By creating programs, very often use various libraries created by others. As long as the code is created for its own, do not look at it as a library used was prepared. The first moment, when he begins to pay attention to it to decide to publish a solution for larger audience. At this point, begin to appear mean security code. The easiest way is to sign the resulting files. And here you may receive the first issue. It seams, that in order to compile the program receive the following message:
Assembly generation failed -- Referenced assembly 'Foo' does not have a strong name
This message tells us, with one of the libraries used in our program does not have strong name (ang. strong name). For this reason you can not sign our output file. To the solution of this problem can be used three approaches:
- ask the authors used their libraries to prepare a signed version of,
- find another library, which is signed and provides the same functionality as Used Library,
- try to sign their own library, which are not signed.
It seems to me, the first two methods do not require comment. Lets look on the third.
The first step is to disassemble the library file. For this purpose, you must run Visual Studio Command Prompt and go to the directory, where there is a problematic library. Now, use should be made ildasm.exe with switches /all and /out, library to disassemble. The command is as follows:
C:\Foo\bin> ildasm /all /out=Foo.il Foo.dll
This command will generate the code library Foo in the language CIL (ang. Common Language Infrastructure). Just now carry out a reverse operation – to compile the resulting file. Additionally, during the compilation must sign the library. For this purpose, tool use should be made ilasm.exe, by performing the command:
C:\Foo\bin> ilasm /dll /key=Key.snk Foo.il
Before running this command, you must lose to the directory C:\Foo\bin klucz (Key.snk), which is to be signed package. For this purpose you can use the key, which will be used to sign our project, and also generate a new key. The generation of keys helps us Visual Studio, spend enough to:
C:\Foo\bin> sn –k Key.sn
It will create a public key pair – private and save them to a file Key.snk.
At the end you only replace the references already in Visual Studio, deleting the file that shows the unsigned Foo.dll and add references to the newly received the signed file. Now we just need to compile the whole project. This operation should go smoothly.
Ending with this topic I wanted to signal yet another issue. Before starting this operation, you should check, if it is not contrary to the license, which was released on a library. For this reason, these first two solutions are safer.