Is it a bad practice to use a digital signature to sign a strongly named assembly?

Question

I am curious, through Google research I have been learning about digital signatures and strongly named assemblies. It appears possible to use a digital signature to sign a strongly named assembly if you really try hard.

I speculate that with this practice it is possible to circumvent the purpose of a digital signature by using it this way.

Microsoft says:

"strong names in and of themselves do not imply a level of trust like that provided, for example, by a digital signature and supporting certificate."
-- http://msdn.microsoft.com/en-us/library/wd40t7ad%28v=vs.110%29.aspx

Am I correct in guessing that using a digital signature in this way is actually a bad practice, that may create a security hole and definitely serves no purpose? Or is it even possible? Is using a digital signature as the strong name possible or better then then doing nothing? Does it provide some extra security beyond using a digital signature properly.

Answer 1

Just splitting this up into clear bits, because I'm not quite sure what you're asking.

Is it possible to use the private key of a digital signature (e.g. Authenticode) to strongly name an assembly?

Yes, at least in theory - since all a key is is a sequence of bytes.

Would there be any point in doing so?

Since you don't need to pay for a private key for strong naming, using a paid-for digital signature to do it wouldn't make much sense, no. What you pay for is the trust associated with the digital signature. Strong naming, as Eric Lippert, Alexei, and others explained, doesn't assert trust.

Would it be a security hole if you did so anyway?

No. Whether you're digitally signing or strong naming, and no matter what private key you may use for it, all you're giving out with the assembly is the public key. A public key is meant to be public knowledge - that's the whole point of asymmetric cryptography. As long as your private key remains private, there's no hole.

ETA: I would like to see the post(s) mentioned in the question, about strong naming using an Authenticode signature (as opposed to combining the two), though.

Answer 2

Is it a bad practice to use a digital signature to sign a strongly named assembly?

No. That's a perfectly good practice.

It appears possible to use a digital signature to sign a strongly named assembly if you really try hard.

It's a bit tricky, because both strong naming and digital signing modify the assembly. The assembly must be first strong named and then signed.

I speculate that with this practice it is possible to circumvent the purpose of a digital signature by using it this way, as the strongly named assembly can be hacked

OK, so you're speculating that there's an attack. I'm speculating that there isn't. State the vulnerability and the proposed attack.

(at least some post said so).

Are you going to make us guess which post said so?

"strong names in and of themselves do not imply a level of trust like that provided, for example, by a digital signature and supporting certificate."

That's correct. Strong names and digital certificates are similar but they solve different problems. Strong names solve the identification of assemblies problem. Signatures solve the chain of trust problem.

I have seen examples of Internet posters trying to do exactly that thinking that they are protecting their software.

Neither strong naming nor certificate signing protects software at all! The purpose of a security system isn't to protect the software, it's to protect the users. We don't have driver's licences to keep the Department of Motor Vehicles safe from attack by ninjas. We have drivers licenses to establish that the bearer of the license really is who they say they are and is permitted to drive. Anyone who thinks that strong naming is there to protect the software is very, very confused.

Am I correct in guessing that using a digital signature in this way is actually a bad practice, that may create a security hole and definitely serves no purpose?

No, you are wrong on every count.

it a good or bad thing to cross the streams (please excuse the humor.)?

Why would it be a bad thing? All we have is your claim that there is an attack, and no evidence whatsoever that there actually is one.

Or is it even possible?

Sure it's possible.

are the posts I have seen with references to using the two in concert (using a digital signature to sign an assembly specifically as strongly named (not digitally signed)) possible or better then then doing nothing?

You're asking us to comment on the accuracy of posts that we haven't read and you haven't provided links to. How should we know whether they're accurate or not?

Answer 3

There is no trust chain exists for keys used to strongly sign assemblies. You can't use the same type of keys for strong name signing and "code signing": so there is no problem "mixing and matching". These two types of signing server two different purposes and you need to pick ones that you need in your particular case (most likely just strong name signing and .Net does not have built in verification for the other one).

With signing for strong name you can't say if particular key belongs to particular entity, unlike other types of signing where you know source of the signing certificate (i.e. authenticode signing or SSL certificates for HTTPS) and can be reasonably sure about origin.

Strongly signing tells you that assemblies signed by the same key created by the same "entity", but there is no indication of what/who this "entity" is. You can't really say "this new version of assembly is built by FooBar company", you can only say "it build by the same company/group as previous one".

Note: Indeed there are some "well known" public keys (i.e. Framework assemblies signed by Microsoft), but you can't get any assembly and say "signed by X" just by looking at the public key.

Note that this covered in details in Eric Lippert answer - Signing of .NET Assemblies .