Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Microsoft .NET Strong Name (SN)

Integration with CipherTrust Manager

search

Integration with CipherTrust Manager

This section outlines the steps to integrate Microsoft Strong Name with CipherTrust Manager.

Strong Name is the part of Microsoft SDK that provides a mechanism to assign unique identities to .NET Framework assemblies. To get a valid strong name, an assembly is strong-name signed during the build process. This is achieved using the private key that corresponds to the public key in the strong name. The strong name signature can then be verified using the public key.

Strong names prevent code spoofing by a third party.

In order to integrate the CipherTrust Manager with MS Strong Name follow the steps below:

  1. Run the SafeNetProtectApp CSP Provider using makecert command:

    makecert -sk CSP2TestKey -sp "SafenetProtectApp CSP Provider" –n "CN=Common Name" -r -ss mystore Test.cer

    where:

    • -sk: The location of the subject’s key container which holds the private key
    • -sp: Subject CryptoAPI’s provider name
    • -n: The name and details of the publisher’s certificate
    • -ss: The name of the subject’s certificate store in which the generated certificate will be stored.

    Note

    Anything that contains spaces must be in double quotes ("").

  2. Make the SafeNet ProtectApp CSP as a default CSP to use with MS Strong Name:

    sn -c "SafenetProtectApp CSP Provider"

  3. Extract the public key from the key-pair generated in step 2, using the following command.

    sn.exe -pc CSP2TestKey TestKey.snk

    where, CSP2TestKey and TestKey.snk denotes the key container and public key file respectively.

    Following screen shows the extracted public key:

  4. To sign a .NET assembly, write any C# program and open the Visual Studio command prompt to compile the program and sign the generated exe file. To do so, use the following command:

    csc /delaysign+ /keyfile:TestKey.snk C:\Users\Administrator\Desktop\Program.cs

    where, /keyfile is the public key extracting from the key-pair in the previous command.

    Note

    Anything that contains spaces must be in double quotes ("").

    Following screen shows the C# program that you created:

  5. Sign the generated exe with Strong Name using the following command:

    sn.exe -Rc C:\Users\Administrator\Desktop\myapp.exe CSP2TestKey

    where, CSP2TestKey is the key container in which you have generated the key-pair.

  6. Verify the assembly is Strong Name signed using the following command:

    sn.exe -v C:\Users\Administrator\Desktop\verification.exe

On this page