Shared Assembilies and strongly Named assemblies

The. NET Framework has on place to deal with versioning problems.

kinds of assemblies, kinds of Deployment

　　Weakly named assemblies, strongly named assemblies

Same: Use thesame portable executable (PE) file format, PE32 (+) header, CLR headers, metadata, manifest tables, an D Intermediate Language (IL). Use the same tools, such as the C # compiler and AL.exe

different:strongly named assembly is signed with a publisher's public/private key pair that uniquely identifies The assembly ' s publisher. It allows the assembly to is deployed anywhere on the user's machine or even on the Internet. Allows the CLR to enforce certain known-to-besafe policies when an application tries to bind to a strongly named assembly

Be deployed in ways:privately, globally

　　

Giving an Assembly a strong Name

　　Qustion:two (or more) companies could produce assemblies that has the same file name. Then, if both of these assemblies get copied to the same well-known directory, the last one installed wins, and all of t He applications the were using the old assembly no longer function as desired. (This was exactly why DLL hell exists today in Windows, in which shared DLLs was all just copied into the System32 director Y.)

　　answer:differentiating assemblies simply by using a file name isn ' t good enough. The CLR needs to support some mechanism this allows assemblies to be uniquely identified. (strongly named assembly.

A strongly named assembly consists of four attributes this uniquely identify the Assembly:a file name (without an Extensi On), a version number, a culture identity, and a public key.

　　

Standard public/private key cryptographic technologies (allows,companies to create assemblies that has the SA Me name, version, and culture without causing any conflict.)

1.creating a strongly named assembly is to obtain a key (SN.exe)

Sn–k mycompany.snk

Sn–p mycompany.snk Mycompany.publickey sha256

SN–TP Mycompany.publickey

　　　　

2.signs the assembly with the private key, and embeds the public key in the manifest.

Csc/keyfile:mycompany.snk Program.cs

Or, using Visual Studio, you can create a new public/private key file by displaying the properties for your project, Clicki ng the Signing tab, selecting the Assembly check box, and then choosing the <New...> option from the Choose A Strong Name Key File combo box.

　　

The AssemblyRef metadata information (obtained by using ILDasm.exe)

　　　　

The Global Assembly Cache

　　How to deploy this assembly and how the CLR uses the information to locate and load the assembly.

question: If an assembly are to being accessed by multiple applications, the assembly must being placed into a wellknown directory, and the CLR must know to look in this directory automatically when a reference to the assembly are detected

Answer: This well-known is called the Global Assembly Cache (GAC). The exact location of the GAC is a implementation detail that's subject to change with different versions of the. NET Fr Amework (%systemroot%\microsoft.net\assembly)

An algorithm are used to generate the names of these subdirectories. Should never manually copy assembly files into the Gac;instead, you should use tools to accomplish this task (GACUtil.exe)

　　Installing assemblies into the GAC breaks the goal of simple application installation, backup, restore, moving, and Uninst All. So it is recommended, you avoid global deployment, and use private deployment whenever possible.

Building an Assembly that References a strongly Named Assembly

　　How to use CSC.exe ' s/reference compiler switch to specify the assembly file names your want to reference.

　　If The file name is a full path, CSC.exe loads the specified file and uses its metadata information to build the assembly. As mentioned in Chapter 2, if you specify a file name without a path, CSC.exe attempts to find the assembly by looking in The following directories (in order of their presentation here):

　　1. Working directory.

2. The directory that contains the CSC.exe file itself. This directory also contains the CLR DLLs.

　　3. Any directories specified using the/lib compiler switch.

4. Any directories specified using the LIB environment variable.

　　The files in the COMPILER/CLR directory, exist So, can easily build your assembly,whereas the copies in the GAC Exi St So, they can loaded at run time.

Strongly Named assemblies is tamper-resistant

　　Signing an assembly with a private key and embedding the signature and public key within an assembly allows the CLR to ver Ify that the assembly have not been modified or corrupted.

1.The CLR uses the referenced assembly ' s properties (name, version, culture, and public key) to locate the Asse Mbly in the GAC

2.the CLR looks in the application ' s base directory

3.in any of the private paths identified in the application ' s configuration file;

4.If the application is installed using MSI, the CLR asks MSI to locate the assembly

5.If The assembly can ' t be found in any of the these locations, the bind fails, and a System.IO.FileNotFoundExc Eption is Thrown;if founded,its containing subdirectory are returned, and the file holding the manifest is loaded ( Assures the caller that the assembly loaded on run time came from the same publisher that built the assembly the Code was Compiled against. This assurance was possible because the public key token in the referencing assembly ' s AssemblyRef table corresponds to the Public key in the referenced assembly ' s assemblydef table.)

Delayed Signing

　　When you're ready for the package your strongly named assembly, you'll have it with the use of the secure private key to sign it.

question: while developing and testing your assembly, gaining access to the secure private key can be a hassle.

Answer: the. NET Framework supports delayed signing, sometimes referred to as partial signing

　　Delayed Signing allows you to build a assembly by using only your company ' s Public key; the private key isn ' t necessary.

would Lose all of the tampering protection afforded to you because the assembly ' s files won ' t Be hashed, and a digital signature won ' t is embedded in the file.

　　Develop your assembly by using The delayed signing technique:

1. While developing an assembly, obtain a file that contains only your company's public key, and compile your assembly by using the/keyfile and/delaysign compiler switches.

Csc/keyfile:mycompany.publickey/delaysign MyAssembly.cs

2. After building the assembly, execute the following line so, the CLR would trust the assembly ' sbytes without performing the hash and comparison. This allows-install the assembly inThe GAC (if you desire). Now, you can build other assemblies that reference the assembly, andYou can test the assembly. Note that you have to execute the following command line onlyonce per machine; it's not necessary to perform this step is each time you build your assembly.SN.EXE–VR MyAssembly.dll

3. When ready-to-package and-deploy the assembly, obtain your company ' s private key, andThen execute the following line. Can install this new version in the GAC if you desire, butdon ' t attempt to install it in the GAC until executing step 4.

Sn.exe-ra MyAssembly.dll Mycompany.privatekey
4. To test in real conditions, turn verification back on by executing the following command line.
Sn.exe–vu MyAssembly.dll

Privately deploying strongly Named assemblies

　　The GAC is usually secured so, only a administrator can install an assembly Into it. Also, installing into the GAC breaks the simple copy deployment story.

　　You deploy assemblies to the GAC only if the assembly is intended To is shared by many applications. If an assembly isn ' t intended to be GKFX, it should be deployed privately.

how the Runtime resolves Type References

　　

Advanced Administrative Control (Configuration)

　　How an administrator can affect the "the" the CLR searches and binds to assemblies

　　How a referenced assembly's files can be moved to a subdirectory of the application ' s base directory

　　How the CLR uses the application ' s XML configuration file to locate The moved files.

Publisher Policy Control

　Question:when a publisher fixes a bug in an assembly,the publisher would like an easy-to-do and distribute the NE W Assembly to all of the users.

　　Answer:what The publisher needs is a-to-create policy information that's installed on the user's computer when the NE W assembly is installed.

　　packaged together with the new some- ClassLibrary.dll assembly file and deployed to users.

1.create an XML configuration file

　　

2.assembly by running AL.exe as follows.

　　Al.exe/out:policy.1.0.someclasslibrary.dll

/version:1.0.0.0
/keyfile:mycompany.snk
/linkresource:someclasslibrary.config

The administrator would like to tell the CLR to ignore the publisher policy assembly: edit the application ' s configuration file and add the following publisherpolicy Element (<publisherpolicy apply= "no"/>).

Shared Assembilies and strongly Named assemblies