Comments on: .NET Assembly FAQ – Part 3 – Strong Names and Signing

By: Christine Murphy

Christine Murphy — Fri, 12 Aug 2011 19:04:55 +0000

Richard,

Did you ever get an answer to your question?

By: fiddly

fiddly — Fri, 11 Mar 2011 01:19:38 +0000

@Richard Sima: excellent find. Let’s hope that timm finds the time to answer this..

By: Pygy

Pygy — Tue, 01 Feb 2011 18:43:00 +0000

You are a treasure – thanks for the guidance

By: timm

timm — Tue, 18 Jan 2011 18:09:33 +0000

@Archer: Links fixed, thanks for the tip!

By: Archer

Archer — Tue, 18 Jan 2011 17:06:59 +0000

I can’t access parts 1, 2 & 4 of this series. Please fix.

By: Richard Sima

Richard Sima — Tue, 21 Dec 2010 08:17:35 +0000

Thank you the articles. They are very helpful.

I believe that the sentence “Because assemblies are verified when they are first installed into the GAC–and they cannot be modified while in the GAC” is true. But my experience tells it is not. So, I’m searching what I have missed. There are steps to reproduce (VS 2005 with some SPs, Win XP SP3):

1. Create the first solution with MyApp, MyDLL. The DLL will contain a method returning a string “correct DLL”. MyApp’s main will call the method and will display the result.

2. Sign both project by project’s properties on “Signing” tab with key file MyKey.pfx. The pfx file is listed in the solution tree.

3. Create the second solution on different location MyDLL (to ensure the same name of DLL). The DLL will contain the same method as above, but returning a string “hacked DLL”.

4. Build the first solution. Result is that both MyApp.exe and MyDLL.dll are located in the directory Release. Run MyApp – result is expected: “correct DLL” message.

5. Build the second solution. Copy the hacked MyDLL.dll to the Release directory of MyApp. Run MyApp – result is expected:

Unhandled Exception: System.IO.FileLoadException: Could not load file or assembly ‘MyDLL, Version=1.0.0.0, Culture=neutral, PublicKeyToken=a796f58fb87e0486′ or one of its dependencies. The located assembly’s manifest definition does not match the assembly reference. (Exception from HRESULT: 0×80131040)
File name: ‘MyDLL, Version=1.0.0.0, Culture=neutral, PublicKeyToken=a796f58fb87e
0486′
at MyApp.Program.Main(String[] args)

At this point is everything OK. But there is no GAC. So, I have continued.

6. Rebuild the first solution again. Register MyDLL.dll to GAC (C:Program FilesMicrosoft Visual Studio 8SDKv2.0Bingacutil.exe /if MyDLL.dll). Remove MyDLL.dll from the Release directory of MyApp. Run MyApp – result is expected: “correct DLL” message.

It is still OK.

7. Use a file manager (Total Commander, Servant Salamander, etc., but NO WINDOWS EXPLORER) and navigate to the GAC directory, in my case to c:WINDOWSassemblyGAC_MSILMyDLL1.0.0.0__a796f58fb87e0486. Replace MyDLL.dll by the hacked version. Run MyApp – result IS NOT expected: “hacked DLL” message.

Please, what I have missed?

Thank you for any response,

Richard

PS: Yes, I’m in the local Administrators group.

By: best buy backup exec

best buy backup exec — Thu, 04 Nov 2010 00:57:30 +0000

Wonderful guidance. Upload files to file hosting sites to share them with someone without cost.

By: best server backup program

best server backup program — Thu, 04 Nov 2010 00:46:20 +0000

Remarkable guidance. Upload files to file hosting internet sites to share them with virtually anyone completely free.

By: Where to Find SN.exe : C# 411

Where to Find SN.exe : C# 411 — Mon, 11 Oct 2010 20:33:19 +0000

[...] to Find SN.exe Posted by timm No Comments » SN.exe is a Strong Name tool that can sign assemblies, manage strong name keys, and generate and verify signatures. You will typically find it [...]

By: Amit Tank

Amit Tank — Mon, 04 Oct 2010 07:47:53 +0000

Really Very Informative,

But I have Confused with this that If I know the password then what I have to do for use that dll in another Project

Thank You.
Amit Tank