.NET assembly, in the Microsoft .NET framework, is a partially compiled code library for use in deployment, versioning and security. In the Microsoft Windows implementation of .NET, an assembly is a PE (portable executable) file. There are two types, process assemblies (EXE) and library assemblies (DLL). A process assembly represents a process which will use classes defined in library assemblies. In version 1.1 of the CLR classes can only be exported from library assemblies; in version 2.0 this restriction is relaxed. The compiler will have a switch to determine if the assembly is a process or library and will set a flag in the PE file. .NET does not use the extension to determine if the file is a process or library. This means that a library may have either .dll or .exe as its extension. The . ... A diagram of the operation of a typical multi-language compiler. ... Microsoft Windows is a range of operating environments and operating systems for personal computers and servers. ... In, object-oriented programming, a class consists of a collection of types of encapsulated instance variables and types of methods, possibly with implementation of those types together with a constructor function that can be used to create objects of the class. ... In computing, Common Language Runtime (CLR) is the name chosen by Microsoft for the virtual machine plus runtime library underlying their . ...

The code in an assembly is partially compiled into CIL, which is then fully compiled into machine language at runtime by the CLR. Common Intermediate Language (CIL) is the lowest-level human-readable programming language in the . ... A system of codes directly understandable by a computers CPU is termed this CPUs native or machine language. ... In computer science, run time (with a space, though often its spelled without one) describes the operation of a computer program, the duration of its execution, from beginning to termination (compare compile time). ...

An assembly can be made up of one or more files. Code files are called modules. An assembly can contain more than one code module and since it is possible to use different languages to create code modules this means that it is technically possible to use several different languages to create an assembly. In practice this rarely happens, principally because Visual Studio only allows developers to create assemblies that are made up of a single code module. Microsoft Visual Studio is a series of IDEs by Microsoft. ...

Assembly names

The name of an assembly is made up of four parts:

1. The short name. On Windows this is the name of the PE file without the extension.
2. The culture. This is an RFC 1766 identifier of the locale for the assembly. In general, library and process assemblies should be culture neutral, the culture should only be used for satellite assemblies.
3. The version. This is a dotted number made up for 4 values — major, minor, build and revision. The version is only used if the assembly has a strong name (see below).
4. A public key token. This is a 64-bit hash of the public key which corresponds to the private key used to sign the assembly. A signed assembly is said to have a strong name.

The public key token is used to make the assembly name unique. Thus, two strong named assemblies can have the same PE file name and yet .NET will recognise them as different assemblies. The Windows file system (FAT32 and NTFS) only recognises the PE filename, so two assemblies with the same PE file name (but different culture, version or public key token) cannot exist in the same Windows folder. To solve this issue .NET introduces something called the GAC (Global Assembly Cache) which is treated as a single folder by the .NET CLR, but is actually implemented using nested NTFS (or FAT32) folders. PKC, see PKC (disambiguation) Public-key cryptography is a form of modern cryptography which allows users to communicate securely without previously agreeing on a shared secret key. ... This article is about the unit of information. ... In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. ... Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key, by using a pair of cryptographic keys, designated as public key and private key, which are related mathematically. ... File Allocation Table (FAT) is a file system that was developed for MS-DOS and used in consumer versions of Microsoft Windows up to and including Windows Me. ... NTFS or NT File System is the standard file system of Windows NT and its descendants Windows 2000, Windows XP and Windows Server 2003. ... When code developed on Microsofts CLR platform needs to be shared by several applications across the computer, it can be placed in a machine-wide cache called the global assembly cache. ...

To prevent spoofing attacks, where a cracker would try to pass off their assembly as yours, the assembly is signed with a private key. You keep your private key secret, so a cracker cannot have access to it, and cannot guess the associated public key. Signing the assembly involves taking a hash of important parts of the assembly and then encrypting the hash with the private key. The signed hash is stored in the assembly along with the public key. The public key will decrypt the signed hash. When the CLR loads a strongly named assembly it will generate a hash from the assembly and then compares this with the decrypted hash. If the comparison succeeds then it means that the public key in the file (and hence the public key token) is associated with the private key used to sign the assembly. This will mean that the public key in the assembly is the public key of the assembly publisher and hence a spoofing attack is thwarted. A spoofing attack, in computer security terms, refers to a situation in which one person or program is able to masquerade successfully as another. ... A black hat or black-hat hacker (also called a cracker or Dark Side hacker) is a malicious or criminal hacker. ... In cryptography, encryption is the process of obscuring information to make it unreadable without special knowledge. ...

Assemblies and .NET security

.NET code access security is based on assemblies and evidence. Evidence can be anything deduced from the assembly, but typically it is created from the source of the assembly — whether the assembly was downloaded from the Internet, an intranet, or installed on the local machine (if the assembly is downloaded from another machine it will be stored in a sandboxed location within the GAC and hence is not treated as being installed locally). Permissions are applied to entire assemblies, and an assembly can specify the minimum permissions it requires through custom attributes (see .NET metadata). When the assembly is loaded the CLR will use the evidence for the assembly to create a permission set of one or more code access permissions. The CLR will then check to make sure that this permission set contains the required permissions specified by the assembly. Code access security, in the Microsoft . ... Code access security, in the Microsoft . ... An intranet is a local area network (LAN) used internally in an organization to facilitate communication and access to information that is sometimes access-restricted. ... In computer security, a sandbox is a security mechanism for safely running programs. ... Most modern file systems have methods of administering permissions or access rights to specific users and groups of users. ... // .NET Metadata All . ...

