What is a .NET assembly?
An assembly is the primary building block of a .NET application and can take the form of a dynamic link library (DLL) or executable file (EXE). An assembly is a collection of functionality that is built, versioned, and deployed as a single implementation unit.
What does an assembly contain?
A .NET assembly may contain the following elements:
Assembly Manifest - Metadata that describes the assembly and its contents (see below)
An assembly is the primary building block of a .NET application and can take the form of a dynamic link library (DLL) or executable file (EXE). An assembly is a collection of functionality that is built, versioned, and deployed as a single implementation unit.
What does an assembly contain?
A .NET assembly may contain the following elements:
Assembly Manifest - Metadata that describes the assembly and its contents (see below)
- Source Code - Compiled into Microsoft intermediate language (MSIL)
- Type Metadata - Defines all types, their properties and methods, and most importantly, public types exported from this assembly
- Resources - Icons, images, text strings and other resources
The assembly manifest is required; the other elements are optional.
What is an assembly manifest?
An assembly manifest is metadata inside an assembly that describes everything there is to know about the assembly and its contents. The manifest contains:
- Strong Name - The assembly's name, version, culture, optional processor architecture, and public key (for shared assemblies)
- File Contents - Name and hash of all files in the assembly
- Type List - Types defined in the assembly, including public types that are exported from the assembly
- Resource List - Icons, images, text strings and other resources contained in the assembly
- Dependencies - Compile-time dependencies on other assemblies
- Security - Permissions required for the assembly to run properly
What is an assembly manifest?
An assembly manifest is metadata inside an assembly that describes everything there is to know about the assembly and its contents. The manifest contains:
- Strong Name - The assembly's name, version, culture, optional processor architecture, and public key (for shared assemblies)
- File Contents - Name and hash of all files in the assembly
- Type List - Types defined in the assembly, including public types that are exported from the assembly
- Resource List - Icons, images, text strings and other resources contained in the assembly
- Dependencies - Compile-time dependencies on other assemblies
- Security - Permissions required for the assembly to run properly
What is the difference between a private and shared assembly?
A private assembly is used only by a single application and is stored in that application's installation folder (or subfolder therein). The name of a private assembly name must be unique within the application that uses it.
A shared assembly is used by multiple applications and is typically stored in a global folder known as the Global Assembly Cache (GAC). When building an assembly, a developer must specifically choose to build it as a shared assembly by giving it a cryptographically strong name. For example, the .NET Framework is a collection of shared assemblies.
What is the difference between an assembly and a namespace?
Namespaces are logical, whereas assemblies are physical.
A namespace is a logical naming scheme to group related types. Namespaces can contain other namespaces to form a hierarchy. The "fully qualified name" of a type is its namespace followed by its type name, separated by a period (for example, System.Windows.Forms.Button). Type names must be unique within a namespace, but the same type name can be used in different namespaces.
An assembly is a physical deployment scheme to group related types. An assembly can contain one or many namespaces. A namespace can exist in one or many assemblies.
What are assembly attributes?
Assembly attributes are values (typically set by the developer) that provide additional information about a .NET assembly. Assembly attributes are grouped as follows:
- Identity Attributes - Determine the identity of an assembly: name, version, culture and flags.
- Informational Attributes - Provide additional information about an assembly: company name, product name, copyright, trademark, and file version.
- Manifest Attributes - Provide information in the assembly manifest: assembly title, description, alias, and configuration (such as debug or release).
- Strong Name Attributes - Used to help set an assembly's strong name, including key file, key name, and whether delay signing is used.
What is a strong name?
A strong name is a .NET assembly name combined with its version number and other information to uniquely identify the assembly. This allows multiple versions of the same assembly to peacefully co-exist in the global assembly cache, where shared assemblies are typically stored.
A strong name consists of five parts:
- Simple Name - Usually the name of the file (without the extension) that contains the assembly
- Public Key - RSA cryptographic public key that helps verify the assembly's authenticity
- Version - Four-part version number, in the form of Major.Minor.Build.Revision
- Culture - Target audience for the assembly, such as "neutral" (default audience), "en-us" (English - United States) or "fr" (France) etc.
- Processor Architecture - Defines the assembly's format, such as MSIL (intermediate language) or x86 (binary for Intel x86 processors)
An example strong name is "Mini-Launcher, Version=0.3.612.24542, Culture=neutral, PublicKeyToken=ffa52ed9739048b4, ProcessorArchitecture=MSIL".
Why use strong names?
Strong names are required to store shared assemblies in the global assembly cache (GAC). This is because the GAC allows multiple versions of the same assembly to reside on your system simultaneously, so that each application can find and use its own version of your assembly. This helps avoid DLL Hell, where applications that may be compiled to different versions of your assembly could potentially break because they are all forced to use the same version of your assembly.
Another reason to use strong names is to make it difficult for hackers to spoof your assembly, in other words, replace or inject your assembly with a virus or malicious code.
What is a strong name key file?
A strong name key file has a .snk extension and contains a unique public-private key pair. You use the strong name key file to digitally sign your assembly (see below). Note that this type of file is not secure, as the private key in a .snk file can be easily compromised.
For added protection, Visual Studio can encrypt a strong name key file, which produces a file with the .pfx (Personal Information eXchange) extension. The .pfx file is more secure because whenever someone attempts to use the encrypted key, she will be prompted for the password.