Whenever the .NET runtime loads a strong-named assembly, the runtime extracts the encrypted hash code that's embedded in the assembly and decrypts it with the public key, which is also embedded in the assembly. The runtime then calculates the hash code of the assembly manifest and compares it to the decrypted hash code. This verification process will identify if the assembly has changed after compilation.
If an executable assembly fails strong name verification, the runtime will display the dialog box shown in Figure 1.2. If code tries to load an assembly that fails verification, the runtime will throw a System.IO.FileLoadException with the message "Strong name validation failed."
Figure 1.2: Error shown when you try to execute a strong-named assembly that has been modified.
As well as the generation and management of strong name keys, the Strong Name tool allows you to verify strong-named assemblies. To verify that the strong-named assembly HelloWorld.exe is unchanged, use the command sn -vf HelloWorld.exe. The -v switch requests the Strong Name tool to verify the strong name of the specified assembly, and the -f switch forces strong name verification even if it has been previously disabled for the specified assembly. (You can disable strong name verification for specific assemblies using the -Vr switch, as in sn -Vr HelloWorld.exe;
If the assembly passes strong name verification, you will see the following output:
Microsoft (R) .NET Framework Strong Name Utility Version 1.1.4322.573Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.Assembly 'HelloWorld.exe' is valid
However, if the assembly has been modified, you will see the message
Microsoft (R) .NET Framework Strong Name Utility Version 1.1.4322.573Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.Failed to verify assembly -- Unable to format error message 8013141A
No comments:
Post a Comment