Strong Naming the Unity Assemblies
If you build Unity from the source code, you may decide to apply strong naming to the assemblies. A strong name consists of the assembly's identity—the simple text name, version number, and culture information (if provided)—plus a public key and a digital signature. The strong name is generated from an assembly file (the file that contains the assembly manifest, which in turn contains the names and hashes of all the files that make up the assembly), using the corresponding private key. Signing an assembly with a strong name ensures that its name is globally unique. Assemblies with the same strong name are expected to be identical.
For example, if you intend to share Unity assemblies among several applications, you can install them into the global assembly cache. Each assembly in the global assembly cache must have a globally unique name. You can use a strong name to ensure this. Even if you only use the assemblies within a single application, you can strong name the assemblies to ensure that your application uses the correct version of the assemblies.
Strong names satisfy the following requirements:
- Strong names guarantee name uniqueness by relying on unique key pairs. No one can generate the same assembly name that you can because an assembly generated with one private key has a different name than an assembly generated with another private key.
- Strong names protect the version lineage of an assembly. A strong name can ensure that no one can produce a subsequent version of your assembly. Users can be sure that a version of the assembly they are loading comes from the same publisher that created the version originally provided with the application.
- Strong names provide a strong integrity check. Passing the .NET Framework security checks guarantees that the contents of the assembly have not been changed since it was built. However, note that strong names themselves do not imply a level of trust such as the level provided by, for example, a digital signature and supporting certificate.
For information about deploying assemblies into the global assembly cache, see Working with Assemblies and the Global Assembly Cache.
You can strong name Unity assemblies with Visual Studio. To sign an assembly with a strong name, you must have a public/private key pair. This public and private cryptographic key pair is used during compilation to create a strong-named assembly. If many developers are using Unity, they should all use the same strong-named assembly. This means that everyone should use a single key pair to sign the assemblies. This key pair should be stored securely.
The first procedure describes how to create a key pair. (You can also use an existing key pair. If you have an existing key pair, you can skip this procedure.) The second procedure describes how to assign the public key to an assembly.
To create a key pair
- At the Visual Studio command prompt, go to the directory that will hold the key pair.
- To create a key pair, type sn –k keyfile.snk.
|You can also use the Create Strong Name dialog box in Visual Studio to create a key pair. To access this dialog box, select a project node in Solution Explorer. On the Project menu, click Properties. When the Project Designer appears, click the Signing tab. On the Signing page, select Sign the assembly, and then click New in the Choose a strong name key file drop-down list box.|
The next procedure describes how to assign the key to the Unity assembly. Open the Unity.sln solution file and add any of the optional projects you require, such as the Security.Azman project. Follow these steps for each project, including the design projects. You may consider using a batch editor, such as that in Visual Studio, to update each project as they are defined in XML files.
To assign the public key to a project assembly
- In Visual Studio, select the project node in Solution Explorer. On the Project menu, click Properties (or right-click the project node in Solution Explorer, and then click Properties).
- In the Project Designer, click the Signing tab.
- Select the Sign the assembly check box.
- In the Choose a strong name key file drop-down list box, click Browse.
- In the Select File dialog box, navigate to the key file you created or enter its path in the File name box. Click Open to select it.
- Close the Properties window and save the changes.