开发者

Quite special PublicKey in .NET core assemblies

开发者 https://www.devze.com 2023-03-30 19:46 出处:网络
I\'ve noticed that core .NET开发者_运维百科 assemblies have PublicKey = 00000000000000000400000000000000. Not only it\'s shorter then those sn.exe allows to generate (min 384 bits) but also it has a l

I've noticed that core .NET开发者_运维百科 assemblies have PublicKey = 00000000000000000400000000000000. Not only it's shorter then those sn.exe allows to generate (min 384 bits) but also it has a lot of zeros.

How to generate signing key with such a fancy public key?


That's the ECMA Standard defined public key.

It's to deal with three conflicting requirements:

  1. A mechanism that ensures that assemblies are signed by their creators and could not have been created by a fraudulent other party.
  2. That CLI be defined openly in such a way that other people are free to implement a version (Mono would be a real-life example).
  3. That there be a standard library of classes made available with every version of the framework.

These three things can't happen at the same time!

If I create a version of .NET (point 2), then I need to provide a version of the standard library (point 3), which needs to be trusted (point 1), so I need to sign it to prove that I'm Microsoft. Oh wait, I'm not Microsoft! (eh, point 2 again).

Instead what happens is:

  1. I create a public-private key pair. People trusted to build new release versions of the assemblies in my framework library implementation have access to the private key, the public key can be known to anyone doing any work on the CLI implementation.

  2. I mark the relevant assemblies as having been signed with the key corresponding to the public key 00000000000000000400000000000000 (defined in the ECMA standard), though really they were signed with the private key mentioned above.

  3. In the code in the CLI any check on an assembly that claims to have been signed with the key corresponding to the public key 00000000000000000400000000000000 is checked with the real public key. If this checks out, then it can only have been signed by someone we trust in building those assemblies.

Of course, MS's framework won't trust our assemblies, Mono's won't trust them, and we won't trust either of theirs, because we all have different real keys corresponding to the ECMA standard key. Which is as it should be.

Meanwhile, the fact that 00000000000000000400000000000000 doesn't match any real valid public key means it's not possible for it to clash with any other public key.


This is NOT the proper answer to the question. The only thing this answer provides is the pointer to ECMA standard, apparently ECMA-335 with CLI specs. But this ECMA standard provides only a basic definition in terms of unique/fixed value and the name it should be called. Otherwise, it provides nothing about how and where the actual public key is found. The value 00000000000000000400000000000000 is NOT a public key, it is only a marker called Standard Public Key which has nothing to do with a real public key. This value is used to compute Public Key Token for the assembly that uses it but this value is not used to as any public key of RSA algorithm when processing the assembly signature. You need a real Public Key. The proper answer to the question should be how and where the actual Public Key is found for the assembly that uses it

0

精彩评论

暂无评论...
验证码 换一张
取 消