我在Visual Studio 2005项目中添加了一个弱命名的程序集(它是强命名的)。我现在得到的错误:

"引用程序集'xxxxxxxx'没有强名称"

我需要签署这个第三方程序集吗?


当前回答

如何对未签名的第三方程序集进行签名

Open up Developer Command Prompt for Visual Studio. This tool is available in your Window programs and can be found using the default Windows search. Ensure your prompt has access to the following tools by executing them once: sn ildasm and ilasm Navigate to the folder where your Cool.Library.dll is located sn –k Cool.Library.snk to create a new key pair ildasm Cool.Library.dll /out:Cool.Library.il to disassemble the library move Cool.Library.dll Cool.Library.unsigned.dll to keep the original library as a back-up ilasm Cool.Library.il /dll /resource=Cool.Library.res /key=Cool.Library.snk to reassemble the library with a strong name powershell -command "& {[System.Reflection.AssemblyName]::GetAssemblyName($args).FullName} Cool.Library.dll" to get the assembly fully qualified name. You will need this bit if you have to reference the DLL in external configuration files like web.config or app.config.

其他回答

I had this issue for an app that was strongly named then had to change it in order to reference a non-strongly named assembly, so I unchecked 'Sign the assembly' in the project properties Signing section but it still complained. I figured it had to be an artifact somewhere causing the problem since I did everything else correctly and it was just that. I found and removed the line: [assembly: AssemblyKeyFile("yourkeyfilename.snk")] from its assemblyInfo.cs file. Then no build complaints after that.

我正在寻找解决同样问题的解决方案,取消“签署程序集”选项对我有用:

(正如你可能注意到的,截图来自Visual Studio 2010,但希望它能帮助到一些人。)

如果您的程序集也是无符号的,则可以使用无符号程序集。

为了避免这个错误,你可以:

动态加载程序集,或者 对第三方程序集进行签名。

你可以在. net -fu:签署一个未签名程序集(无延迟签名)中找到关于签署第三方程序集的说明。

签署第三方程序集

签署第三方协议的基本原则是

使用ildasm.exe分解程序集并保存中间语言(IL): ildasm /all /out=thirdPartyLib。il thirdPartyLib.dll 重新构建并签署程序集: ilasm /dll /key=myKey。snk thirdPartyLib.il

修复附加引用

上述步骤工作正常,除非您的第三方程序集(A.dll)引用另一个库(B.dll),后者也必须进行签名。你可以使用上面的命令对a .dll和B.dll进行拆解、重建和签名,但是在运行时,B.dll的加载将会失败,因为a .dll最初是通过引用B.dll的unsigned版本构建的。

解决这个问题的方法是对上面步骤1中生成的IL文件打补丁。您需要将B.dll的公钥令牌添加到引用中。你通过调用得到这个令牌

sn -Tp B.dll 

这将为您提供以下输出:

Microsoft (R) .NET Framework Strong Name Utility  Version 4.0.30319.33440
Copyright (c) Microsoft Corporation.  All rights reserved.

Public key (hash algorithm: sha1):
002400000480000094000000060200000024000052534131000400000100010093d86f6656eed3
b62780466e6ba30fd15d69a3918e4bbd75d3e9ca8baa5641955c86251ce1e5a83857c7f49288eb
4a0093b20aa9c7faae5184770108d9515905ddd82222514921fa81fff2ea565ae0e98cf66d3758
cb8b22c8efd729821518a76427b7ca1c979caa2d78404da3d44592badc194d05bfdd29b9b8120c
78effe92

Public key token is a8a7ed7203d87bc9

最后一行包含公钥令牌。然后,您必须搜索A.dll的IL以查找对B.dll的引用,并按如下方式添加令牌:

.assembly extern /*23000003*/ MyAssemblyName
{
  .publickeytoken = (A8 A7 ED 72 03 D8 7B C9 )                         
  .ver 10:0:0:0
}

我已经编写了一个工具来自动强名称标记程序集,包括您没有源代码的程序集或已放弃的项目。它以一种简单的方式使用了答案中描述的许多技术,没有任何现有工具或过时说明的缺陷或缺陷。

.NET程序集强- name签名者

我希望这可以帮助任何需要签署第三方程序集的人,而不必经过重重困难才能到达那里。