Ever been in a project where you are asked to create Strong Name for DLL and you created a Strong Name for one project and the compiling project solution started giving you weird compilation errors. I have been there many times. When facing those issues I had some questions that crossed my mind.
· What is Strong Name?
· What is significance of a Strong Name?
· Why we need strong name? Do all DLL's need strong names to be created?
· What happens actually when Strong Name is created
· How Strong Name is used in real time scenario?
Before deep dive let us brush through following basics. We will look into following
1. Assembly
2. Encryption
3. Hashing
4. Digital Signatures
Assembly is a compiled code library used for Deployment, Security and Versioning. EXE and DLL are different type of assembly. It consists of Name, Culture, Version and Public key token.
Encryption
Encryption is a process of converting information into unreadable using an algorithm and unreadable information can only be converted to readable format using special information called as key.
They are of two types
a) Symmetric Cryptography
b) Asymmetric Cryptography
Let us concentrate only on Asymmetric cryptography since the symmetric cryptography is flat straight forward cryptography.
Asymmetric cryptography provides a very secure mechanism for encrypting and decrypting data, due to its use of a pair of keys called the private and public keys.
Private Key should never be passed to another entity.
Public key is opposite it should be passed.
The private key is held by one entity and securely locked down. It should never be passed to another entity. The public key is the opposite; you can give the public key to anyone who requests it.
Let us consider an analogy, Gates and Steve wants to communicate with each other. They choose the Asymmetric way. Gates send an open box with automatic numeric padlock. This numeric padlock can be closed automatic but it needs key to open.
Open Box = Public Key
Numeric padlock key = Private Key
Open box is considered as public key where everyone can be aware of them. Steve places the message and closes the automatic open numeric padlock box. Here the key that is used to open the box is the private key.
What if the data is changed after the data is placed in the box (Even box along with content). To avoid the change of data after or before encryption, we use the process called hashing. A Cryptographic hashing function will take a block of data of arbitrary size and returns a fixed size of binary data known as Hash value. If you change the original block of data in any way, the calculated hash value changes. If a single bit is changed in the original data, at least fifty percent of the calculated hash value’s bits change. If the data has not changed and you calculate the hash value over and over, the hash value will be the same. If you copy the data and calculate its hash value, it’ll be the same.
A digital signature proves that a message hasn’t been modified and proves the identity of its author.
Combination of Asymmetric encryption and Hashing
This is an essential combination of two topics that have been already covered in this topic: asymmetric encryption using the private key, and hashing. A digital signature is created by calculating a hash of data, followed by encrypting the hash, with a private asymmetric encryption key.
Deep Dive is over guys let’s go back to surface to discuss about what we are really for.
What is Strong Name?
Strong Name is Technology used to uniquely identify Assemblies. It consists of Name, Version Number, Culture, Public key token and Digital signature.
What is Significance of a Strong Name?
Strong Name solves two purposes.
1. Versioning
2. Authentication.
Authentication, the process we want to ensure ourselves the origin of the code. This is solved since we sign the assembly, which solves the authentication issues.
Why we need Strong Name? Do all DLL's need Strong Names to be created?
As we have discussed the Strong Name solves the purpose of versioning and authentication, the Shared or public assembly when signed with Strong Name it can be published in GAC (Global Assembly Cache). Any one who uses our assembly can be sure that they are using correct version and assembly which is not modified by external sources.
Strong Name signing is only for Shared or Public Assembly
What happens actually when Strong Name is created? How it is used in real time scenario
Let’s separate the process of creation and utilization of strong Name. When you add a strong name to a library the compiler creates a hash over most of the assembly. The hash is encrypted with the publisher's private key to form the strong name signature. The strong name signature and the public key are then placed in the assembly.
Compiler stores the full name of the signed assembly into the assembly it is creating
When you tell the compiler that you will use a strong named assembly, the compiler stores the full name of the signed assembly into the assembly it is creating. This is reason why two DLL with same name can exist in GAC Folder The full name includes the public key, and because this is large, the runtime uses part of the hash of the public key, called the public key token.
When .NET loads the referenced assembly it verifies that the assembly has specified the public key, and of course, it can do this by extracting the public key and hashing it to be able to extract the public key token. It also needs to verify the public key, and it can do this by generating the hash of the referenced assembly. The strong name signature is this hash encrypted with the private key, so only the correct public key can decrypt it.
Thus the runtime extracts the strong name signature decrypts it with the public key and if the result does not agree with the hash it generated the runtime will not load the assembly.
Now we had close look at the DLL signing process with basic included. Hope this will be helpful even for people who are new to Encryption.
IMPORTANT: Leave a comment to share what you learned, and hit the “like” button to let others know about it (make sure you’re logged into Facebook to like and comment).
Am glad you liked it
ReplyDeleteI always wonder about the same thing and even asked my friends too but no one helped me. All credit goes to you for providing this satisfactory detail and justify this point in correct manner.
