Simple Signing of Assemblies
To sign an assembly, you need a key. This key is generally stored in a
keyfile, and referenced in code such as the following...
| [assembly: AssemblyKeyFile ( @"C:\Program Files\Keys\MyKey.snk" ) ] |
The only problem with this is that it requires that you have a keyfile on
disk, in a known place, and that you remember where it is each time you create
an assembly. Thankfully there is another option which makes the management of
keys much easier, to the point that all you as a developer need to know is a key
name, such as 'BIBBLESOFT', and you're away.
This voodoo magic is accomplished by the Crypto Service Provider (CSP). I
can't find much out about the CSP, but it permits you to store keyfiles using a
name, and then sign (either delayed or not) assemblies with sn,
al, or within your Visual Studio project.
- Create a keyfile with sn.
- Insert the keyfile into the CSP.
- Use the AssemblyKeyFile attribute in code, or the name of the key in
al or sn.
- Marvel at the simplicity of the CSP.
Here's a real world example.
//
Generate a Key with SN...
sn -k
BibbleSoft.snk
// Install into the
CSP
sn -i BibbleSoft.snk BIBBLESOFT
// Use in code
[assembly: AssemblyKeyName (
"BIBBLESOFT" ) ]
|
That's all there is to it. Your assembly will be signed as usual, and you'll
never need to lookup the path to that pesky keyfile again.
Note: If you add a Keyfile into the CSP, it unfortunately (as of
version 1.0 of the framework) requires that the keyfile contains both public and
private portions of the key. This renders the use of the CSP almost
useless for anything other than the most trivial of projects, as you cannot
therefore use the public key on development machines without also including the
private key. Hopefully this deficiency will be addressed in a future version of
.NET.