Thoughts on Microsoft. Practices. enterpriselibrary. Data. sqlce Problems

When the sqlce assembly in Enterprise Library is used in the current project, the following problems are encountered, and the solution is found by analyzing the causes. Here, I will share with my friends.

Error prompt: Assembly "Microsoft. practices. enterpriselibrary. data. sqlce, version = 3.1.0.0, culture = neutral, publickeytoken = b03f5f7f11d50a3a "uses the" system. data. sqlserverce, version = 9.0.242.0, culture = neutral, publickeytoken = 89845dcd8080cc91 "is later than the referenced assembly" system. data. sqlserverce, version = 3.5.1.0, culture = neutral, publickeytoken = 89845dcd8080cc91. Why does this prompt appear?

Cause Analysis: I am using Microsoft. practices. enterpriselibary. data. the sqlce version is 3.1.0.0, and I use system. data. sqlserverce. the dll version is 3.5.1.0. because Microsoft. practices. enterpriselibary. data. sqlce 3.1.0.0 and system. data. sqlserverce. DLL 9.0.242.0 is bound. (Assembly with a strong name ). Therefore, if I use system. Data. sqlserverce 3.5.1.0, the system will prompt that I cannot pass !!

Thoughts:

1. enterpriselibrary 4.1 uses Microsoft. practices. enterpriselibrary. data. sqlce 4.1.0.0. the system. data. sqlserverce. DLL is 3.5.1.0, so you can upgrade the version of javasiselibray (3.1 --> 4.1 ). however, this method may cause a problem: If I use Enterprise Library 4.1, it will depend on. net Framework 3.5. I don't want to rely on. NET 3.5, so I decided this solution is not desirable. So I thought of the second solution.

2. system. data. sqlserverce 3.5.1.0 is. NET Compact Framework 3.5 SP1, while system. data. sqlserverce 9.0.242.0 is. NET Compact framework3.5. In other words, I reference system. data. sqlserverce 9.0.242.0 does this DLL solve the problem? If so, I use system. dasta. sqlserverce 9.0.242.0 sets up the SQL ce version and system of the operating database. data. SQL Server 3.5.1.0 has different database versions. To ensure interface consistency, use system. data. the dll version of sqlserver 3.5.1.0 cannot be changed. So there is only another way.

Solution:

The. NET Framework Version cannot be changed, and the system. Data. sqlserver 3.5.1.0 (. NET Compact Framework 3.5 SP1) Version cannot be changed. Can this problem be solved? How can a higher version be incompatible with a lower version? It can be implemented through Version Control of. Net Assembly: bindingredirect element. (redirects the version of one assembly to the version of another assembly)

 

Configuration

<Runtime>
<Assemblybinding xmlns = "urn: Schemas-Microsoft-com: ASM. V1">
<Dependentassembly>
<Assemblyidentity name = "system. Data. sqlserverce" publickeytoken = "89845dcd8080cc91"/>
<Bindingredirect oldversion = "9.0.242.0" newversion = "3.5.1.0"/>
</Dependentassembly>
</Assemblybinding>
</Runtime>

 

 

When I encountered this problem, I came up with this idea. Here I also share with my friends:

The self-developed Assembly, such as charles2008.framework version = 1.0.0.0 culture = ZH-CN publickeytoken = NULL, runs normally in an application. However, after a while, we modified the charles2008.framework and updated the charles2008.framework version = 2.0.0.0 culture = ZH-CN publickeytoken = NULL.

How did we upgrade it? Directly replace the DLL, and bindingredirect is not configured to run normally. So why does the DLL system. Data. sqlserverce need to be configured?

The answer is: system. data. sqlserverce. DLL is a strongly-named assembly. the charles2008.framework I write myself does not have a strong command signature for it, and all applications are not bound to the specified assembly, so there will be no problems.

 

Add some principles about strongname:

Strongname is an identity recognition mechanism provided by. net. It implements signature for an assembly based on encryption algorithms, such as RSA. This allows us to identify an assembly (who published the Assembly ). In fact, in essence, strongname and certificate mechanism (such as X.509) have the same identity identification principle. The difference is whether the client can prove that it is qualified for the certificate mechanism relationship, strongname only indicates a specific identity, which is only for an assembly.

