前段时间自己整理的一个有关strong-named assemblies的相关知识点。
What it the strong-named assembly?
A strong name consists of the assembly‘s identity:
Simple text name
Version number
Culture information
A public key and a digital signature
Benefits:
Strong names guarantee name uniqueness by relying on unique key pairs
Strong names protect the version lineage of an assembly.
Strong names provide a strong integrity check.
Public/Private key pair:
Create a public/private key pair
>sn -k myKeyPair.snk
Get the public key
>sn -p myKeyPair.snk myPublicKey.snk
View the public key
>sn -tp myPublicKey.snk
How to sign an assembly with a strong name:
Using the Assembly Linker (Al.exe)
>al /out:MyAssembly.dll MyModule.netmodule /keyfile:myKeyPair.snk
Using compiler options such /keyfile or /delaysign in C#
>csc /Keyfile:myKeyPair.snk test.cs
Using assembly attributes to insert the strong name information in code.
[assembly: AssemblyKeyFile(“myKeyPair.snk")]
Delay Signing an Assembly:
An organization can have a closely guarded key pair that developers do not have access to on a daily basis. The public key is often available, but access to the private key is restricted to only a few individuals.
How to delay signing an assembly:
Obtain the public key portion of the key pair.
Annotate the source code for the assembly with two custom attributes
[assembly:AssemblyKeyFileAttribute("myPublicKey.snk")]
[assembly:AssemblyDelaySignAttribute(true)]
Compile the assembly
Turn off the verification of that signature.
>sn –Vr myAssembly.dll
Using the actual strong name sign the assembly
>sn -R myAssembly.dll myKeyPair.snk
Turn verification back on by executing the following command line:
>SN -Vu myAssembly.dll
Publish and GAC:
If an assembly is to be accessed by multiple applications, the assembly must be placed into a well-known directory, which is called the global assembly cache (GAC).
the GAC identifies assemblies using name, version, culture, public key, and CPU architecture.
You can't ever place a weakly named assembly into the GAC.
Install an assembly to GAC
>gacutil -i hello.dll
Remove an assembly from GAC
>gacutil –u hello.dll