G
Guest
Hello:
I'm trying to make sense of snk files, when to use, under what conditions to
regenerate new ones,...can someone take a look if these statemes make sense?
And then the final questions at the end that they first statements bring up
in my mind...
a) Because two developers, unbeknownst to each other, can end up releaseing
different dll's with the same name, one should sign an assembly with a unique
tag. right?
b) The key is generated by clicking (in VS2005) Properties/Signing and check
the checkbox. In VS2003 or prior, had to use first something like:
sn -k sn1.snk and wire that one into the assembly...
c) Although its main purpose in that case is just to create a uniqueness,
and a GUID would have done just fine, it's a public/private key thing rather
than a simple GUID for security purposes, so that another company can't
spoof it? In other words, that if you deliver a dll called
"ChaseManhattan.OpenSesame" that someone else can't pretend to be that same
dll, by building a rogue version of it, and embed the guid?
d) Public/Private. If I just let VS2005 handle the signing by the checkbox
process, I get one snk file -- what's the private part? what's the public
part? And what am I suppossed to do with the private part? Store it?
e) In other words, should I think of the private part as some kind of
certificate, and save it, and use the same private key for all sn
generations, for different assemblies? Or each assembly gets its own
private/public pair, and that's that?
f) And most importantly, atleast to me (in my ongoing struggle trying to
figure out how best to use Activator.CreateInstance (string) but remain as
flexible as possible... Do I keep the same snk file and its public/private
keys the same for all versions of the same assembly? In other words
(MyAssembly ver 1.0 and MyAssembly ver 14.0) get the same snk file? Or do I
regenerate a new one for each version? And just change the {version="..."}
part of the strong name when I am trying to get a System.Type from a fully
qualified assembly name string?
g) I have several assemblies that are built to run on desktop as well as on
CE. Same code, bar some #if and #else statements, different *.proj files (to
handle different references to CE or desktop versions of assemblies, etc.).
But they output different assembly names:
XAct.MyAssembly.dll
XActCE.MyAssembly.dll
My question is -- different names...can they use the same snk file in both?
I mean, different names, same version, same snk, would mean different
Assembly FQN's...right? So is it to do that? Or am I missing a point here?
Thank you very very much for helping making this all clear...finally !
Sky
I'm trying to make sense of snk files, when to use, under what conditions to
regenerate new ones,...can someone take a look if these statemes make sense?
And then the final questions at the end that they first statements bring up
in my mind...
a) Because two developers, unbeknownst to each other, can end up releaseing
different dll's with the same name, one should sign an assembly with a unique
tag. right?
b) The key is generated by clicking (in VS2005) Properties/Signing and check
the checkbox. In VS2003 or prior, had to use first something like:
sn -k sn1.snk and wire that one into the assembly...
c) Although its main purpose in that case is just to create a uniqueness,
and a GUID would have done just fine, it's a public/private key thing rather
than a simple GUID for security purposes, so that another company can't
spoof it? In other words, that if you deliver a dll called
"ChaseManhattan.OpenSesame" that someone else can't pretend to be that same
dll, by building a rogue version of it, and embed the guid?
d) Public/Private. If I just let VS2005 handle the signing by the checkbox
process, I get one snk file -- what's the private part? what's the public
part? And what am I suppossed to do with the private part? Store it?
e) In other words, should I think of the private part as some kind of
certificate, and save it, and use the same private key for all sn
generations, for different assemblies? Or each assembly gets its own
private/public pair, and that's that?
f) And most importantly, atleast to me (in my ongoing struggle trying to
figure out how best to use Activator.CreateInstance (string) but remain as
flexible as possible... Do I keep the same snk file and its public/private
keys the same for all versions of the same assembly? In other words
(MyAssembly ver 1.0 and MyAssembly ver 14.0) get the same snk file? Or do I
regenerate a new one for each version? And just change the {version="..."}
part of the strong name when I am trying to get a System.Type from a fully
qualified assembly name string?
g) I have several assemblies that are built to run on desktop as well as on
CE. Same code, bar some #if and #else statements, different *.proj files (to
handle different references to CE or desktop versions of assemblies, etc.).
But they output different assembly names:
XAct.MyAssembly.dll
XActCE.MyAssembly.dll
My question is -- different names...can they use the same snk file in both?
I mean, different names, same version, same snk, would mean different
Assembly FQN's...right? So is it to do that? Or am I missing a point here?
Thank you very very much for helping making this all clear...finally !
Sky