How to: Sign an Assembly with a Strong NameĀ 

  • Article

The .NET Framework SDK provides several ways to sign an assembly with a strong name:

  • Using the Assembly Linker (Al.exe) provided by the .NET Framework SDK.

  • Using assembly attributes to insert the strong name information in your code. You can use either the AssemblyKeyFileAttribute or the AssemblyKeyNameAttribute, depending on where the key file to be used is located.

    NoteNote

    In the .NET Framework version 2.0, some compilers issue warning messages when attributes are used.

  • Using compiler options such /keyfile or /delaysign in C# and Visual Basic, or the /KEYFILE or /DELAYSIGN linker option in C++. (For information on delay signing, see Delay Signing an Assembly.)

NoteNote

In Visual Studio 2005, the development environment provides tools for signing assemblies. See Managing Assembly and Manifest Signing and Signing Page, Project Designer.

You must have a cryptographic key pair to sign an assembly with a strong name. For more information about creating a key pair, see How to: Create a Public/Private Key Pair.

To create and sign an assembly with a strong name using the Assembly Linker

  • At the command prompt, type the following command:

    al /out:<assembly name> <module name> /keyfile:<file name>

    In this command, assembly name is the name of the assembly to sign with a strong name, module name is the name of the code module used to create the assembly, and file name is the name of the container or file that contains the key pair.

The following example signs the assembly MyAssembly.dll with a strong name using the key file sgKey.snk.

al /out:MyAssembly.dll MyModule.netmodule /keyfile:sgKey.snk

To sign an assembly with a strong name using attributes

  • In a code module, add the AssemblyKeyFileAttribute or the AssemblyKeyNameAttribute, specifying the name of the file or container that contains the key pair to use when signing the assembly with a strong name.

The following code example uses the AssemblyKeyFileAttribute with a key file called sgKey.snk, located in the directory where the assembly is compiled. This assumes that the assembly is compiled using the command-line compilers vbc.exe and csc.exe.

<Assembly:AssemblyKeyFileAttribute("sgKey.snk")>

[assembly:AssemblyKeyFileAttribute(@"sgKey.snk")]
NoteNote

In development environments such as Visual Studio, the assembly might not be compiled in the project directory. For example, some versions of Visual Studio compile C# projects in a bin\Debug subdirectory. In that case, the path in the code example would be "..\\..\\sgKey.snk". In Visual Studio 2005 the key file for C# can be specified in project settings.

You can also delay sign an assembly when compiling. For more information, see Delay Signing an Assembly.

When signing an assembly with a strong name, the Assembly Linker (Al.exe) looks for the key file relative to the current directory and to the output directory. When using command-line compilers, you can simply copy the key to the current directory containing your code modules.

See Also

Tasks

How to: Create a Public/Private Key Pair

Reference

Signing Page, Project Designer

Concepts

Delay Signing an Assembly

Other Resources

Creating and Using Strong-Named Assemblies
Managing Assembly and Manifest Signing