. NET Framework | notes | procedures | Design 3.6 delay Signature
1. When developing and testing assemblies, allowing access to secure private keys may result in private key leaks, so. NET Framework supports a technique called delay signature (delayed signing), sometimes called a local signature (partial signing).
Delay signing allows us to generate assemblies using only the company's public key:
A, the assembly references our Assembly, using the public key to allow them to embed the correct public key in the AssemblyRef metadata entry;
b, the assembly that the public key generates also allows to be placed in the internal structure of the GAC;
C, but an assembly generated with a public key loses tamper protection because it does not have a hash transformation and does not embed a digital signature in the file.
2. Implement delay Signature:
A, the public key of the company is stored in a file, and then the file name is passed to the Assembly Generation tool (2 in 3.2 is described in detail);
b, add the following two attributes to the source code tell the build tool to delay signing the assembly:
[Assembly:assemblykeyfile ("Mycompanypublickey.keys")]
[Assembly:assemblydelysign (True)]
If you use the AL.exe tool, you can also specify the/keyf[ile] and/delay[sign] switches on the command line to implement;
C, to install the assembly to the GAC, you must prevent the system from integrity verification of the Assembly by specifying the-VR command-line switch to the SN.exe tool. This also allows the CLR to skip checking the hash value of any file within it when the assembly is loaded at run time:
SN.EXE-VR MyAssembly.dll;
D, after development and testing, packaging and deploying the Assembly requires that the Assembly be signed with a private key using the SN.exe-R command-line switch, and the validation process of the Assembly is resumed with the SN.exe-vu or-VX command-line switch:
Sn-vu MyAssembly.dll
3. Some organizations keep their key pairs in a hardware device, and some cryptographic service providers (CSPs) provide some "containers" for abstracting the locations of these keys.
If our public key/private key is stored in a CSP container, you should use the System.Reflection.AssemblyKeyNameAttribute feature or the AL.exe/keyn[ame] command line switch When using SN.exe to add a private key to a delay-signed assembly, replace-R with the-RC command-line switch.
3.7 Private deployment of a strong-named assembly
Not necessarily in the GAC, in fact, if only a handful of programs share your assembly, your strong-named assembly can be deployed privately. When another assembly references the assembly, an XML configuration file is installed for it (2.7 of the 1 examples are illustrated).
3.8 Concurrent Execution
The CLR can load multiple files with the same name but different paths into the same address space, which is in the. NET Framework, which is called coexistence (side-by-side) execution, is a key technology for solving the "DLL hell" problem in Windows. The concurrent execution capabilities of DLLs allow us to create new versions of assemblies without maintaining backward compatibility.
(All because a strong-named assembly has a file name (no extension), version number, language and culture identity, and a public key token identity, you can differentiate the assembly of the same name from the other version of the company's assembly and other companies ' assemblies. )
3.9 how the CLR resolves type references
Example:
public class App {
static public void Mian (system.string[] args) {
System.Console.WriteLine ("Hi") '
}
}
The code is compiled to generate an assembly App.exe. When we run the application, the CLR loads and initializes it. The CLR then reads the assembly's CLR header to find the Methoddeftoken that identifies the application's entry method (Main). Depending on the MethodDef metadata table, the CLR navigates to the offset of the method's IL code in the file, and then compiles it to the local code in a JIT manner, completing the type-safe authentication process for the code, and finally executing the compiled local code.
When the CLR compiles the segment of code in a JIT manner, it detects all the types and members that are applied and loads the assemblies that define them.
In the example above, there is a reference to System.Console.WriteLine in the IL code. IL has a call instruction mark the metadata token referenced identifies an entry in the MemberRef metadata. A, the CLR looks for MemberRef and finds that one of the fields points to an entry in the TypeRef table (that is, the System.Console type). b, from the TypeRef entry, the CLR is directed to a AssemblyRef entry: "Mscorlib,version=1.0.3300.0,culture=" neutral, publickeytoken= b77a5c561934e089 ". Here the CLR will know which assembly it needs.
3.10 Advanced Management Control (configuration)
2.7 Describes how to configure the CLR search and binding assemblies, just the positioning element PrivatePath property, which is described in this section for some other XML configuration file elements.
1, several configuration elements: (in the book's example is too long, interested friends turn over the book)
Probing: Instructs the CLR to look for a weak named assembly in the directory that the application is specifying;
dependentassembly, assemblyidentity, and BindingRedirect: Instructs the CLR to reposition another specified assembly when it locates the previously specified assembly, and can implement version number redirection;
CodeBase: Instructs the CLR to indicate that the Assembly is found at the specified directory or URL address, or it can be used in weak assemblies (in which case the CLR ignores the assembly version number and the version number specified in the XML codeBase element);
Publisherpolicy: Indicates whether the CLR ignores the deployed publisher policy file.
