structure of a strong name key file
-
i'm looking for an article showing how a key pair is being generated, so how the public key token is, and eventually about "binary attack" to signed .net assembly (e.g. editing the public key token using hex editor) - for educational purposes only :-D. 10x in advance
-
i'm looking for an article showing how a key pair is being generated, so how the public key token is, and eventually about "binary attack" to signed .net assembly (e.g. editing the public key token using hex editor) - for educational purposes only :-D. 10x in advance
-
thanks, but what about how to manually generate a token for the public key?
-
thanks, but what about how to manually generate a token for the public key?
Sn.exe computes the token using a hash function from the public key. I don't know what the specific hash function is, but it should be easy to find out through experimentation. Probably either MD5 or SHA1.
-
i'm looking for an article showing how a key pair is being generated, so how the public key token is, and eventually about "binary attack" to signed .net assembly (e.g. editing the public key token using hex editor) - for educational purposes only :-D. 10x in advance
I've answered your questions because this is for educational purposes, and also because knowing these things does not in fact allow the "attack" of the signed assembly. To verify the assembly's digital signature, the CLR uses the assembly's public key to decrypt the assembly's digital signature, resulting in the original, calculated hash. In addition, the CLR uses the information in the assembly's manifest to dynamically generate a hash. This hash value is then compared with the original hash value. These values must match, or we must assume that someone has tampered with the assembly. - from .NET Framework Essentials, By Hoang Lam, Thuan L. Thai.