.NET 4.0 Late Binding: Ensure Assembly Authenticity?

Question

I have to develop a .NET C# application that supports plugins. I’ve found a lot of information on the internet and it doesn’t seem to be so hard.

I just have a specification that the Assemblies of the modules must be validated on the assembly level. When the late binding occurs and the assembly loads, the host application must be absolutely sure that:

1. The Assembly wasn’t changed.
2. The Assembly was indeed supplied by the company.

I read that it is possible to sign the assembly using a key, but as far as I understood, this would only certify that the assembly wasn’t changed.

What must be done in order to be sure of the Assemblies authenticity?

Any help would be greatly appreciated.

Answer 1

Like I said in the comment, this has been asked before: Can strong naming an assembly be used to verify the assembly author?

This link gives an example of how to verify the public key against a known set of public keys: http://blogs.msdn.com/b/shawnfa/archive/2004/06/07/150378.aspx but it's kinda old, and I don't know if there have been significant changes since then.

EDIT: I see that the SO answer suggests the same technique as the link to shawnfa's blog above, so it probably still stands.

Answer 2

The developer of the assembly needs to sign the assembly using Authenticode technology and X.509 certificate obtained from one of approved certificate authorities (CAs). Then your host needs to verify the signature and validate certificates in the signature of the assembly being loaded.

As one of the options, our product, SecureBlackbox, offers functions to perform Authenticode signing and verification as well as complete X.509 certificate validation.