[英]How to implement a custom digital signing for my plugins?
In a C++ application (actually a browser plugin but this isn't too relevant) I have a need for it to be able to run external processes which expose a specific interface through IPC.在 C++ 应用程序(实际上是一个浏览器插件,但这不是太相关)中,我需要它能够运行通过 IPC 公开特定接口的外部进程。 Sort of like a plugin architecture but the plugins are discrete applications rather than DLLs, etc.
有点像插件架构,但插件是离散的应用程序而不是 DLL 等。
Someone can easily find out the required interface and write a malicious 'plugin', hosting it on their web-site, comparable to a malicious SWF except SWFs are sand-boxed.有人可以轻松找到所需的接口并编写恶意“插件”,将其托管在他们的网站上,这与恶意 SWF 相当,但 SWF 是沙盒的。 Then if someone with the browser-plugin installed comes to that page, it would load and run the malicious process in a kind of drive-by attack.
然后,如果安装了浏览器插件的人来到该页面,它将以一种偷渡式攻击的方式加载并运行恶意进程。
One recommendation I see is to use a signing mechanism, but I don't know how that might be achieved.我看到的一个建议是使用签名机制,但我不知道如何实现。 Note, I'm not creating something for mass-market but specialist use, so the number of companies producing legitimate plugins would be small.
请注意,我不是为大众市场创造东西,而是为专业用途创造东西,因此生产合法插件的公司数量会很少。
One way is to use a cryptographic library like GPG
or OpenSSL
.一种方法是使用像
GPG
或OpenSSL
这样的加密库。 With both of them you create a public/private key pair.使用它们,您可以创建一个公钥/私钥对。 You sign your application with the private key.
您使用私钥签署您的应用程序。 The browser plugin contains the public key, which is used to verify the signature.
浏览器插件包含用于验证签名的公钥。 These libraries are not particularly easy to use.
这些库并不是特别容易使用。 Read eg
dgst.c
from the OpenSSL package.从 OpenSSL package 中读取例如
dgst.c
。 You will need to adapt it (at least the verification part) to your plugin.您需要将其(至少是验证部分)适应您的插件。 There's a lot of APIs to learn!
有很多 API 需要学习! You may use
dgst.c
as is to sign the files.您可以按原样使用
dgst.c
对文件进行签名。
If you are on Windows you can also use windows Crypto API (CAPI) in much the same way, but I know next to nothing about Windows APIs. If you are on Windows you can also use windows Crypto API (CAPI) in much the same way, but I know next to nothing about Windows APIs.
Another way is to implement a signature algorithm from scratch.另一种方法是从头开始实现签名算法。 This is not for the faint of heart either.
这也不适合胆小的人。 Read http://en.wikipedia.org/wiki/Digital_signature , pick a method that looks like easy to implement (RSA, DSA, ElGamal...), and implement it (both the signing and the verifying part, or just the verifying part -- but then make sure it is compatible with OpenSSL or GPG so you can use them for signing.
阅读http://en.wikipedia.org/wiki/Digital_signature ,选择一个看起来容易实现的方法(RSA、DSA、ElGamal ......),然后实现它(签名和验证部分,或者只是验证部分——但要确保它与 OpenSSL 或 GPG 兼容,以便您可以使用它们进行签名。
Both DLLs and EXE are signed using Authenticode technology and X.509 certificates. DLL 和 EXE 都使用 Authenticode 技术和 X.509 证书进行签名。
To validate the Authenticode signature on Windows using mechanisms built into Windows you use WinVerifyTrust function of CryptoAPI.要使用 Windows 中内置的机制验证 Windows 上的 Authenticode 签名,请使用 CryptoAPI 的WinVerifyTrust function。 This will require that each "plugin" is signed using the certificate issued by some well-known CA (known to Windows, at least).
这将要求每个“插件”都使用某个知名 CA(至少 Windows 已知)颁发的证书进行签名。
If you want to give plugin developers your own certificates (to let them save money on purchasing certificates from CAs), then you can take PKIBlackbox package of our SecureBlackbox product and become your own certificate authority.如果你想给插件开发者你自己的证书(让他们节省从 CA 购买证书的钱),那么你可以使用我们 SecureBlackbox 产品的PKIBlackbox package 并成为你自己的证书颁发机构。 PKIBlackbox allows you to create and verify Authenticode signatures as well.
PKIBlackbox 还允许您创建和验证 Authenticode 签名。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.