you're speculating that there's an attack. I'm speculating that there isn't. State the vulnerability and the proposed attack.

(at least some post said so).

Are you going to make us guess which post said so?

"strong names in and of themselves do not imply a level of trust like that provided, for example, by a digital signature and supporting certificate."

That's correct. Strong names and digital certificates are similar but they solve different problems. Strong names solve the identification of assemblies problem. Signatures solve the chain of trust problem.

I have seen examples of Internet posters trying to do exactly that thinking that they are protecting their software.

Neither strong naming nor certificate signing protects software at all! The purpose of a security system isn't to protect the software, it's to protect the users. We don't have driver's licences to keep the Department of Motor Vehicles safe from attack by ninjas. We have drivers licenses to establish that the bearer of the license really is who they say they are and is permitted to drive. Anyone who thinks that strong naming is there to protect the software is very, very confused.

Am I correct in guessing that using a digital signature in this way is actually a bad practice, that may create a security hole and definitely serves no purpose?

No, you are wrong on every count.

it a good or bad thing to cross the streams (please excuse the humor.)?

Why would it be a bad thing? All we have is your claim that there is an attack, and no evidence whatsoever that there actually is one.

Or is it even possible?

Sure it's possible.

are the posts I have seen with references to using the two in concert (using a digital signature to sign an assembly specifically as strongly named (not digitally signed)) possible or better then then doing nothing?

You're asking us to comment on the accuracy of posts that we haven't read and you haven't provided links to. How should we know whether they're accurate or not?

like image 71
Eric Lippert Avatar answered Feb 16 '23 03:02

Eric Lippert