The .NET Framework comes with 10 command-line security tools (see Table A.4) that help you perform your security tasks. For a more thorough description of these tools, consult the .NET Framework documentation.
|
Name of Tool |
Name of Executable |
Description |
|---|---|---|
|
Code Access Security Policy Utility |
Caspol.exe |
This tool can perform any operation in relation to the code access security policy. Because it can do more than the .NET Configuration Tool we have been using in this chapter, it is important that you familiarize yourself with it. |
|
Certificate Verification Utility |
Chktrust.exe |
With this tool, you can check a file that has been signed using Authenticode. |
|
Certificate Creation Utility |
Makecert.exe |
Creates an X.509 certificate for testing purposes. An option you might consider is to install the Certificates Services on Windows 2000, which makes it much easier to create and maintain certificates for development and testing |
|
Certificate Manager Utility |
Certmgr.exe |
This utility manages your certificates, certificate trust lists, and so on. Use the Microsoft Management Console with the Certificates snap-in, which enables you to maintain not only your own certificates but also (if you have the rights) the certificates of your computer and service accounts. |
|
Software Publisher Certificate Test Utility |
Cert2spc.exe |
This tool creates a software publisher’s certificate for one or more X.509 certificates. |
|
Permissions View Utility |
Permview.exe |
This tool enables you to view the requested permissions of an assembly. |
|
PE Verify Utility |
Peverify.exe |
This tool enables you to verify the type safety of a portable executable file. |
|
Secutil Utility |
Secutil.exe |
This tool extracts strong name or public key information from an assembly and converts it so that you can use it directly in your code (for example, for a permission demand). |
|
File Signing Utility |
Signcode.exe |
This tool enables you to sign a PE file with an Authenticode signature. If this utility is called with no command-line options, a Digital Signature Wizard is started. |
|
Strong Name Utility |
Sn.exe |
This tool enables you to sign assemblies with strong names. |
|
Set Registry Utility |
Setreg.exe |
This tools enables you to set registry keys for use of public key cryptography. If you call this utility without options, it will just list the settings. |
|
Isolated Storage Utility |
Storeadm.exe |
This tool enables you to manage isolated storage for the current user. |