Assemblies are built up of Common Intermediate Language (CIL) code. Also named as Microsoft Intermediate Lanaguage (MSIL). It contains information needed by the Just-In-Time (JIT) compiler to convert the CIL into native code @ runtime including references to other assemlies it references. Assemblies can be either exe or dll.
Four sections of an Assembly
1. First section called assembly manifest holds the following details
- Identity of the Assembly
- List of files that make up the assembly
- Map of where things are in the assembly
- Information about other assemblies that are referenced
2. Second section is called metadata section which contains information about all the types defined in the assembly. This information contains everything there is to know about each type.
3. Third section called CIL section contains the intermediate code for the assembly.
4. Fourth section is optional called resources section which hold graphics and other language resources.
Assemblies comprising more files will have one file as the primary module and the others as the secondary modules. Primary module contains the manifest of the assembly and references to the secondary modules. The file names of secondary modules end with extension .netmodule. The multiple-file assemblies are considered a single unit. They are developed together and versioned together
Identity of an Assembly
Identity of an assembly has 4 components that together can uniquely identify it.
1. Simple Name - File name without the file extension
2. Version Number - A string of four period separated integers in the form of
MajorVersion.MinorVersion.Build.Revision Ex 2.0.35.9
3. Culture Information - String that consists of two to five characters representing a language, or a language and a country or region. Example en-US
4. Public key - 128-byte string that is unique to the company producing the assembly
The public key is part of a public/private key pair, which is a set of specially chosen numbers that can be used to create secure digital signature. Public key is part of the assembly's identity.
Strongly Named Assemblies
Strong named assembly has a unique digital signature attached to it. Strong named assemblies has the following benefits
1. A strong name uniquely identifies an assembly. So the user can be sure that the assembly came from the claimed source.
2. Contents of an assembly with a string name cannot be altered without the security
components of the CLR catching the modification.
3. Strong named assemblies can only access other strongly named assemblies.
Programmer does not produce the strong name. The compiler produces it by taking information about the assembly and hashing it to create a unique signature that it attached to the assembly. Information uses in the hash process are
1. Sequence of bytes composing the assembly
2. Simple name
3. Version number
4. Culture information
5. Public/private key pair
Creating a Strongly Named Assembly
Using Visual Studio 2008
Open the properties of the project =>
Select Signing tab =>
Select the sign the Assembly check box and enter the location of the key file
Once we compile the project, compiler will produce a strong names assembly
Deploying an Assembly
We can just copy the assembly to a local directory along with the application. Program deployed this way are called private assemblies and the method of deployment is called xcopy deployment.
In some scenarios we will need to place the dll in a central location so more than once application can refer and user it. .Net has such a repository, called the global assembly cache(GAC). An assembly placed into the GAC is called a shared assembly. Only strong named assemblies can be added to the GAC.
The physical location of GAC is WindowsInstallationFolder\Assembly Ex: C:\Windows\Assembly
Installing Assemblies into the GAC
When we try to install an assembly, CLR's security component verifies the digital signature on the assembly in valid. If there is no digital signature, then the system will not install it into GAC.
The gacutil.exe command-line utility allows to add and delete assemblies from the GAC, and list the assemblies it contains.
We can use the following switched with the gacutil tool
/i - inserts an assembly into the GAC
/u - uninstalls an assembly from the GAC
/l - lists the assemblies in the GAC
Since an assembly identity consist of four parts, so if the version number of the library changes, or it has a different public key, these differences specify different assemblies. This results by which we can have many different assemblies in the GAC that has the same file name although they are different assemblies. This makes it easy for different applications to use different versions of the same dll at the same time. This is called side-by-side execution.
Delayed Signing
In delayed signing or partial signing the compiler uses only the public key for signing. The public key will be placed in the manifest to complete the assembly's identity. Delayed signing also uses a block of 0's to reserve space for the digital signature.
For creating a delay-signed assembly we must first create a copy of the key file that has only the public key. Next, add an additional attribute called DelaySignAttribute to the assembly scope of the source code and set its value to true.
1 comment:
I am really glad to read something more about the Assembly. I relished with the thought that we can also create secure digital signature using Assembly as well.
public key infrastructure
Post a Comment