by Mwwhited
16. September 2009 11:09
Some times when you have create .Net applications you get carried away and get them in production without signing them with a Strong Name Key. This may not be an issue at first but can really limit the security later when you try to deploy the app to more locations.
Part of the security in .Net is from the Code Access Security and a very important part of that is Strong Named assemblies.
If you get far enough along you might not be sure what version of source code is currently in production and you just want to sign what is currently in place instead of having to go though hours (or maybe even days) of regression testing.
The good news is as a .Net developer you have plenty of tools available to update and sign most assemblies.
The first step us to run the Intermediate Language Disassembler (ildasm). The command syntax for this program is rather simple and will extra the IL code from the current .Net assemblies. (Note this application may not work if the assembly is obfuscated)
Disassemble Command
ildasm.exe AssemblyName.exe /output:AssemblyName.il
This will also work with .Net dynamic libraries. You may also need to check the .IL and correct any external assembly references for version numbers and public key tokens.
Assembly References
.assembly extern OtherAssemblyName
{
.publickeytoken = ( 00 00 00 00 00 00 00 00 )
.ver 1:0:0:0
}
After you have corrected any assembly references you are ready to assemble the IL
Assemble Command
ilasm.exe AssemblyName.il /key=KeyName.snk /exe
If you are compiling libraries you may need to use "/dll" instead of "/exe"
Default Path for the Windows SDK (v6.0)
C:\Program Files\Microsoft SDKs\Windows\v6.0A\bin
Create new Strong Name Key pair file
sn.exe -k KeyFileName.snk
Extract Public Token from an Assembly
sn.exe -T AssemblyName.dll
Subscribe