.NET code can perform a code access security demand. This means that the code will perform some privileged action only if all of the assemblies of all of the methods in the call stack have the specified permission. If one assembly does not have the permission a security exception is thrown. Used mainly in object-oriented programming, the term method refers to a piece of code that is exclusively associated either with a class (called class methods or static methods) or with an object (called instance methods). ... In computer science, a function stack (or call stack) is a special stack which stores information about the functions/subroutines in a computer program which are currently being executed. ... Exception handling is a programming language construct or computer hardware mechanism designed to handle runtime errors or other problems (exceptions) which occur during the execution of a computer program. ...

Private and shared assemblies

When a developer compiles code the compiler will put the name of every library assembly it uses in the compiled assembly's .NET metadata. When the CLR executes the code in the assembly it will use this metadata to locate the assembly using a technology called Fusion. If the called assembly does not have a strong name, then Fusion will only use the short name (the PE file name) to locate the library. In effect this means that the assembly can only exist in the application folder, or in a subfolder, and hence it is called a private assembly because it can only be used by a specific application. Versioning is switched off for assemblies that do not have strong names, and so this means that it is possible for a different version of an assembly to be loaded than the one that was used to create the calling assembly. Metadata (Greek: meta-+ Latin: data information), literally data about data, is information that describes another set of data. ... Revision control is an aspect of documentation control wherein changes to documents are identified by incrementing an associated number or letter code, termed the revision level, or simply revision. It has been a standard practice in the maintenance of engineering drawings for as long as the generation of such drawings...

The compiler will store the complete name (including version) of strongly named assembly in the metadata of the calling assembly. When the called assembly is loaded, Fusion will ensure that only an assembly with the exact name, including the version, is loaded. Fusion is configurable, and so you can provide an application configuration file to tell Fusion to use a specific version of a library when another version is requested.

Shared assemblies are stored in the GAC. This is a system-wide cache and all applications on the machine can use any assembly in the cache. To the casual user it appears that the GAC is a single folder, however, it is actually implemented using FAT32 or NTFS nested folders which means that there can be multiple versions (or cultures) of the same assembly. In computer science, a cache (pronounced kăsh) is a collection of data duplicating original values stored elsewhere or computed earlier, where the original data are expensive (usually in terms of access time) to fetch or compute relative to reading the cache. ...

Fusion

The FAT32 and NTFS Windows file systems are restrictive because the names of files do not include information like versioning or localization. This means that two different versions of a file cannot exist in the same folder unless their names have versioning information. Fusion is the .NET technology that allows versioning and culture information to be used in the name of a .NET assembly that is stored on FAT32 or NTFS. Software localization is a process of translating software user interfaces from one language to another and adapting it to suit a foreign culture. ...

Fusion uses a specific search order when it looks for an assembly.

1. If the assembly is strongly named it will first look in the GAC.
2. Fusion will then look for redirection information in the application's configuration file. If the library is strongly named then this can specify that another version should be loaded, or it can specify an absolute address of a folder on the local hard disk, or the URL of a file on a web server. If the library is not strongly named, then the configuration file can specify a subfolder beneath the application folder to be used in the search path.
3. Fusion will then look for the assembly in the application folder with either the extension .exe or .dll.
4. Fusion will look for a subfolder with the same name as the short name (PE file name) of the folder and look for the assembly in that folder with either the extension .exe or .dll.

If Fusion cannot find the assembly it will throw an exception. In addition, information about the name of the assembly, and the paths that it checked, will be stored. This information may be viewed by using the Fusion log viewer (fuslogvwr). Typical hard drives of the mid-1990s. ... A Uniform Resource Locator, URL (spelled out as an acronym, not pronounced as earl), or Web address, is a standardized address name layout for resources (such as documents or images) on the Internet (or elsewhere). ... The term web server can mean one of two things: A computer that is responsible for accepting HTTP requests from clients, which are known as web browsers, and serving them web pages, which are usually HTML documents. ...

Satellite assemblies

In general assemblies should only contain culture-neutral resources. If you want to localize your assembly (for example use different strings for different locales) you should use satellite assemblies — special, resource-only assemblies. Satellites are not loaded by Fusion and so they should not contain code. As the name suggests, a satellite is associated with an assembly called the main assembly. That assembly (say, lib.dll) will contain the neutral resources (which Microsoft says is International English, but implies to be US English). Each satellite has the name of the associated library appended with .resources (for example lib.resources.dll). The satellite is given a non-neutral culture name, but since this is ignored by existing Windows file systems (FAT32 and NTFS) this would mean that there could be several files with the same PE name in one folder. Since this is not possible, satellites must be stored in subfolders under the application folder. For example, a satellite with the UK English resources will have a .NET name of "lib.resources Version=0.0.0.0 Culture=en-GB PublicKeyToken=null", a PE file name of lib.resources.dll, and will be stored in a subfolder called en-GB. In computer programming and some branches of mathematics, strings are sequences of various simple objects. ... The English language is a West Germanic language that originates in England. ...

Satellites are loaded by a .NET class called System.Resources.ResourceManager. The developer has to provide the name of the resource and information about the main assembly (with the neutral resources). The ResourceManager class will read the locale of the machine and use this information and the name of the main assembly to get the name of the satellite and the name of the subfolder that contains it. ResourceManager can then load the satellite and obtain the localized resource.