Solved

Strongly Named Assemblies

Posted on 2004-10-04
2
855 Views
Last Modified: 2008-03-10
According to Microsoft, Assemblies that reference strongly named assemblies must themselves by strong named, otherwise it would compromise the security pof the strong named assembly.

Ok. If that is true, then how come an assembly I created, which references strong named Crystal reports assemblies, and strong named Custom controls assemblies, works, and my assembly is not signed with a strong name?

I want to sign my assemblies now with a strong name. Will that break backwards compatibility with other assemblies that reference my assemblies, if those assemblies do not have a strong name? (my assemblies are not stored in the GAC)
0
Comment
Question by:gregasm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 6

Expert Comment

by:mogun
ID: 12224251
1. It is just a recommendation that assemblies referencing strong named assemblies should themselves be strong named. It is not a required crieteria.. That's why you are able to reference a strong named assembly in a simple assembly..

2. It won't.. you can sign your assemblies now with a strong name. It will not break backwards compatibility with other assemblies that reference your strong named assemblies that do not  have a strong name..This is possible because of point number 1.

Cheers
Mohan
0
 
LVL 3

Accepted Solution

by:
skpatra earned 500 total points
ID: 12225010
Hi gregasm,
The correct Rule is just the opposite, i.e. if an assembly is strong named, ALL ASSEMBLIES REFERENCED BY THIS ASSEMBLY SHOULD ALSO BE STRONG NAMED.
Think of it this way, if your statement is true then we can never create assemblies without strong name using the .net framework assemblies (like System.dll) as all framework assemblies are strong named.
Let me try to understand your second question. I assume that you have an assembly A which you want to strong name. There are assemblies X,Y and Z referring to this assembly A. If this is the scenario, then you will need to RECOMPILE the assemblies X/Y/Z to be able to use the newer version of A. To understand this, you will need to understand the use of strong naming the assembly:
1. Strong naming an assembly involves assigning a public-private key pair to it.
2. When an assembly is strong named, a hash is created from the assembly content and then it is encrypted using the private key used for strong naming.
3. At runtime, when a strong named assembly (say the crystal reports assembly) is to be loaded, the CLR will calculate the hash of the assembly again. The CLR will then decrypt the encrypted hash generated earlier using the public key. The CLR compares the decrypted hash to the hash calculated. If the they are the same, then the CLR assumes that the crystal assembly is a valid assembly. But if it is not same (because for some reason some one tampered with the contents of the crystal assembly dll) the CLR will not allow the loading of the assembly.

In your case if you do not recompile X/Y/Z and just replace the older version of A with the strong named version, you will get an error like "Comparing the assembly name resulted in the mismatch: PUBLIC KEY TOKEN".

Hope this helps...
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The object model of .Net can be overwhelming at times – so overwhelming that quite trivial tasks often take hours of research. In this case, the task at hand was to populate the datagrid from SQL Server database in Visual Studio 2008 Windows applica…
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question