A strong name is a .NET assembly name combined with its version number and other information to uniquely identify the assembly. This allows multiple versions of the same assembly to peacefully co-exist in the global assembly cache, where shared assemblies are typically stored.
A strong name consists of five parts:
1) Simple Name – Usually the name of the file (without the extension) that contains the assembly
2) Public Key – RSA cryptographic public key that helps verify the assembly's authenticity
3) Version – Four-part version number, in the form of Major.Minor.Build.Revision
4) Culture – Target audience for the assembly, such as "neutral" (default audience), "en-us" (English – United States) or "fr" (France) etc.
5) Processor Architecture – Defines the assembly's format, such as MSIL (intermediate language) or x86 (binary for Intel x86 processors)
An example of Strong Named Assembly:
Strong name is "Mini-Launcher, Version=0.3.612.24542, Culture=neutral, PublicKeyToken=ffa52ed9739048b4, ProcessorArchitecture=MSIL"
Why Use Strong Names?
Strong names are required to store shared assemblies in the global assembly cache (GAC). This is because the GAC allows multiple versions of the same assembly to reside on your system simultaneously, so that each application can find and use its own version of your assembly. This helps avoid DLL Hell, where applications that may be compiled to different versions of your assembly could potentially break because they are all forced to use the same version of your assembly.
Another reason to use strong names is to make it difficult for hackers to spoof your assembly, in other words, replace or inject your assembly with a virus or malicious code.
You can ensure that a name is globally unique by signing an assembly with a strong name.
Strong names satisfy following requirements:
1) Strong names guarantee name uniqueness by relying on unique key pairs. No one can generate the same assembly name that you can, because an assembly generated with one private key has a different name than an assembly generated with another private key.
2) Strong names protect the version lineage of an assembly. A strong name can ensure that no one can produce a subsequent version of your assembly. Users can be sure that a version of the assembly they are loading comes from the same publisher that created the version the application was built with.
3) Strong names provide a strong integrity check. Passing the .NET Framework security checks guarantees that the contents of the assembly have not been changed since it was built. Note, however, that strong names in and of themselves do not imply a level of trust like that provided, for example, by a digital signature and supporting certificate.
What is a strong name key file?
A strong name key file has a .snk extension and contains a unique public-private key pair. You use the strong name key file to digitally sign your assembly (see below). Note that this type of file is not secure, as the private key in a .snk file can be easily compromised.
For added protection, Visual Studio can encrypt a strong name key file, which produces a file with the .pfx (Personal Information eXchange) extension. The .pfx file is more secure because whenever someone attempts to use the encrypted key, she will be prompted for the password.
How do I create a strong name key file for a .NET assembly?
1) Select your assembly project in the Visual Studio 2008 Solution Explorer.
2) Click the Properties button. The project properties will appear in the main window.
3) Select the Signing tab:
4) Check the Sign the assembly checkbox.
5) In the Choose a strong name key file drop-down, select New. The "Create Strong Name Key" dialog appears:
6) In the Key file name text box, type the desired key name. Typically this is the name of your assembly but can be anything. Visual Studio will automatically append the proper file extension.
8) Click the OK button.
How to get Strong Named Token?
1) Go to External Tools... from Tools menu.
2) Click Add.
3) enter the Title, Commands (SDK path of sn.ese) and Arguments. 4) Click Apply to get the new tool in Tools menu to get SN Token.
Finally check the received SN token entry in GAC by right clicking the entry. You can see the desired result as follows:
This is the simple way to create and get the Strong Named Assembly in SharePoint. It is not too different from the strong named assembly in dot net.
Thank you for reading my blog. Please go through my other blogs:
No comments:
Post a Comment