19.8 Securing Satellite Assemblies

Previous page
Table of content
Next page
 <  Day Day Up  >  

You want to secure an assembly that contains satellite assemblies.


Technique

If you want to give a strong name to an assembly that has associated satellite assemblies, you need to separately ensure that all the satellite assemblies are also signed with the same strong name as the main assembly. For satellite assemblies that VS.NET knows about as part of the project, VS.NET should do this step automatically. If you are using delay signing, you have to manually re-sign all satellite assemblies with the private key prior to shipping, just as with the main assembly. For example, to re-sign the en-GB and en-US satellites of an assembly called MyAssembly , use the following: 

 
 sn R /en-GB/MyAssembly.resources.dll KeyFile.snk sn R /en-US/MyAssembly.resources.dll KeyFile.snk

You can write a batch script if you have a large number of files.

If you are not using VS.NET to generate your satellite assemblies but are doing so manually, then you need to sign the assembly at the point at which you compile each resources file into the assembly. In this situation, you have most likely used the resgen command at the command prompt to produce a compiled resources file for each culture, and you intend to use the al assembly linker utility to convert each resources file into a satellite assembly. At this point, you should the /keyfile flag to indicate to al that the assembly should be signed with a key: 

 
 al /embed:MyResources.en-US.resources /c:en-US /keyfile:/MyKey.snk /out:MySample.resources.dll

This command compiles the resource file MyResources.en-US.resources into the en-US -cultured satellite assembly MySample.resources.dll , signing it with the key read in from the file MyKey.snk . If MyKey.snk contains only a public key and you are using delay signing, then the equivalent command is 

 
 al /embed:MyResources.en-US.resources /c:en-US /keyfile:/MyKey.snk /delay+      /out:MySample.resources.dll

If you are using a key container from the CSP rather than a key file, then you replace the /keyfile flag with / keyname (whether or not delay signing is used): 

 
 al /embed:MyResources.en-US.resources /c:en-US /keyname:/MyKey /delay+      /out:MySample.resources.dll

Comments

For the most part, the techniques for signing satellite assemblies are no different in either concept or command-line syntax from the equivalent techniques for signing the main assembly. The main difference is that, because satellites have no C# source code, it is not possible to indicate to the compiler via attributes in the source code that the assembly is to be signed. Hence, you need to use flags passed to the al utility to indicate that resource files should be signed.

 <  Day Day Up  >  

Previous page
Table of content
Next page
Microsoft Visual C# .Net 2003
Microsoft Visual C *. NET 2003 development skills Daquan
ISBN: 7508427505
EAN: 2147483647
Year: 2003
Pages: 440
Authors: Simon Robinson ZHU Mark Schmidt
BUY ON AMAZON
Qshell for iSeries
C++ GUI Programming with Qt 3
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy