Explain about strong name in .NET.

They are the assemblies which can be uniquely identified by attaching the strong name to the dll name. It gives a unique name to each assembly of various versions. This allows solving the DLL hell problem.

Creating an Assembly with a Strong Name

   1. Use the Strong Name tool (Sn.exe) that comes with the .NET Framework Software Development Kit (SDK) to generate a cryptographic key pair.

      The following command uses the Strong Name tool to generate a new key pair and store it in a file called TestKey.snk:

      sn -k Testkey.snk
                             

   2. Add the proper custom attribute to your source for the compiler to emit the assembly with a strong name. Which attribute you use depends on whether the key pair that is used for the signing is contained in a file or in a key container within the Cryptographic Service Provider (CSP). For keys that are stored in a file, use the System.Reflection.AssemblyKeyFileAttribute attribute. For keys that are stored in the CSP, use the System.Reflection.AssemblyKeyNameAttribute attribute.

      The following code uses AssemblyKeyFileAttribute to specify the name of the file that contains the key pair.

      NOTE: In Microsoft Visual Basic, the assembly level attributes must appear as the first statements in the file.Visual Basic .NET Code

      Imports System
      Imports System.Reflection

      <assembly:AssemblyKeyFileAttribute("TestKey.snk")>
                         

      C# Code

      using System;
      using System.Reflection;

      [assembly:AssemblyKeyFileAttribute("TestKey.snk")]
                         
.........................................................................................................................................

A strong name is a reliable .NET assembly identifier,
comprised of the assembly’s simple text name, version
number, culture, public key and a digital signature. The
latter two are generated with the strong name (sn) tool,
while the remainder is part of the assemblies manifest …
usually specified in the AssemblyInfo source file.

........................................................................................................................


A strong name consists of the assembly's identity — its
simple text name, version number, and culture information
(if provided) — plus a public key and a digital signature.

In particular, strong names satisfy the following requirements:

Strong names guarantee name uniqueness by relying on unique
key pairs. No one can generate the same assembly name that
you can, because an assembly generated with one private key
has a different name than an assembly generated with another
private key.

Strong names protect the version lineage of an assembly. A
strong name can ensure that no one can produce a subsequent
version of your assembly. Users can be sure that a version
of the assembly they are loading comes from the same
publisher that created the version the application was built
with.

Strong names provide a strong integrity check. Passing the
.NET Framework security checks guarantees that the contents
of the assembly have not been changed since it was built.
Note, however, that strong names in and of themselves do not
imply a level of trust like that provided, for example, by a
digital signature and supporting certificate.

................................................................................................................................................................


A strong name consists of the assembly's identity — its simple text name, version number, and culture information (if provided) — plus a public key and a digital signature. It is generated from an assembly file (the file that contains the assembly manifest, which in turn contains the names and hashes of all the files that make up the assembly), using the corresponding private key. Microsoft® Visual Studio® .NET and other development tools provided in the .NET Framework SDK can assign strong names to an assembly. Assemblies with the same strong name are expected to be identical.

You can ensure that a name is globally unique by signing an assembly with a strong name. In particular, strong names satisfy the following requirements:

    * Strong names guarantee name uniqueness by relying on unique key pairs. No one can generate the same assembly name that you can, because an assembly generated with one private key has a different name than an assembly generated with another private key.
    * Strong names protect the version lineage of an assembly. A strong name can ensure that no one can produce a subsequent version of your assembly. Users can be sure that a version of the assembly they are loading comes from the same publisher that created the version the application was built with.
    * Strong names provide a strong integrity check. Passing the .NET Framework security checks guarantees that the contents of the assembly have not been changed since it was built. Note, however, that strong names in and of themselves do not imply a level of trust like that provided, for example, by a digital signature and supporting certificate.

When you reference a strong-named assembly, you expect to get certain benefits, such as versioning and naming protection. If the strong-named assembly then references an assembly with a simple name, which does not have these benefits, you lose the benefits you would derive from using a strong-named assembly and revert to DLL conflicts. Therefore, strong-named assemblies can only reference other strong-named assemblies.

0 comments:

Post a Comment