2. The CLR determines the assembly referenced by the Assembly:
A, find the AssemblyRef table know to refer to the assembly;
b, locate the assembly in the application's configuration file, and apply the version number redirection policy specified in it If the Apply property of the Publisherplocy element is set to Yes or ignores the element CLR will check the GAC and apply the version number redirection policy (publisher policy) that any assembly publisher deems necessary;
C, then the CLR looks for the assembly in the Machine.config file within the machine and applies any of the version number redirection policies specified therein;
D, the final CLR knows which version of the assembly it should load and first tries to load it from the GAC, and if the assembly is not in the GAC and does not specify the CODEBASE element, the CLR locates the assembly according to the rules described in chapter 2nd.
With these configuration files, administrators can fully control which assemblies the CLR should load. If you want all assemblies in the machine to have the most recent assembly, you should modify the Machine.config files in the machine.
2.7 of the 5 mentioned. NET provides a convenient GUI configuration tool.
3.10.1 publisher Policy Control
When a publisher fixes a bug in the original version of the Assembly, it is very inconvenient for each user to modify his or her application set or the XML configuration file on the machine if they want the user to replace the new version with a new version. Publisher policy control allows you to create "policy information" that can be installed on a user's machine when you install a new assembly.
The publisher policy assembly must be installed in the GAC.
3.11 Fixing the wrong application
1. When a console or Windows Forms application is running under a user account, the CLR keeps a record of the assemblies loaded by an application entity, the load information is accumulated in memory, and is written to the following disk path at the end of the program: C:\Documents and Settings\username\Local Settings\Application Data\applicationhistory
Each file in the directory identifies a particular application with a filename similar to the following: App.exe.c4bc1771.ini. The 16-digit number is a hash value that identifies the path to the file, which is used to distinguish files of the same name under different subdirectories.
2. When an application is running, the CLR maintains a collection "snapshot" of the assemblies loaded by an application. When the application ends, this information compares the contents of the. ini file associated with the application:
A, if the application is loaded with the same set of assemblies that were previously loaded, that is, the information in the. ini file is the same as the information in memory, the information in memory is discarded;
b, if the information in memory is different from the information in the. ini file, the CLR appends the information in memory to the. ini file.
C, by default,. ini files can store 5 snapshots.
3. For some reason, if we run a problem with the application, because the CLR keeps a history of the assemblies used by an application, we can create an XML configuration file for the referenced assembly, with elements telling the CLR to use the assembly that was loaded the last time it was run properly.
With the. NET Framework Configuration tool we can easily do this, and the Run tool-"application"-"Fix the application" can be configured.
Changes to the application XML configuration file are identified by the annotation element, which includes: ". NET Appliction Restore Beginblock" and ". NET Appliction Restore Endblock"
(This is the first part of the book, and it's all about things.) NET very basic things, and some places are very difficult, it seems to be a good study of a book is not easy. I hope you will discuss the discussion.
A few days ago the cold down, to have been in the warm winter I really a bit not adapt to the day did not have time to tidy up, night room and no heat, hand stiff knock out words, plus the end of more chores, originally should finish the first three chapters also dragged to 2005 years. Say hello to your friends: good New Year!
These days a cold on the bed is not read, the harvest is to see the CCTV "Sinco legend", the plot of the general like the film Tail is good, send lyrics and everyone share:
Beauty
Sword Boil wine tasteless drink a cup for WHO
You'll be the one to send me goodbye
Rouge fragrance can love can't give
How long is the day?
You're a hero, you're doomed to no tears, no regrets.
How dangerous the laugh is, the poison in the intestines.
How beautiful the tears are only you know
It's not funny to live without you
I don't want this world
Just to change the beauty of a smile
If I can go back to the circle
I would like to be a beast in the afterlife
I want to be with you
Sword Boil wine tasteless drink a cup for WHO
You'll be the one to send me goodbye
Rouge fragrance can love can't give
How long is the day?
You're a hero, you're doomed to no tears, no regrets.
How dangerous the laugh is, the poison in the intestines.
How beautiful the tears are only you know
It's not funny to live without you
I don't want this world
Just to change the beauty of a smile
If I can go back to the circle
I would like to be a beast in the afterlife
I want to be with you
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.