Private and Shared Assemblies

Define Private Assemblies?
By default an assembly is private to your project. Private assemblies must be in the same directory as the application.

Define Shared Assemblies?
Shared Assemblies are available for use by all the programs on the system. A program does not need to know the location of a shared assembly because all shared assemblies are stored in a special .NET system directory called the Global Assembly Caches (GAC). Because they are available system wide, the .NET runtime imposes several extra checks on shared assemblies to ensure that they are valid for the program requesting them, such as security and version compatibility.

How are the Shared Assemblies different from the Private Assemblies?
A shared assemblies must have some means of distinguishing it from other assemblies that may have the same name. Also, for assemblies shared across the system,
· it is desirable for security to have a means of uniquely identifying an assembly as originating from you
· and prevent the assembly from being replaced with another assembly using the same name and version
· or prevent it from being altered in any way, for ex by virus.

How do you protect the Shared Assemblies?
By signing it with the Cryptographic key. The key uniquely identifies your assembly and protects not only against a security but also against a simple name/version collision due to two components having the same name and version number.

Note: if the Keys are different, the components are considered to be different even if they have the same name.

What is Strong Names?
The unique combination of the assembly name, version, and key is called a strong name.
Strong names are required for shared assemblies installed with ClickOnce deployment or installed into the Global Assembly Cache (GAC).

Define Global Assembly Cache (GAC)?
The GAC is a special directory, located in the WINDOWS\assembly directory (on Windows XP) or the WINNT\assembly directory (on Windows 2000/2003). All shared assemblies including the .NET Framework System assemblies supplied by the MS, are located and loaded from here.
If you browse this directory with the Windows Explorer, a special Windows shell extension displays the properties of the assemblies, including the name, version, and key incorporated into the strong name of each.
The Windows shell extension (called shfusion.dll) plugs into Windows Explorer and extends its capabilities beyond a normal file listing.
The Windows shell extension enforces the security for the GAC, enabling assemblies to be copied into this directory via drag and drop.

How do you create a shared assembly?
In order to create a shared assembly with a strong name, you must generate a public/private key pair that is used to sign an assembly.
Public/private key cryptographic systems use a private key known only to the originator of the information to be encrypted, and a public key published to the world.
The combination of the assembly name, version, and public key are guaranteed to be unique; this combination is called a strong name.

What is the tool used to generate the strong name?
The .NET Framework provides a tool for generating the strong name called sn.exe (sn stands for strong name).
Sn.exe is an external .NET Framework utility like Ildasm. As with Ildasm, you can execute it from thr VS Command Prompt.

How do you install the assembly file in to the GAC?
After signing in the assembly key file, you will be able to install it into the GAC. This can be done:
· simply by dragging and dropping the .dll file into the GAC folder located in WINDOWS\assembly (On XP) or WINNT\assembly (on 2000/2003)
· use the command-line tool called Gacutil (Global Assembly Utility) with the /I option from a command-line prompt:
§ Gacutil /I name.dll
Note: for deployment of a commercial application, the preferred way to add a shared assembly to the GAC is to use the Widows Installer.

What is Assembly Searching?
The .NET runtime follows pre-defined set of rules in order to locate an external assembly, when it is referenced.
For Shared assemblies, the local directly is first searched, followed by the GAC.
For Private assemblies, the local directory is searched first and then the system looks for a subdirectory with the same name as the assembly. The runtime also looks for either a DLL or EXE file with the same name as the requested assembly. For ex, the for Shapes class the following searches are made:
· ./Shapes.dll
· ./Shapes/Shapes.dll
· ./Shapes/Shapes.exe
· ./Shapes.exe

What are the Configuration files for an assembly?
Configuration files for an assembly are XML-format files that specify rules for the .NET runtime to apply when searching for an assembly. Configuration files can also override the default behavior for version checking.