110 likes | 198 Views
Manage Assemblies. Manage Application. <?xml version="1.0"?> <configuration> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="ClassLibrary1" /> </dependentAssembly>
E N D
Manage Application <?xml version="1.0"?> <configuration> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="ClassLibrary1" /> </dependentAssembly> <publisherPolicy apply="yes" /> <probing privatePath="bin;lib" /> </assemblyBinding> <gcConcurrent enabled="true" /> </runtime> </configuration>
Strong Name • Create a file: • sn -k a.snk • View public key information: • sn -tp a.snk • Install file in a CSP Container: • sn –i a.snk contname • Attributes: • [assembly: AssemblyKeyFile("c:\\a.snk")] • [assembly: AssemblyKeyName("contname")] • [assembly: AssemblyVersion("1.0.0.0")]
Configure application assemblies <?xml version="1.0"?> <configuration> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="ClassLibrary1" /> <bindingRedirect oldVersion="1.0.0.0-1.9.9.9" newVersion="2.0.0.0" /> </dependentAssembly> <publisherPolicy apply="yes" /> <probing privatePath="bin;lib" /> </assemblyBinding> <gcConcurrent enabled="true" /> </runtime> </configuration>
Publisher policy file • Create config file for the assembly redirect from ver 1.0.0.0 to 2.0.0.0 • Save the file c1.dll.config • Run:al /link:c1.dll.config /out:policy.1.0.c1.dll /keyfile:c:\a.snk • Add the dll to the GAC
Delay sign • Sn –k a.snk • Sn –p a.snk public.snk • Add attributes: • [assembly: AssemblyDelaySign(true)] • [assembly: AssemblyKeyFile("c:\\public.snk")] • Build the dll • Create client application • Sn –vr file.dll • After testing: • Sn –R file.dll fullkeys.snk • Sn –Vu file.dll
Multi files assemblies • csc /t:module a.cs • csc /t:module b.cs • al /out:multi.dll /t:library a.netmodule b.netmodule
Digitally Sign code • Testing purpose only: Makecert –sv a.pvk test.cer cert2spc test.cer test.spc signcode -spc test.spc -v a.pvk C.exe
Digitally Sign Code • Real example: Ask for Software Publisher Certificate: • Goto http://server/certsrv • request a new certificate • choose Advanced request • choose Submit a certificate request to this CA using a form • fill the form intended purpose: code signing certificate mark "Mark keys as exportable" mark "Export keys to file" type filename for example s2.pvk
Continue… • download the cert • copy the pvk file • in the command prompt: • cert2spc certnew.cer testSPC.spc • signcode -spc TestSPC.spc -v s2.pvk w6.exe
Load the file • To test the certificate: • X509Certificate x=X509Certificate.CreateFromSignedFile("cl1.dll"); • MessageBox.Show(x.GetIssuerName()); • MessageBox.Show(x.GetPublicKeyString());