zoukankan      html  css  js  c++  java
  • (.NET Framework) What’s a “Strong Named” assembly?

    Recently, I was asked what a “Strong Name” is? And why we need a signed build?

    Now, I’m going to talk about this concept, not only because I was asked, but also we had the “Strong Name” issue in our automation tests.

    (The issue is that our unsigned automation tests running on signed products.)

      

    So, before each topic, some guys may have below concerns,

    1. What’s a Strong Name?

    2. Why Microsoft involved this concept?

    3. How we used this functionality?

      

    Don’t worry, my answers are coming.

    What’s “Strong Name” assembly?

    1. A “Strong Named” assembly is the same as “Weakly Named” assembly, with following information in it: PE file format, PE32(+), CLR header, metadata, manifest, IL.

    2. A “Strong Named” assembly is made up by “Name”, "Version”, "Culture” and “Public Key”, it not only used for unique identify an assembly, but also used for avoiding the version control problem. (Actually, MS is considering deprecate “Weakly Named” assembly.)

    3. For the public key, actually .NET use “Public key/Private key” pairs to identify one assembly. Also please note, generally a “Public Key Token” will be used in order to replace the “Public Key”, because the “Public Key” is so large, so use one small hash value derived from it would be more convenience for developers.

    Why use “Strong Named” assembly?

    1. As a little described in above category, it’s used for unique identifying an assembly to avoid the version control issue(DLL hole).

    2. A dll hole is that, Company A published one assembly called “ASM_01”, Company B also published one assembly with the same “ASM_01”. A published it first, and a user installed this assembly(dll), and later B also published the same assembly. Because both the dlls have the same name, so the later dll replaced the pervious one. So that the A software will no longer to work. That’s the dll hole.)

    How to use it?

    1. Create a VB/C#/F# .net application.

    2.  See below picture.

    ProjPropSigning01

    3. Click “ Choose a strong name key file:” drop-down list.

    4. Click “New” menu item.

    5. Type a name in the pop-up dialog. You can either check/uncheck the “Protect my key file with a password” check-box.

    6. After clicked “OK” to dismiss the dialog, build your project. And now, your assembly is sighed with a strong name.

    SN.exe

    SN.exe is a useful tool that contained in Visual Studio 2010 SDK.(SN = Strong Name)

    1. Sn.exe –k MyAssembly.snk. Use this CMD line exe to generate a public/private key pairs.

    2. Sn.exe –p MyAssembly.PublicKey. Use this switch “-p” to generate a “PublicKey” file, so that you can use following command to view the public key.

    3. Sn.exe –tp MyAssembly.PublicKey. By using this “-tp” switch, you will definitely view the very large digital of the public key.

  • 相关阅读:
    中国登山队员首次登上地球之巅珠穆朗玛峰的时间与意义及影响 (转)
    兰戈利尔人(斯蒂芬.金)
    冥界系列一:麝月 (作者:钱其强)
    席慕容独白
    【心理寓言】小偷在鸡舍偷了只鸡
    美国恐怖故事第一季事件时间表
    大学生逃课的暴笑理由
    原来他们四个也是有故事的男人
    爆笑:七八十年代各地最流行顺口溜 网友:太经典了
    中国的世界之最
  • 原文地址:https://www.cnblogs.com/lucasluo/p/1891620.html
Copyright © 2011-2022 走看看