Several of us at SRT have formed a study group to better learn the .NET framework. Our eventual goal is to take the MCTS 70-536 certification exam.
One area of .NET that has caused us some confusion is Code Access Security (CAS). This is my attempt to sort out two of the concepts associate with CAS that have been rattling around in my brain.
Signatures and Certificates
What does it mean to sign an assembly? This means giving the assembly a strong name. When strong-naming an assembly, a hash is computed for the assembly, the hash is encrypted with a private key, and the encrypted hash and the public key are stored in the assembly, forming part of the assembly signature. Now when the CLR loads the assembly, it decrypts the hash using the public key, computes a second hash for the assembly, and then checks to make sure the two hashes are the same. If they are, we can assume that the assembly has not been tampered with.
If the public key is bundled with information about who is issuing it and verification provided by a third party that certifies the key really belongs to that person or organization, then it's called a public key certificate. The confusing part is that an assembly that contains a public key certificate is said to be
digitally signed. In CAS, I can set up a code group that looks for
Publisher Evidence, or the digital signature on an assembly, and based on the value of the digital signature grant certain permissions.
Strong Name Hash and Hash Evidence
I'm not the first person to wonder about the difference between the two of these. See
this blog post for a nice technical discussion. As I described in the above section, the strong name for an assembly contains an encrypted hash. That's the strong name hash. It's different from a general hash for an assembly because a general hash makes use of every single bit in the assembly when it is computed, whereas the strong name hash skips certain parts of the assembly. In CAS, I can set up a code group that looks for
Hash Evidence in order to grant certain permissions to an assembly. Hash evidence is a general hash computed for the assembly, not the strong name hash. The problem with hash evidence is that every time I recompile an assembly, it will have a different hash value. Therefore, hash evidence is primarily used to grant permissions to a specific build of an assembly.
I'm really happy to finally be trying out MATLAB's objected oriented features that first appeared in release 2008a. What a treat to finally be able to prototype algorithms and write tools for clients using a paradigm that comes very naturally to so many software developers. Also, it's a lot easier to bridge the gap between scientific and engineering algorithm inventors and software developers when each party's code looks similar to the other's.
Here are some introductions to object oriented MATALB:
Information from The MathWorks
An article by a MATLAB user
Here's a sample class that I assembled today from several scripts that I have for a single project. The Apply, Plot, and CreateFromConstantValueSignalFiles methods had previously been standalone .m files. Now they are grouped together as they should be in the PolyTransform class. This makes me so much happier! Thanks, MATLAB!!
classdef PolyTransform
properties
coeffs
degree
end
methods
function obj = PolyTransform(degree, coeffs)
obj.degree = degree;
obj.coeffs = coeffs;
end
function signal2 = Apply(obj, signal)
signal2 = Signal(signal.time, polyval(obj.coeffs, signal.response));
end
function Plot(obj, xx, yy)
testx = min(xx):0.01:max(xx);
testy = polyval(obj.coeffs, testx);
figure();
cla
hold on
plot(xx, yy, 'bo');
plot(testx, testy, 'g-');
end
end
methods (Static)
function obj = CreateFromConstantValueSignalFiles(degree, ndiameters, diameters, basicFileName)
averageValue = zeros(degree, 1);
for ii = 1:ndiameters
fileName = strcat(basicFileName, num2str(ii-1), '.bin');
signals = Signal.LoadFromNoiseFile(fileName);
averageValue(ii) = signals(1).Average();
end
coeffs = polyfit(averageValue, diameters, degree);
obj = PolyTransform(degree, coeffs);
obj.Plot(averageValue, diameters);
end
end
end