Digitally signing the .NET assemblies

This was time when I was comfortable handling the .NET development projects( I successfully handled two hard core development projects as Technical Lead), then I was looking for the new challenges. Suddenly there was a developer in my team who asked me that he wants to know more about the security features offered by .Net. That's when I realised that I know those in bits and pieces but if somebody asks me a bigger picture I am lagging big time. I took that as a new challenge and started discovering things about the several features around the security offered in .NET.

This post is one in the same series elaborating the how to digitally sign your assemblies. I am not going to spend my time explain why digitally sign the assembly because there are tons of articles explaining it ( I might do the same sometime in future).

I am putting the screen shot of the effect before and after digitally signing the assembly

See there is a new Digital Signature tab which tells about the details of the publisher of this particular assembly.

These are steps that you need to do digitally sign the assembly.

makecert -sv SignedLibrary.pvk -n "CN=Himanshu Rastogi Pvt Ltd" SignedLibrary.cer

cert2spc SignedLibrary.cer SignedLibrary.spc

signtool signwizard

The final command will open the wizard which will help you signing the assembly. It is pretty simple but in case you think you are facing some issues or have some confusion please write back to me at hrastogi@gmail.com .
Based on the command issued these tools help you do what you on the left hand side that is basically digitally signing the assembly. Things to remember here are that makecert.exe and cert2spc.exe are the tools that are shipped with .Net SDK and they are available merely for testing purpose and you shouldn't use them for shipping along with your product. SignTool.exe is the actual tool which will actually sign the assembly but the wizard/tool requires certain parameters as file which can be obtained by Certification Authority (CA), but that is a lengthy/costly process so you can you the above mentioned commands to understand how to digitally sign the assembly. Hope this post served the purpose of its title.

This article is valid for Visual Studio 2008 / .Net framework 3.5 /Windows XP (though OS over here is immaterial but I prefer to follow the practise)

Customizing the MYSITE Template MOSS 2007

Key Challenges:
1. Delete the existing Web Parts which are available by default.
2. To add new Web Parts which were fetching data from the following items from a site collection existing in a different Web Application (using with Windows authentication).
- Calendar
- Blogs
- News
- Customized Search for searching in documents.

Approach:
In order to customize the MYSITE we took advantage of the several components of core SharePoint platform namely:
- FEATURES: We wrote a feature to change the master page to master page provided by us.
- FEATURE SITE TEMPLATE Association: We associated the FEATURE written by us to existing MYSITE template, so that as soon as these sites are provisioned (for each user) the associated feature gets automatically added.
- MASTER PAGE: We wrote a master page which is similar to master page for MYSITE template and added a Custom Web Control, so that our control is instantiated as soon as master page is rendered.
- Custom Web Control: In OnLoad function of custom control we get hold of the collection of Web Parts and deleted the existing one and added our Web Parts.
And in order to fetch data from any kind of a list from a site collection exist in a different Web Application we created new Web Parts and used SharePoint object model.