2

In regular .net framework I can sign any assembly from Visual Studio project properties tab. I've created a simple console application and added a reference to class library (ClassLibrary1) which is signed by pfx with password. ClassLibrary1 contains ClassLibrary2 as reference which is not signed. When creating an object from ClassLibrary1 which uses reference from the 2nd one - I receive an exception during runtime: enter image description here

My console application is also signed. This exception is an expected behaviour: no one would be able to replace my assembly with unsigned one.

Moreover I want to secure my plugin system: I want to check if my assembly is signed by a specific key using this code and this one.

It works as expected in regular dot net. But I want to make this work in NET CORE. When I try to reference unsigned assemblies I just get compiler warning that ClassLibrary1 doesn't have a strong name. But in the runtime I get no exception. I tried this with snk and pfx file. And moreover I can't get public key from net core assembly:

assemblyName.GetPublicKey();

It's simply return byte[0] as a result. How can I secure my assemblies in NET CORE to make sure no one could replace them with harmful ones.

Part of my netcore project csproj config:

  <PropertyGroup>
    <TargetFramework>netcoreapp2.0</TargetFramework>
    <SignAssembly>true</SignAssembly>
    <DelaySign>false</DelaySign>
    <AssemblyOriginatorKeyFile>TestKey.pfx</AssemblyOriginatorKeyFile>
  </PropertyGroup>

P.S: I use VS 2017, .net core 2.0

jps
  • 20,041
  • 15
  • 75
  • 79
Anton23
  • 2,079
  • 5
  • 15
  • 28
  • Did you go through this https://stackoverflow.com/questions/38435086/proper-way-to-sign-net-core-assembly – Jeremy Thompson Jun 12 '18 at 07:08
  • Based on my experience with open-source projects, you can usually found unimplemented features and some others which behaviour is not the one expected. I found this many times in Mono, which also made me to fix some "bad practices". I could say that Mono is more strict while Microsoft's one is more flexible and fail proof. – Carles Jun 12 '18 at 07:11
  • @JeremyThompson, net core now uses csproj instead of project.json – Anton23 Jun 12 '18 at 07:28
  • I'm not sure if `GetPublicKey()` is supposed to work but .NET Core doesn't validate strong assembly names, that was a deliberate breaking change from .NET Framework – Martin Ullrich Jun 12 '18 at 15:20
  • @MartinUllrich, how can I secure my assemblies in .NET Core from being replaced by malicious ones? – Anton23 Jun 13 '18 at 06:18
  • NuGet now allows signing NuGet packages: https://github.com/NuGet/Home/wiki/Package-Signing – Martin Ullrich Jun 13 '18 at 06:21
  • note that strong naming never fully helped against replacing dlls after deployment to customers as long as all assemblies are replaced with version without strong names and strong named references. – Martin Ullrich Jun 13 '18 at 06:23
  • @MartinUllrich, thanks for the idea with nuget package signing – Anton23 Jun 13 '18 at 08:11
  • also see the warning on the [strong-named assemblies documentation](https://learn.microsoft.com/en-us/dotnet/framework/app-domains/strong-named-assemblies) about relying on signed assemblies for security purposes. – Martin Ullrich Jun 13 '18 at 08:13
  • @MartinUllrich, does nuget package signing works for NET CORE packages? does this work on other OS (linux, macos) and not only windows? – Anton23 Jun 13 '18 at 08:32
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/173048/discussion-between-anton23-and-martin-ullrich). – Anton23 Jun 13 '18 at 08:54

0 Answers0