Microsoft Visual C#.NET 2003 Kick Start

Usually, assemblies are private, which means they are meant to be used by only one application. But you might have a DLL intended for use by several applications, in which case you could make it shared.

Shared assemblies are stored in the Global Assembly Cache (GAC), and you'll find familiar assemblies like System and System.Data there. Assemblies in the GAC are usually DLLs, and applications share access to these assemblies. Note that you should not place assemblies in the GAC unless there is a pressing reason to do so, and you're using those assemblies in multiple applications. It's a very bad idea to fill up the GAC for no good reason.

You can see the GAC in several ways. You can select Start, Programs, Administrative Tools, Microsoft .NET Framework 1.1 Configuration to open the .NET Configuration 1.1 tool, select the Assembly Cache node, and click the View List of Assemblies in the Assembly Cache link to see the GAC. Or you can simply browse to the c:\WINNT\Assembly folder in the Windows Explorer, which will turn the Windows Explorer into a GAC viewer, as you see in Figure 13.3.

Figure 13.3. The Global Assembly Cache.

To share an assembly, you add it to the GAC. And to do that, you must sign it with a strong name .

Signing Assemblies with Strong Names

Shared assemblies use strong names, based on public key encryption. Signing an assembly with a strong name ensures that the assembly can't be tampered with, and relies on both a public and a private key; you encrypt data with the private key, and people can use the public key to decrypt that data so they can be sure the assembly has not been tampered with.

You can create a public/private key pair to sign an assembly with the sn tool, sn.exe. For example, here's how you might create such a pair and store them in a file named key.snk:

C:\>sn -k key.snk Microsoft (R) .NET Framework Strong Name Utility Version xxxxxxxxxx Copyright (C) Microsoft Corporation 1998-2002. All rights reserved. Key pair written to key.snk

This gives you the key pair you need to sign an assembly. You can sign an assembly with a strong name in the IDE by opening the assembly's AssemblyInfo.cs file and finding this line:

[assembly: AssemblyKeyFile("")]

To use our key pair file key.snk, change this line to point to that file, something like this:

[assembly: AssemblyKeyFile("C:\c#\ch13\key.snk")]

At the command line, you can use the / keyfile switch like this to sign an assembly with a strong name:

C:\>al ch13_03.netmodule ch13_04.netmodule /main:ch13_03.Main /out:ch13_03.exe /t:exe /keyfile:key.snk Microsoft (R) Assembly Linker version xxxxxxxxxx for Microsoft (R) .NET Framework version xxxxxxxxxx Copyright (C) Microsoft Corporation 2001-2002. All rights reserved.

You can check if an assembly has been signed with a strong name with the sn -T switch (note that the switches you use with sn are case-sensitive. sn -T is not the same as sn -t ). Here, for example, we can see that signing ch13_06.dll has given it the public key token (which is an abbreviated form of the public key) 1b525656c70396e6 :

C:\>sn -T ch13_06.dll Microsoft (R) .NET Framework Strong Name Utility Version xxxxxxxxxx Copyright (C) Microsoft Corporation 1998-2002. All rights reserved. Public key token is 1b525656c70396e6

SHOP TALK : USING CERTIFICATE AUTHORITIES

Signing an assembly with a strong name isn't enough if you're going to distribute the assembly commercially on the Internet (as when you create a .CAB file for download). If you've worked in a commercial environment that creates code modules for distribution on the Web, you know that you usually want a true digital certificate (from certificate authorities like www.verisign.com or www.thawte.com, which charge fees) before distributing those modules. Signing an assembly with a strong name isn't enough in such casesthat kind of signature shows that the assembly hasn't been tampered with, but you need to code sign your assemblies to indicate who built it, using a digital certificate. Once again, security on the Internet was the big issue. Microsoft's partial answer for developers who wanted to sign their own code was to introduce Microsoft Authenticode , which lets you code sign your own .CAB, .CTL, .DLL, .EXE, and .OCX files. Visual Studio comes with code signing tools: You use the Certificate Creation Tool, makecert.exe, to create your own digital certificate. You then convert that certificate into a Software Publisher's Certificate (SPC) with the cert2spc.exe tool. You can check the code signature on an assembly by trying to download it in Internet Explorer, or with the with chktrust.exe tool that comes with Visual Studio. Finally, you can use the SignCode tool to actually code sign your assembly. Note that signing your assemblies using your own certificates won't be as well respected as those from the larger companies like VeriSign. If you're going to release code for downloading on the Internet, I'd recommend getting a digital certificate from one of the well-known certification companies.

Signing the assembly, ch13_06.dll, with a strong name means we can add it to the GAC, which we'll do next .

Adding Assemblies to the Global Assembly Cache

There are several ways to add an assembly to the GAC. You can use the gacutil.exe tool with the /i switch to install ch13_06.dll in the GAC. You do so like this:

C:\>gacutil /i ch13_06.dll Microsoft (R) .NET Global Assembly Cache Utility. Version xxxxxxxxxx Copyright (C) Microsoft Corporation 1998-2002. All rights reserved. Assembly successfully added to the cache

You can also select Start, Programs, Administrative Tools, Microsoft .NET Framework 1.1 Configuration to open the .NET Configuration 1.1 tool, select the Assembly Cache node, and then click the Add an Assembly to the Assembly Cache link. Then you browse to the assembly and click the Open button.

The easiest way, however, is to simply drag the assembly into the WINNT\Assembly directory in the Windows Explorer. After you've added an assembly to the GAC, you can see it in the GAC viewer, as you see in Figure 13.4. Note that this assembly's public key token, 1b525656c70396e6 , also appears in the GAC viewer, as for the other assemblies in the GAC.

Figure 13.4. Adding an assembly to the Global Assembly Cache.

Now that you've added ch13_06.dll to the GAC, you can share it between assemblies, much like System.dll or System.Data.dll, which come with .NETno longer is this DLL purely local. To delete ch13_06.dllfrom the GAC, right-click it and select the Delete item, or use the /uf switch with gacutil.exe: gacutil /uf ch13_06.dll .

Now it's time to turn to another important topicsecurity.

Категории