none
Enhanced strong naming from the command line RRS feed

  • Question

  • I found the information about how to do Enhanced Strong Naming from the command line at:

    https://msdn.microsoft.com/en-us/library/hh415055(v=vs.110).aspx

    That looks like just what I need. I want to sign with Enhanced Strong Naming (ESN), with key migration, because I want to be able to issue new versions of existing assemblies with ESN, and have them be recognised as the same assembly. Command-line is exactly what I need, because I'm working with a build environment that does not and cannot use Visual Studio projects, at all, in any way, and hence MSBuild techniques are no use to me.

    However, there's a step in the instructions that looks wrong: Step 4 of "Signing with SHA-2, with Key Migration". It says:

    4. Generate the parameters for a AssemblySignatureKeyAttribute attribute, and attach the attribute to the assembly.

      sn -ac IdentityPubKey.snk IdentityKey.snk SignaturePubKey.snk

    I can't see how this does anything to the assembly. It's just working with the key files, and the assembly doesn't exist at this stage in the process anyway.

    Can anyone explain this?

    A secondary question: how can I verify that an assembly has an Enhanced Strong Name?


    John Dallman

    Tuesday, June 9, 2015 3:17 PM

Answers

  • Hello John,

    >> I can't see how this does anything to the assembly. It's just working with the key files, and the assembly doesn't exist at this stage in the process anyway.

    This step is only to generate two parameters which would be used in the AssemblySignatureKeyAttribute class. You could copy them from the console windows to a text file. And please take care the command seems to be not correct, according the AssemblySignatureKeyAttribute, it should use –a for file and –ac for container.

    For using these two parameters, we could add an assmely flag as below, I placed it to a single file since the smaple uses a single file, and usually, we put this flag in the AssembledInfo.cs file.

    using System;
    
    using System.Reflection;
    
    
    [assembly: AssemblySignatureKeyAttribute("002400000c800000940000000602000000240000525341310004000001000100e3997384795973ec459c8ec80019bce59a2edb42dd069cc4f25037370f41e0d041eff3995d26ed28fa0610105ffee4c61992b64a79bfb3af07321eeea3c3c8b9b149efdd5c3ac2962e7ce0d416c5bb1637d438aeb09648f40db8d3d04081f554adf8ea1295b1344bfdde7ec48cae46bdd68f58aa00f4e37a289e55972446b9bc",
    
    "8f29590c4f363e4c468f12c324f5d8ce76887a6bb246dd3237204a8f3232d1284c5a3a74405f235715527b7bd4ff73cd17ee242b863a335cb55c368f6ae8f769d6374fa9daa850d9aed6f19c989b44ffd56a0d8088629962d0e66bf942b3d21a11f54ef5f2800b404a4cc63dcf6380186366caea7c2a8ce25a433767ea2f828e")]
    
    
    namespace CLR6
    
    {
    
        class Program
    
        {
    
            static void Main(string[] args)
    
            {
    
                try
    
                {
    
                    Console.ReadLine();
    
                }
    
                catch (Exception ex)
    
                {
    
                }
    
            }
    
        }
    
    }
    

    Then if you sign and then re-sign the assembly, you should find this attribute in the matedata if you use ildasm tool and “Ctrl+M” command to check the generated assembly, in my side, it looks like:

    CustomAttribute Type: 0a000001
    
                                    CustomAttributeName: System.Reflection.AssemblySignatureKeyAttribute :: instance void .ctor(class System.String,class System.String)
    
                                    Length: 584
    
                                    Value : 01 00 81 40 30 30 32 34  30 30 30 30 30 63 38 30 >   @002400000c80<
    
                          : 30 30 30 30 39 34 30 30  30 30 30 30 30 36 30 32 >0000940000000602<
    
                          : 30 30 30 30 30 30 32 34  30 30 30 30 35 32 35 33 >0000002400005253<
    
    …
    

    >> A secondary question: how can I verify that an assembly has an Enhanced Strong Name?

    For a different question, it is recommended to post a new thread about a different question.

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.



    Wednesday, June 10, 2015 3:42 AM
    Moderator

All replies

  • Hello John,

    >> I can't see how this does anything to the assembly. It's just working with the key files, and the assembly doesn't exist at this stage in the process anyway.

    This step is only to generate two parameters which would be used in the AssemblySignatureKeyAttribute class. You could copy them from the console windows to a text file. And please take care the command seems to be not correct, according the AssemblySignatureKeyAttribute, it should use –a for file and –ac for container.

