Blog Home  Home Feed your aggregator (RSS 2.0)  
Eric Malamisura's Blog - Signing an assembly without the source code?
Geek Ramblings
 
Archive
<November 2008>
SunMonTueWedThuFriSat
2627282930311
2345678
9101112131415
16171819202122
23242526272829
30123456
Navigation
Home
Code Project
iStockPhoto

Categories
 
 
 
 
 
 
Blogroll
 Coding Horror
 Scott Gu
 Scott Hanselman
 The Daily WTF
Contact
Send mail to the author(s) Email Me

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

Sign In
 Tuesday, May 08, 2007
Signing an assembly without the source code? by Eric Malamisura
So a couple of weeks ago I ran into a situation on a project I was working on where all projects in the solution were signed, we received a third party assembly from a vendor that was not.  We asked them to sign it but it was going to take nearly 2 weeks before we received that delivery.  In order for us to move forward I needed to have this assembly signed, but how do you sign an assembly without access to the source code?

Well a coworker of mine came up with a rather ingenious solution, and I am posting here so the knowledge can be shared.  I googled for a solution and found none so hopefully this will help people with this same situation.

So here are the commands:

ildasm /tokens /out=unsignedAssembly.il unsignedAssembly.dll
ilasm /dll /key=key.snk unsignedAssembly.il /out=signedAssembly.dll

As you can see whats happening here is you use the dissassembler to generate the MSIL code into the unsignedAssembly.il file, at which point you essentially have the code, or a form of it.  Next you use the assembler to reassemble the msil code into the binary assembly but this time you sign it using your key!

Its brilliant, it works great and I did not notice any drawbacks to doing it this way.

Tuesday, May 08, 2007 1:56:39 PM (GMT Standard Time, UTC+00:00)  #    Comments [2]    | 
Monday, September 10, 2007 7:17:27 PM (GMT Standard Time, UTC+00:00)
Eric:

It's amazing!!! After 4 or 5 weeks looking for the answer you give it to me and everything worked out just fine. You rule man!!! Thanks a lot. One thing you could add is how to create a snk file:

sn.exe -k key.snk

Thanks again!!!!
Good bye from Argentina.

Ariel.
Alejandro Ariel Abaca | abacrottoAT NOSPAMhotmail dot com
Tuesday, July 01, 2008 4:40:52 AM (GMT Standard Time, UTC+00:00)
Hi this is better than my solution http://preetsangha.blogspot.com/2007/10/signing-third-party-assembly.html. Thanks
preet | preetsanghaAT NOSPAMgmail dot com
Name
E-mail
Home page

Comment (HTML not allowed)  

Enter the code shown (prevents robots):
Copyright © 2008 Eric Malamisura. All rights reserved.
DasBlog 'Portal' theme by Johnny Hughes.