ReplyDeletedigital signatures
Thanks for ur comments, Glad i can help
DeleteI have read all the comments and suggestions posted by the visitors for this article are very fine,We will wait for your next article so only.Thanks! liquid hangsen menthol
ReplyDeleteVery efficiently written information. It will be beneficial to anybody who utilizes it, including me. Keep up the good work. For sure i will check out more posts. This site seems to get a good amount of visitors. SEO bureau Nijmegen
ReplyDeleteI haven’t any word to appreciate this post.....Really i am impressed from this post....the person who create this post it was a great human..thanks for shared this with us. Autoverhuur Limburg
ReplyDeleteI haven’t any word to appreciate this post.....Really i am impressed from this post....the person who create this post it was a great human..thanks for shared this with us. Makelaar Roermond
ReplyDeleteI’m going to read this. I’ll be sure to come back. thanks for sharing. and also This article gives the light in which we can observe the reality. this is very nice one and gives indepth information. thanks for this nice article... Restaurant meubilair
ReplyDeleteThis is my first visit to your web journal! We are a group of volunteers and new activities in the same specialty. Website gave us helpful data to work. Eindhoven schoonmaakbedrijf
ReplyDeleteThanks for a very interesting blog. What else may I get that kind of info written in such a perfect approach? I’ve a undertaking that I am simply now operating on, and I have been at the look out for such info. e-liquid kopen
ReplyDeleteVery efficiently written information. It will be beneficial to anybody who utilizes it, including me. Keep up the good work. For sure i will check out more posts. This site seems to get a good amount of visitors. zorgmeubelen
ReplyDeleteThis particular is usually apparently essential and moreover outstanding truth along with for sure fair-minded and moreover admittedly useful My business is looking to find in advance designed for this specific useful stuffs… sexy lingerie kopen
ReplyDeleteThanks for a very interesting blog. What else may I get that kind of info written in such a perfect approach? I’ve a undertaking that I am simply now operating on, and I have been at the look out for such info. Heerlen slot vervangen
ReplyDeleteI haven’t any word to appreciate this post.....Really i am impressed from this post....the person who create this post it was a great human..thanks for shared this with us. e liquid Millers
ReplyDeleteI am impressed. I don't think Ive met anyone who knows as much about this subject as you do. You are truly well informed and very intelligent. You wrote something that people could understand and made the subject intriguing for everyone. Really, great blog you have got here. Huis kopen Venray
ReplyDeleteI’m going to read this. I’ll be sure to come back. thanks for sharing. and also This article gives the light in which we can observe the reality. this is very nice one and gives indepth information. thanks for this nice article... ADR certificaat
ReplyDeleteReally I enjoy your site with effective and useful information. It is included very nice post with a lot of our resources.thanks for share. i enjoy this post. Zonnepanelen kopen Parkstad
ReplyDeleteThanks for a very interesting blog. What else may I get that kind of info written in such a perfect approach? I’ve a undertaking that I am simply now operating on, and I have been at the look out for such info. Samsung telefoonhoesje
ReplyDeleteI’m going to read this. I’ll be sure to come back. thanks for sharing. and also This article gives the light in which we can observe the reality. this is very nice one and gives indepth information. thanks for this nice article... Rijschool Geleen
ReplyDeleteWhen your website or blog goes live for the first time, it is exciting. That is until you realize no one but you and your. Code95 maastricht
ReplyDeleteExcellent article. Very interesting to read. I really love to read such a nice article. Thanks! keep rocking. Bedrijf starten
ReplyDeleteI haven’t any word to appreciate this post.....Really i am impressed from this post....the person who create this post it was a great human..thanks for shared this with us. Boksbalmachine kopen
ReplyDeleteThanks for a very interesting blog. What else may I get that kind of info written in such a perfect approach? I’ve a undertaking that I am simply now operating on, and I have been at the look out for such info. Eenmanszaak vof BV
ReplyDeleteI’m going to read this. I’ll be sure to come back. thanks for sharing. and also This article gives the light in which we can observe the reality. this is very nice one and gives indepth information. thanks for this nice article... Aanmaning
ReplyDeleteI have read all the comments and suggestions posted by the visitors for this article are very fine,We will wait for your next article so only.Thanks! Graphics designer
ReplyDeleteI'm glad I found this web site, I couldn't find any knowledge on this matter prior to.Also operate a site and if you are ever interested in doing some visitor writing for me if possible feel free to let me know, im always look for people to check out my web site. Logo designer
ReplyDeletePositive site, where did u come up with the information on this posting?I have read a few of the articles on your website now, and I really like your style. Thanks a million and please keep up the effective work. water filter systems
ReplyDeleteThis blog is so nice to me. I will keep on coming here again and again. Visit my link as well.. 2d animation
ReplyDeleteI really appreciate this wonderful post that you have provided for us. I assure this would be beneficial for most of the people. motion graphic vedios
ReplyDeleteExcellent article. Very interesting to read. I really love to read such a nice article. Thanks! keep rocking. foro para webmasters
ReplyDeletei never know the use of adobe shadow until i saw this post. thank you for this! this is very helpful. shisha
ReplyDeleteExcellent article. Very interesting to read. I really love to read such a nice article. Thanks! keep rocking. commercial power washing
ReplyDeleteI wanted to thank you for this great read!! I definitely enjoying every little bit of it I have you bookmarked to check out new stuff you post. Shopping
ReplyDelete