. NET Framework Program Design-globally deployment Assembly global deployment assembly

Globally deployment Assembly global deployment assembly

(1) strongname assembly

Stronugly named assembly is the unique identification mechanism of the CLR assembly. It has four features:
· File name (no extension)
· Version number
· Language and Culture
· Public Key tag

Example: mytypes, version = 1.0.123.0, culture = neutral, publickeytoken = 1234567890123456

Use sn.exe to generate a public/private key pair

Sn-K mycompany. Keys

View Public Key

Sn-P mycompany. Keys mycompany. publickey
Sn-TP mycompany. publickey

Microsoft (R). Net Framework utility version 1.1.4322.573 Copyright (c) Microsoft Corporation 1998-2002. All rights reserved. Public Key is 002400000480000094000000060200000024213525341310004000001000100830304ce5787ef Bytes Bytes Bytes 0b885ac8 Public Key marked as 91e5e7845907a9e6

Create strongname assembly (using system. relfection ):

[Assembly: assemblykeyfile ("mycompany. Keys")]

Metadata of strongname assembly:

Assembly ------------------------------------------------------- Token: 0x20000001 Name: Hello Public Key: 00 24 00 00 04 80 00 00 94 00 00 00 06 02 00 00 00 24 00 00 52 53 41 31 : 00 04 00 00 01 01 00 83 03 04 ce 57 87 EF D2 35 5d 71 fa 73 73 9e A2 : 75 81 32 94 09 F9 B2 D4 AA A3 84 09 A0 AB A5 B7 7b fa 34 ff E4 25 18 0b : 86 Ba 43 2a 4f 21 52 F9 F6 C2 ac eb 00 5d 57 20 8f 7b 3D 48 BD 56 91 10 : E9 1D 7C dB DF 53 4f 20 ed 82 26 50 31 1C 69 dd da 11 FB 72 1E 12 8d E2 : 31 A6 A0 66 1A Ba 1E B3 E3 06 AC F2 DC 07 77 FC 26 66 12 C4 D7 49 11 18 : 65 7C C7 41 D9 90 A9 5B DF D9 69 0b 88 5A C8 Hash Algorithm: 0x00008004 Major version: 0x00000000 Minor version: 0x00000000 Build number: 0x00000000 Revision number: 0x00000000 Locale: <null> Flags: [sidebysidecompatible] [publickey] (00000001) Assemblyref #1 ------------------------------------------------------- Token: 0x23000001 Public Key or token: B7 7A 5C 56 19 34 E0 89 Name: mscorlib Major version: 0x00000001 Minor version: 0x00000000 Build number: 0x00001388 Revision number: 0x00000000 Locale: <null> Hashvalue BLOB: Flags: [none] (00000000)

(2) GAC (Global Assembly Cache)

C: \ windows \ Assembly \ GAC

Use the tool gacutil.exe for installation and uninstallation:

Install a strongnameassembly:
Gacutil.exe/I myassembly. dll

Uninstall an strongnameassembly:
Gacutil.exe/u myassembly. dll

View the details in the DOS window:

(3) Reference strongnameassembly

We found that the machine that installed dotnetframwork has two assembly files, one in c: \ windows \ Microsoft. net \ framework \ v1.1.4322 \ ZH-CHS, and the other is in GAC.

The purpose is to facilitate application reference and loading.

When compiling a program, if we need to reference another assembly, the compiler will look for the following directory:
(1) Use the full path of the file specified by the compiler/reference. If it is only the Assembly name, continue searching
(2) current working directory
(3) CLR directory (c: \ windows \ microsoft. Net \ framework \ v1.1.4322 \ ZH-CHS)
(4) use the/lib directory specified by the compiler
(5) directory specified by LIB Environment Variables

Loading refers to the path of the required assembly to be loaded when the application is running (the loading sequence is mentioned above)

Use the response file (. RSP) to set the compiler's command switch:

For example, create a myproject. RSP file:
/Out: myproject.exe
/Target: winexe
Use this file during compilation
CSC @ myproject. RSP file1.cs file2.cs
So we don't need the command line of the response file:
CSC/out: myproject.exe/Target: winexe file1.cs file2.cs

There is a CSC. RSP file in C: \ WINDOWS \ Microsoft. NET \ framework \ v1.1.4322.

# This file contains command-line options that the C # # Command line compiler (CSC) will process as Part # Of every compilation, unless the "/noconfig" option # Is specified. # Reference the common framework Libraries /R: accessibility. dll /R: Microsoft. VSA. dll /R: system. configuration. Install. dll /R: system. Data. dll /R: system. Design. dll /R: system. directoryservices. dll /R: system. dll /R: system. Drawing. Design. dll /R: system. Drawing. dll /R: system. javasiseservices. dll /R: system. Management. dll /R: system. messaging. dll /R: system. runtime. remoting. dll /R: system. runtime. serialization. formatters. Soap. dll /R: system. Security. dll /R: system. serviceprocess. dll /R: system. Web. dll /R: system. Web. Mobile. dll /R: system. Web. regularexpressions. dll /R: system. Web. Services. dll /R: system. Windows. Forms. dll /R: system. xml. dll

(4) Tamper-proofing of strongnameassembly

When strongnameassembly is installed to GAC, the system will automatically verify whether the Assembly is tampered with. When loading from GAC, the system will verify the Assembly again in a different way. If it is loaded from another non-GAC directory, the Assembly is also rigorously verified.

(5) Delayed Signature

To prevent private key leakage, we can use the delayed signature technology (delayed singning ).

(1) obtain the public key file and add the following two features to the source code:
[Assembly: assemlykeyfile ("mycompanypublickey. Keys")]
[Assembly: assemlydelaysign (true)]
(2) when the Assembly is generated, run the following command to install the Assembly to GAC (one operation is required)
Sn.exe-VR myassembly. dll
(3) obtain the public/private key pair when packaging and deploying the application, and execute the following command:
Sn.exe-r myassembly. dll mycompanykey. Keys
(4) execute the following command to restore the verification process for testing:
Sn.exe-vu myassembly. dll