A strong name consists of the identification of the assembly (its simple text name, version number and culture information (if provided)) plus the public key and digital signature. A strong name is generated from an assembly file (the file that contains the assembly manifest, and therefore the names and hashes of all files that make up the assembly) using the corresponding private key. Microsoft? Visual Studio。 Net? And other development tools. NET framework SDK can assign strong names to assemblies. Assemblies with the same strong name should be the same.
By signing an assembly with a strong name, you can ensure the global uniqueness of the name. Strong names also meet the following requirements:
Strong names rely on unique key pairs to ensure the uniqueness of names. No one will generate the same assembly name as you generated, because the name of an assembly generated with one private key is different from the name of an assembly generated with other private keys.
Strong names protect the version lineage of assemblies. Strong names ensure that no one can generate subsequent versions of an assembly. Users can ensure that the version of the assembly they are loading comes from the same publisher that created the version of the application.
Strong names provide reliable integrity checks. After passing. NET framework security check can ensure that the contents of an assembly have not been changed since it was generated. Note, however, that a strong name or strong name itself does not mean a certain degree of trust, such as that provided by digital signatures and supporting certificates.
When referring to an assembly with a strong name, you should be able to benefit from it, such as version control and naming protection. If this assembly with a strong name later refers to an assembly with a simple name (simple names do not have these benefits), you will lose the benefits of using an assembly with a strong name, and there will still be DLL conflicts. Therefore, assemblies with strong names can only refer to other assemblies with strong names.
The following scenario illustrates the process of signing an assembly with a strong name and referring to it later with that name.
Create assembly a with a strong name by using one of the following methods:
Use a development environment that supports creating strong names, such as Visual Studio .NET.
Use the strong name tool (Sn.exe) to create an encryption key pair, and use the command line compiler or assembly linker (Al.exe) to assign the key pair to the assembly. Yes. NET framework SDK is available in Sn.exe and Al.exe.
The development environment or tool uses the developer's private key to hash-sign the file containing the assembly manifest. The digital signature is stored in a portable executable (PE) file containing the manifest of Assembly A..
Assembly b is the consumer of assembly a. The reference part of the manifest of assembly b includes a token representing the public key of assembly a. The token is a part of the complete public key, which can be used to save space, instead of the key itself.
When an assembly is placed in the global assembly cache, the common language runtime verifies the strong name signature. When binding the runtime strong name, the common language runtime compares the key stored in the manifest of assembly B with the key used to generate the strong name for assembly A. NET framework security check passed and the binding was successful. Assembly B can ensure that the bits of Assembly A have not been tampered with. These bits actually come from the developers of Assembly A. ..
Note that this scheme does not deal with trust issues. In addition to the strong name, the assembly also has the complete Microsoft? Verification code? Sign. The verification code signature includes a certificate that establishes trust. It is important to note that strong names do not need to be code signing in this way. In fact, the key used to generate the strong name signature does not have to be the same as the key used to generate the Authenticode signature.