zoukankan      html  css  js  c++  java
  • (.NET Framework) What’s a “Strong Named” assembly?

    Recently, I was asked what a “Strong Name” is? And why we need a signed build?

    Now, I’m going to talk about this concept, not only because I was asked, but also we had the “Strong Name” issue in our automation tests.

    (The issue is that our unsigned automation tests running on signed products.)

      

    So, before each topic, some guys may have below concerns,

    1. What’s a Strong Name?

    2. Why Microsoft involved this concept?

    3. How we used this functionality?

      

    Don’t worry, my answers are coming.

    What’s “Strong Name” assembly?

    1. A “Strong Named” assembly is the same as “Weakly Named” assembly, with following information in it: PE file format, PE32(+), CLR header, metadata, manifest, IL.

    2. A “Strong Named” assembly is made up by “Name”, "Version”, "Culture” and “Public Key”, it not only used for unique identify an assembly, but also used for avoiding the version control problem. (Actually, MS is considering deprecate “Weakly Named” assembly.)

    3. For the public key, actually .NET use “Public key/Private key” pairs to identify one assembly. Also please note, generally a “Public Key Token” will be used in order to replace the “Public Key”, because the “Public Key” is so large, so use one small hash value derived from it would be more convenience for developers.

    Why use “Strong Named” assembly?

    1. As a little described in above category, it’s used for unique identifying an assembly to avoid the version control issue(DLL hole).

    2. A dll hole is that, Company A published one assembly called “ASM_01”, Company B also published one assembly with the same “ASM_01”. A published it first, and a user installed this assembly(dll), and later B also published the same assembly. Because both the dlls have the same name, so the later dll replaced the pervious one. So that the A software will no longer to work. That’s the dll hole.)

    How to use it?

    1. Create a VB/C#/F# .net application.

    2.  See below picture.

    ProjPropSigning01

    3. Click “ Choose a strong name key file:” drop-down list.

    4. Click “New” menu item.

    5. Type a name in the pop-up dialog. You can either check/uncheck the “Protect my key file with a password” check-box.

    6. After clicked “OK” to dismiss the dialog, build your project. And now, your assembly is sighed with a strong name.

    SN.exe

    SN.exe is a useful tool that contained in Visual Studio 2010 SDK.(SN = Strong Name)

    1. Sn.exe –k MyAssembly.snk. Use this CMD line exe to generate a public/private key pairs.

    2. Sn.exe –p MyAssembly.PublicKey. Use this switch “-p” to generate a “PublicKey” file, so that you can use following command to view the public key.

    3. Sn.exe –tp MyAssembly.PublicKey. By using this “-tp” switch, you will definitely view the very large digital of the public key.

  • 相关阅读:
    关于jquery动态添加的新元素无法绑定事件那些事
    关于jquery获取json数据的格式问题
    beescms文章列表页函数学习
    beescms相关函数学习
    这是二零一四年十点整的广州
    POJ 1852 Ants 分析
    hiho_1114_扫雷
    hiho_1014_Trie_Tree
    排列组合
    用链表写的冒泡排序理解
  • 原文地址:https://www.cnblogs.com/lucasluo/p/1891620.html
Copyright © 2011-2022 走看看