I. Principles of strongname:

Strongname --- strong name. The meaning of this name is relative to weekname (weak name. (We can call an assembly without an embedded public key and signature using the private key as a weak name assembly .)

The concept of full name in a collection on msdn --- fullname is represented by a fullname string. Its format is as follows: "[Assembly name] version = [version number] culture = [cultural region] publickeytoken = [Public Key id]", as shown in the preceding figure "system. data. sqlserverce version = 3.5.1.0 culture = neutral publickeytoken = 89845dcd8080cc91 ". In the information about the name, [Assembly name], [version number], and [cultural region] are descriptive information, the difference between them and publickeytoken is that the first three can be forged at will. However, publickeytoken cannot be forged and is uniquely bound to a specific assembly. If you want to impersonate the original author to publish a malicious assembly, you can name it system. data. sqlserverce uses 3.5.1.0 to generate the version number, and the cultural region is set to neutral. However, since there is no specific key file to sign his malicious assembly, he cannot impersonate the author of the original assembly.

Compared with the weak name assembly, the strong name assembly has the following features:

1. Strong-name Assembly ensures uniqueness. The key pair is generated by the issuer and is unique. Ensure that the Assembly ID is not repeated.

2. Strong-name assembly is tamper-resistant. The strongly-named Assembly uses the private key to sign itself. When loaded, you can check whether the Assembly has been modified.

3. Version policies can be implemented for strong-name assembly. For a weak name, the program that references it does not care about its version. For a strong-type assembly, the program that references it is bound to an assembly of a specific version. If the old version is replaced by a strong name, the program cannot run. (Of course, you can use the configuration file to redirect a strongly-named assembly ).

4. A Strongly-named assembly can be deployed in GAC. Different versions of the same assembly can also exist in GAC.

5. Strong-name Assembly can only reference strongly-name assembly. An assembly with a weak name can reference a strong-name assembly or an assembly with a weak name. However, an assembly with a strong name can only reference an assembly with a strong name.

6. Strongly-named Assembly supports parallel execution. Parallel (side-by-side) Execution refers to a program that references multiple versions of an assembly with the same name at the same time. In this way, multiple versions of an assembly with the same name are loaded and concurrently executed. But it is usually relatively small.

 

Ii. Commands

Sn-K ***. SNK --- generate the key file. Sn will write the public key/private key pair into the ***. SNK file. Make sure that the file is not in the hands of untrusted people. Otherwise, someone else can impersonate you to publish the code.

Sn-P keypair. SNK publickey. SNK --- extract the public key from the keypair. SNK file and write it into the public key file publickey. SNK.

Sn-TP publickey. SNK> publickey.txt ---extract the public key information to the publickey.txt file (you can view the public key)

 

Iii. Delayed Loading

If a large number of people are involved in the Assembly development process, each person responsible for compiling a strongly-known Assembly needs to access the file containing the public key pair, in this way, it is difficult to ensure that the key will not be disclosed. To prevent this situation as much as possible, a mechanism called delayed signature is created, this mechanism operates in the following way:
1) First, use the Sn-p command to generate a. SNK file that only contains public key information, for example, Sn-P mykey. SNK mypubkey. SNK.
This mypubkey. SNK file contains only public key information;
2) then, use True to initialize assemblydelaysignattrinature to activate delayed signature, so that developers can directly
Use mypubkey. SNK instead of mykey. SNK for development. The Compiler does not sign the main module, but retains the main module
And insert the public key information in mypubkey. SNK to assemblydef in the main module list,
The calculated hash values of non-primary modules are inserted into the filedef of the primary module list.
3) At last, when the development is complete, you only need to use the-R (note uppercase) option of sn.exe to complete the signature. For example:
Sn.exe-r assname.exe mykey. SNK.

 

Best regards,

Charles Chen

MSN: gotosunny ^ msn.com (^ Replace @)