Archive

Archives pour 03/2013

Tips : Amélioration du nom fort (Strong Name) d’un assemblage sous VS 2012

Hi everyone!

Sous Visual Studio 2012, l’équipe Microsoft a ajouté une nouvelle fonctionnalité : le choix de l’algorithme de signature. Pour l’heure Visual Studio 2012 propose deux fonctions de hachage cryptographique :

  • SHA1RSA (lire SHA 1 de RSA)
  • SHA256RSA (lire SHA 256 de RSA)

Vous pouvez ainsi créer un nom fort de votre assemblage basé sur l’une des ces deux fonctions.

Stay tuned!

515 total views, no views today

Sign an assembly file in .NET project

Assemblies are the building blocks of the .NET Framework; they form the fundamental unit of deployment, version control, reuse, activation scoping, and security permissions. An assembly provides the common language runtime with the information it needs to be aware of type implementations. It is a collection of types and resources that are built to work together and form a logical unit of functionality. To the runtime, a type does not exist outside the context of an assembly [Microsoft Press].

 

Part 1 :  The signature

The signature. NET it guaranteed the integrity your original content. The process thus takes its meaning in terms of security and guarantee of authenticity of your program.

In. NET, signing an assembly. Net can be segment it into two components:

        • The hash of its contents
        • The strong name

    Part 2 : The strong name

There can be more than one component (DLL) with the same naming, but with different versions. This can lead to many conflicts.

A SN Key is used to uniquely identify a component.

 

A strong name is composed of the :

  • version
  • Name
  • Public key
  • Private key
  • Culture and CPU architecture

Part 3 : Sign an assembly using IDE VS 2010

  • 1- In the properties of your project check «Sign the assembly »

clip_image002

 

  • 2- Enter your key name.
    After enter your key name, Visual Studio will generate a key file : yourKeyName.snk

Your can protect you key name using a password.

clip_image004 

 

Part 4 : Protect your key file with password

Enter a passwrod if you don’t trust the people with access to the assembly.

In general, you should protect it with a password if you don’t trust the people with access to the assembly, which is not common

 

Part 5 : Sign an assembly using Al.exe ( Assembly Linker)

  • First step : Create a key file using sn.exe (Strong Name tool)

clip_image006

Option -Vf can verifies the strong name contained in assembly (-vf forces the verifies even if it has been disabled using the –Vr option).

 

  • Second step : Sign your assembly using Al.exe

image

 

Part 6 : Sign an assembly  using AssemblyInfo file

In the file AssemblyInfo,  add the AssemblyKeyFileAttribute or the AssemblyKeyNameAttribute, specifying the name of the file or container that contains the key pair.

image

 

  • If your assembly have a dependency for another assembly (his parent) you must sign it.

Stay tuned!

592 total views, no views today

Categories: Tips, Utilitaires Tags: , , ,

Langues d’écriture des billets

Bonjour, mes Amis!

Juste pour vous informer que certains billets de ce blog seront désormais écrits en anglais. Pour ceux d’entre vous qui ne comprennent pas cette langue, veuillez utiliser les boutons de traduction situés en haut à gauche de l’écran (soit à votre droite).

Bonne journée à tous et à toutes!

574 total views, no views today

Categories: Non classé Tags: