Community-Credit.com | NonProfitWays.com | SOAPitstop.com   Skin:   
      User: Not logged in 
Home
Newsletter Signup
XSLT Library
Latest XML Blogs
Featured Examples
Presentations
Featured Articles
Book Chapters
Training Courses
Events
NewsGroups
 
Discussions
Examples
Tutorials
Tools
Articles
Resources
Websites
 
Sign In
My Profile
My Articles
My Examples
My Favorites
My Resources
Add a Resource
Logout
 
About Me
My Blog
HeadGeek Articles
Talking Portfolio
Resume
Pictures
World Trip Pics

Installing Assembly into GAC
Author: phanindra yerra
Published: 6/23/2006 4:59 AM
Category: ASP.NET
Summary: This artcle explains how to Strong Naming And Installing Assembly into GAC

 

Introduction

 

         Strong name offers protection for your assemblies. The .NET Framework uses strong names to identify assemblies and to protect them from tampering. with this article, I’m explaining you how strong names are constructed and demonstrate the mechanics of working with strong names in .NET.

 

<b>Strong Name:</b>

 

A strong name is made up of the full class name including the namespace, the version number, culture information (which can be null if culture neutral), plus a public key and a digital signature.

 

<b> what digital signature ? </b>

 

               Before this you have to know a pair of cryptographic concepts: hashing and digital signatures.

 

 

Hashing is used to create a unique, compact value for a plaintext message. In terms of assemblies, the message is the assembly itself. The message is used as an input to the hash algorithm (in the case of strong naming, the SHA1 algorithm is used).

 

Hashing is a one-way street: you can't decrypt the hash value once it has been computed. However, hashing is very useful for comparing values. If two assemblies produce the same hash value, you can assume that the assemblies are the same. Conversely, if hashing an assembly produces a value that doesn't match a previously-calculated hash, you know that something in the assembly has been changed.

Knowing the hash value for an assembly lets you check that no one has tampered with the assembly. But how do you prevent someone from tampering with the hash value? That's where digital signing comes in. While the mathematics of digital signatures are complex, the concept is fairly simple. A digital signature depends on a pair of related numbers, the public key and the private key. When data is encrypted with the public key, it can only be decrypted with the private key (and vice versa).

The combination of hashing and digital signing allows .NET to protect your assemblies from tampering

<b>Creating strong key <b>

       The .NET Framework provides a utility to create a key pair (sn.exe). Run the following at a VS.NET command prompt. 

C:\>sn -k Customers.snk

The -k option generates the random key pair and saves the key information in the Customers.snk file.

Now your strong key is created in customers.snk file

Add the generated key into current solution. Modify AssemblyKeyFile & version in AssemblyInfo.cs as follows:

[code]

[assembly: AssemblyTitle("")]

[assembly: AssemblyDescription("")]

[assembly: AssemblyConfiguration("")]

[assembly: AssemblyCompany("Kst")]

[assembly: AssemblyProduct("")]

[assembly: AssemblyCopyright("Re")]

[assembly: AssemblyTrademark("")]

[assembly: AssemblyCulture("")]          

[assembly: AssemblyVersion("1.0.*")]

[assembly: AssemblyDelaySign(false)]

[assembly: AssemblyKeyFile(@"C:\customers.snk")]

[assembly: AssemblyKeyName("")]

[/code]

<b>Delay Signing</b>

            You may wish to keep your private key as secret, known only to a few people in the company. But then, how can you handle assembly signing? It would be difficult if you were the only person who knew the private key, and you had to sign every build of every assembly produced by every developer in your company.

            To resolve this problem .net comes with delay signing. With delay signing, you can build and test an assembly knowing only the public key. The private key can be applied later if the assembly is actually shipped to customers.

Extract the public key from the public/private key pair. To extract the public key from a file that is storing the public/private key pair, you can use the strong name tool with a slightly different command line

sn.exe -p MyKeyFile.snk MyPublicKeyFile.snk

Include the public key file in your assembly information file, and specify delay signing

[assembly: AssemblyDelaySign(true)] 
[assembly: AssemblyKeyFile("..\\MyCustomersPublicKeyFile.snk")]
 
 

Turn off verification for the assembly if you're storing the assembly in the GAC. By default, the GAC verifies the strong name of each assembly. If the assembly is not signed by using the private key, this verification fails. So, for development and testing purposes, you can relax this verification for an assembly by issuing the following command:

sn.exe -Vr MyFile.dll

When you're ready to deploy a delay-signed assembly, you need to sign it with your private key:

 
sn.exe -R MyFile.dll MyKeyFile.snk

Finally, you can instruct the GAC to resume verification for an assembly by issuing the following command:

 
sn.exe -Vu MyFile.dll

 

Installing Assembly into the GAC

           In order to share a .NET assembly with multiple applications installed on the same machine, it needs to be installed as Shared Assembly in the Global Assembly Cache (GAC).

Before Installing Assembly into GAC u must create strong name for the assembly as explained above.Build your project once after adding strong name to your solution.

From a command prompt, in the same directory where your assembly resides say Customers.dll , run gacutil.exe as below:

gacutil /i Customers.dll

The assembly can now be used from other assemblies on the server, regardless of their physical location


 

 
Fans of "The Office"
Dwight Bobbleheads are here!
  “It's me! I'm the bobblehead! Yes!”



Advertise on XMLPitstop

Advertise on XMLPitstop


EggHead Cafe
Web Servicee development
DotNetSlackers
Buy text ads here!
internet laptop backup
Color Laser Printer
Versace sunglasses
Skype vs. sipcall
VoIP Internettelefonie
Buy text ads here!

Interested in Text ads?
2,223 Total Members
36 members(last 30 days)
8 members(last 7 days)
2 members(today)

1,609 Total Discussions
12 Posts(last 30 days)
0 Posts(last 7 days)
0 Posts(today)

17,260 Total Blog Posts
1,839 Blogs(last 30 days)
342 Blogs(last 7 days)
49 Blogs(today)

8,699 Newsgroup Posts
0 Posts(last 30 days)
0 Posts(last 7 days)
0 Posts(today)

13,786 Total Resources
5 Resources(last 30 days)
1 Resources(last 7 days)
0 Resources(today)


 

David Silverlight's XMLPitstop.com| 2801 Florida Ave #225|Miami, FL 33133|Ph:305-447-1139