2020. 8. 31. 05:58ㆍ카테고리 없음
Introduction
A Strong Name File (SNF) can be used to 'sign' .NET assemblies. I put the word 'sign' in quotes, because there is no authentication mechanism provided, so all the signature really can tell you is if two different assemblies are coming from the same source. But that is the main purpose of SNFs anyway: They provide a way to generate a unique identifier for an assembly or a specific version of an assembly, a strong name.
Mar 03, 2020 This page explains how to generate public/private key pairs using OpenSSL command-line tools. Device authentication. Cloud IoT Core uses public key (or asymmetric) authentication: The device uses a private key to sign a JSON Web Token (JWT). The token is passed to Cloud IoT Core as proof of the device's identity. Yes, it is possible to deterministically generate public/private RSA key pairs from passphrases. For even passable security, the passphrase must be processed by a key-stretching function, such as Scrypt (or the better known but less recommendable PBKDF2), and salt (at least, user id) must enter the key-stretching function; the output can then be used as the seed material for the RSA key.
An SNF contains just the public and the private key of an asymmetric key pair. There is no additional information stored in the file. SQL Server can take that information and create an asymmetric key in a database from it.
A Strong (Name) Example
Creating an asymmetric key pair from an SNF involves the CREATE ASYMMETRIC KEY statement using the FROM FILE clause like this:
This will create an asymmetric key in the current database from that SNF:
The SNF in the above example does not have a path specified. If you execute the statement like that, the SNF has to exist in SQL Servers default database directory. However, you can also specify a fully qualified path like this:
The now specified path is not the only change in this statement. Additionally the ENCRYPTION BY PASSWORD clause is missing. As it is the case with the normal CREATE ASYMMETRIC KEY statement, that means that the private key is going to be encrypted with the database master key.
The SN Tool
Strong Name Files can be created with Microsoft's sn.exe tool. It for example comes bundled with Visual Studio. The exact syntax of how to use it you can look up following the above link. However, one parameter (-k) allows you to specify the key length. While you can specify any key length between 384 and 16384 bits (in increments of 8 bits), SQL Server can only import SNFs that were created with a key length of either 512, 1024 or 2048 bits.
Summary
Microsoft developed Strong Name Files to store a complete asymmetric key pair in them. Such a file can be used to show that for example two assemblies came from the same source. However, it does not provide any authentication information. SQL Server can import such files and use them to create asymmetric key from them.
Asymmetric Key Cryptography
Related
Leave a Reply
Symmetric Key Vs Asymmetric Key
You must be logged in to post a comment.