me have read few articles that use SN.EXE to generate a keypair and use in .Net program.
<Assembly: AssemblyKeyFile("..\..\MySNFile.snk")>
but me not understand how it work and what the purpose/benefit with making my program "Strong Name"
can anyone explain to me
thankyou
SN.EXE | Strong Names ?
Hot Topic
- System.SystemException: The trust relationship between this workstation and the primary domain failed.
- Is remoting for me?
- Creating new threads in static constructor
- SOAP complex content - array of strings
- Strange event behaviour
- WSDL.EXE is generating a proxy class that displays no methods
- exe problem...
- XslCompiledTransform Caching
- Wireless API and samples question WinXP with SP2
- Why not Match(IEnumerator<char>) ?
.NET Development
- Custom Event Log
- Oledb/Framework BUG
- C# Com Interop problem - should be simple!
- Connection woos ...
- sql problem inc#
- “SchemaImporterExtensions" helps you not to modify the Reference.cs file each time you "Update Web Reference"?
- WSE910/Windows 2000: Security requirements are not satisfied because the security header is not present in the incoming message.
- What are the differences between .NET Framework 3.0 RC1 and CTP ?
- is there a cross framw in .net 2.0
- Exchanging binary serialized objects
SN.EXE | Strong Names ?
Aleksandr Tokarev
There's lots of ways to verify your assembly is strong named. One is to add a reference to it to a project. You can look in the properties for the assembly to see the Strong Name flag. Another is to use "sn.exe -v filename". Or, if you want to do it in code see: http://blogs.msdn.com/shawnfa/archive/2004/06/07/150378.aspx
Once strong-named, the assembly is completely self contained, and you *NEVER* want to distributed your snk file. You should keep that in a very safe place, it's the key to signing assemblies. If anyone else ever got a hold of that they could sign assemblies and claim they were yours, circumventing the whole point of strong-naming.
If you don't plan on installing on the GAC, need FullTrust, or want to use it from another strong-named assembly that doesn't have the AllowPartiallyTrustedCallers attribute; strong naming really only protect injection.
Once strong-named an assembly can no longer simply be loaded by filename, it has to include the version, culture, and publickey token. E.g:
Assembly.Load("MyAssembly, Version=1.0.0.0, Culture=neutral, PublicKeyToken=b20f88744da049e3");
You can display the publickey token from an assembly with "sn.exe -Tp filename"
The following page may be more helpful: http://www.microsoft.com/communities/newsgroups/en-us/default.aspx dg=microsoft.public.simulators&cat=en_US_f5c26c4c-9442-4038-ab1e-b3d34006e2de&lang=en&cr=US
TomJ72
after reading the articles you giving me, me still not very clear about this.
- i am using VCS Express and using the [Project Properties]>[Signing Pane]>[Sign the assembly] with my .snk file generated by sn.exe.
- How to check whether my compiled assembly are "Strong Names"
- With "Strong Names" when publishing my application, is there required include any extra file(s) like the .snk
after reading more articles, me feel more confusedis that still required adding any code to my project
(sorry about that, me know it might stupid question, but me just have play around with VB6 before, .Net seem too huge for me)
- Is it a good idea to make all project assembly "Strong Names" no matter what kind of project.
- After making it "Strong Names", is there still possible to link between them
thankyou very much for spending time on my questionslike Main program using DLL, loadAssembly.
If can, is it just doing as usual
Timmy
By strong-naming an assembly you protect it against someone wedging their own assembly with the exact same interface over yours--reducing the security risk.
If you have a need to put an assembly in the GAC or you need to deploy you assembly to computers where only strong-named assemblies can have Full trust, you may also need to strong-name your assembly.
fcatacutan
what the FullTrust and AllowPartiallyTrustedCallers mean
thanks again