    For using these two parameters, we could add an assmely flag as below, I placed it to a single file since the smaple uses a single file, and usually, we put this flag in the AssembledInfo.cs file.

    using System;
    
    using System.Reflection;
    
    
    [assembly: AssemblySignatureKeyAttribute("002400000c800000940000000602000000240000525341310004000001000100e3997384795973ec459c8ec80019bce59a2edb42dd069cc4f25037370f41e0d041eff3995d26ed28fa0610105ffee4c61992b64a79bfb3af07321eeea3c3c8b9b149efdd5c3ac2962e7ce0d416c5bb1637d438aeb09648f40db8d3d04081f554adf8ea1295b1344bfdde7ec48cae46bdd68f58aa00f4e37a289e55972446b9bc",
    
    "8f29590c4f363e4c468f12c324f5d8ce76887a6bb246dd3237204a8f3232d1284c5a3a74405f235715527b7bd4ff73cd17ee242b863a335cb55c368f6ae8f769d6374fa9daa850d9aed6f19c989b44ffd56a0d8088629962d0e66bf942b3d21a11f54ef5f2800b404a4cc63dcf6380186366caea7c2a8ce25a433767ea2f828e")]
    
    
    namespace CLR6
    
    {
    
        class Program
    
        {
    
            static void Main(string[] args)
    
            {
    
                try
    
                {
    
                    Console.ReadLine();
    
                }
    
                catch (Exception ex)
    
                {
    
                }
    
            }
    
        }
    
    }
    

    Then if you sign and then re-sign the assembly, you should find this attribute in the matedata if you use ildasm tool and “Ctrl+M” command to check the generated assembly, in my side, it looks like:

    CustomAttribute Type: 0a000001
    
                                    CustomAttributeName: System.Reflection.AssemblySignatureKeyAttribute :: instance void .ctor(class System.String,class System.String)
    
                                    Length: 584
    
                                    Value : 01 00 81 40 30 30 32 34  30 30 30 30 30 63 38 30 >   @002400000c80<
    
                          : 30 30 30 30 39 34 30 30  30 30 30 30 30 36 30 32 >0000940000000602<
    
                          : 30 30 30 30 30 30 32 34  30 30 30 30 35 32 35 33 >0000002400005253<
    
    …
    

    >> A secondary question: how can I verify that an assembly has an Enhanced Strong Name?

    For a different question, it is recommended to post a new thread about a different question.

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.



    Wednesday, June 10, 2015 3:42 AM
    Moderator
  • "This step is only to generate two parameters which would be used in the AssemblySignatureKeyAttribute class. You could copy them from the console windows to a text file."

    Ah, that makes more sense. Is there a way to do this without having to change the source code?

    My reason for not wanting to change the source code is that it isn't written by humans, but automatically generated. The generator supports .NET 2.0 onwards, and an SHA-2 signature key is specific to .NET 4.5 and later. We still have old versions of products under support that use .NET 4.0.

    thanks,


    John Dallman


    Wednesday, June 10, 2015 9:09 AM
  • Hello,

    >>Is there a way to do this without having to change the source code?

    Based on my understand, I am afraid for migrating a existed strong name dll, we have to add the assembly flag since as you see, the tool only generate the two parameters in console application, it even does not work with source file .

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, June 11, 2015 1:27 AM
    Moderator
  • When you say "Add the assembly flag", you do mean "put the assembly directive into the source code", don't you? "flags" are often command-line arguments.

    Assuming you do, I guess I'll have to modify the generator and let it know which .NET it is working with.

    is it possible to get the page at https://msdn.microsoft.com/en-us/library/hh415055(v=vs.110).aspx updated to explain that step 4 generates strings that have to be put into the source code, and to explain how to do this? This thread is evidence that the current version of the page isn't clear enough on that subject.

    thanks,


    John Dallman


    Thursday, June 11, 2015 9:40 AM
  • Hello,

    >>When you say "Add the assembly flag", you do mean "put the assembly directive into the source code", don't you? "flags" are often command-line arguments.

    Yes, you are right.

    >> Assuming you do, I guess I'll have to modify the generator and let it know which .NET it is working with.

    I am not sure what the generator would generate, will it generate dll that be signed with SHA1, if so, I think you have to, if it only generate .cs file and you would compile and sign them later, I do not think you need to modify it, because the AssemblySignatureKeyAttribute is needed only for strongly named migration.

    >> and to explain how to do this? This thread is evidence that the current version of the page isn't clear enough on that subject.

    Currently, we do not have the privilege to do so, however, you could post a feedback to the forum voice page about this scenario:

    http://feedback.msdn.com/forums/257782-msdn-feature-suggestions/category/83975

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, June 12, 2015 3:39 AM
    Moderator