Say I have several .NET assemblies and want to sign each of them with a strong name. Is one keypair (one .snk file) enough or do I need to generate one pair for each assembly? Will I have to publish the public key of (each) keypair?
Asked
Active
Viewed 729 times
3 Answers
4
You need only one .snk file.
You don't need to publish the public key. Any one can get a public key using sn.exe with -p switch.
Vadim
- 21,044
- 18
- 65
- 101
-
But how will he ensure that it was me who published the assembly? – sharptooth Apr 28 '09 at 13:58
-
The fact that it is signed with your key -- the same key the referencing assembly is expecting -- authenticates it to the assembly loader. – Brian Ensink Apr 28 '09 at 14:10
-
That only proves that is is signed with the same key as the one which comes with the assembly. But how can one identify who generated that key? – sharptooth Apr 28 '09 at 14:11
-
Asked a separate question for that - http://stackoverflow.com/questions/798621/do-i-need-to-publish-the-public-key-from-snk-file – sharptooth Apr 28 '09 at 15:48
1
We have (3) .snk files.
One that we use to sign our assemblies, one that was shipped for on-site code generation (we don't need to do that anymore), and mono.snk to sign Mono.Cecil and Mono.Security (these are built here for use with Microsoft's .NET).
Joshua
- 40,822
- 8
- 72
- 132
1
One key file is enough to sign multiple related assemblies. Take a look through your GAC. Assemblies from the same product or platform often all have the same key. For example many of Microsoft's .NET framework assemblies share the same key.
Brian Ensink
- 11,092
- 3
- 50
- 63