Jump to navigation

Poupou's Corner of the Web

Looking for perfect security? Try a wireless brick.
Otherwise you may find some unperfect stuff here...

Weblog

May the strongest survive...

... and I'm still alive ;)

Source code to generate and validate strongname signatures is now in CVS under/mcs/class/Mono.Security/Mono.Security/StrongName.cs while the code for the SN tool can be found under /mcs/tools/security/SN.cs.

It's probable not (yet) 100% bulletproof but I was able to sign Mono's corlib using this code. If you're interested in testing this out please report any bugs into bugzilla.

There are many articles on the web (including MSDN) which explains how to strongname assemblies - so I won't blog about this. However there's (at least today) a bug in mcs which makes it include the whole keypair (i.e. both the private and public key) inside the assembly. So most explanation you'll find right now can't be applied to Mono yet.

Here's a temporary solution which works with Mono (and not restricted to Windows) using latest CVS...

1. Extract the public key from the StrongName keypair (the hello.snk from previous example)

> sn -p hello.snk hello.pub

2. Modify helloworld.cs to
a. reference the file containing only the public key (hello.pub)
b. use delay signing (as mcs cannot, yet, sign the assembly)

-[assembly: AssemblyKeyFile ("hello.snk")] -[assembly: AssemblyDelaySign (true)] +[assembly: AssemblyKeyFile ("hello.pub")] +[assembly: AssemblyDelaySign (false)]

3. Recompile the helloword assembly.

> mcs helloworld.cs

4. Sign the assembly using sn

> sn -R helloworld.exe hello.snk

5. Validate the assembly

> sn -v helloworld.exe

Now a GAC would be cool to support both WSE1 and WSE2 under Mono. Any takers ?


10/11/2003 16:05:39 | Comments

The views expressed on this website/weblog are mine alone and do not necessarily reflect the views of my employer.