What is a .snk for?
What is a .snk file for? I know it stands for Strongly Named Key, but all explanations of what it is and how it works goes over my head.
Is there any simple explanation on how a strongly named key is used and how it works?
Solution 1:
The .snk file is used to apply a strong name to a .NET assembly. such a strong name consists of
a simple text name, version number, and culture information (if provided)—plus a public key and a digital signature.
The SNK contains a unique key pair - a private and public key that can be used to ensure that you have a unique strong name for the assembly. When the assembly is strongly-named, a "hash" is constructed from the contents of the assembly, and the hash is encrypted with the private key. Then this signed hash is placed in the assembly along with the public key from the .snk.
Later on, when someone needs to verify the integrity of the strongly-named assembly, they build a hash of the assembly's contents, and use the public key from the assembly to decrypt the hash that came with the assembly - if the two hashes match, the assembly verification passes.
It's important to be able to verify assemblies in this way to ensure that nobody swaps out an assembly for a malicious one that will subvert the whole application. This is why non-strong-named assemblies aren't trusted in the same way that strongly-named assemblies are, so they can't be placed in the GAC. Also, there's a chain of trust - you can't generate a strongly-named assembly that references non-strongly-named assemblies.
The article "The Secrets of Strong Naming (archived at the Wayback Machine)". Does an excellent job of explaining these concepts in more detail. With pictures.
Solution 2:
In a the.Net world the SNK file is used to sign your compiled binaries. This allows a couple things to happen:
- You can register the Assembly in the GAC (Global Assembly Cache). Basically so you can reference it from many places on the same machine without having to maintain multiple copies).
- You can use your Binaries from within other binaries that are also signed (this is a strange viral sort of behavior with regard to signed assemblies).
- Your assembly cannot (easily) be modified by 3rd parties who do not have access to the SNK file, providing at least a small amount of security.
I'm not familiar with how BizTalk server works, so I don't think I can shed much light on what specific purpose they serve within that environment.
Hope this was somewhat helpful.