Enhanced Strong Naming

问题

I am testing Enhanced Strong Naming (http://msdn.microsoft.com/en-us/library/hh415055.aspx) and having some problems getting it into a build process. According to the article you have to delay-sign assemblies first and then re-sign them to get proper Enhanced String Name. That does not work well with the build process. Usually we delay-sign assemblies while developing, and fully sign them on build servers. Does anyone have any experience with Enhanced Strong Naming?

Also posted on http://social.msdn.microsoft.com/Forums/vstudio/en-US/40eb9f2e-fc05-4732-8f40-14f34385acfc/enhanced-strong-naming?forum=clr.

回答1:

Currently, you cannot fully sign an assembly with an Enhanced Strong Name at compile-time because the C# compiler does not support signing with Enhanced Strong Names. Hence, to work around this limitation, you have to delay-sign at compile time and then fully sign with the sn.exe tool.

I'm not sure what your particular build process looks like, but it looks like someone already suggested using MSBuild tasks on the MSDN forum.

回答2:

I'm not sure if this is what @hbw was referring to when he said:

... it looks like someone already suggested using MSBuild tasks on the MSDN forum

But, the solution I've been using is:

1. Use the steps Microsoft outlines at the bottom of their Enhanced Strong Naming documentation for exporting the public key from the full snk file (the one with both public and private keys) key into separate .snk file.
   sn.exe -p FullKeyPair.snk PubKeySha256.snk sha256

2. Configure Visual Studio to delay-sign the project assemblies using PubKeySha256.snk (under the Signing section of your project properties).

3. Create a post-build event (in the Build Events section of your project properties) that runs:
   "<path to sn.exe>" -Ra "$(TargetPath)" "<path to FullKeyPair.snk>".
   
   For example, my solution stores these key files (and the sn.exe tool and dependent files) in a directory named "Build Tools" directly under the solution. So, my post-build event runs:
   "$(SolutionDir)Build Tools\sn.exe" -Ra "$(TargetPath)" "$(SolutionDir)Build Tools\FullKeyPair.snk"

If you want to copy your sn.exe tool to a directory under solution like I did (I recommend this), you'll need to copy the following files from the SDK directory:

• sn.exe
• sn.exe.config
• snrc.dll

If you don't want to do that, then your project/post-build will be dependent the SDK path you decide to use being the same for all developers that are building your project. Your post-build in that scenario would look something like:

SET SDKTools=C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6.1 Tools\x64

"%SDKTools%\sn.exe" -Ra "$(TargetPath)" "$(ProjectDir)FullKeyPair.snk"

来源：https://stackoverflow.com/questions/20788887/enhanced-strong-naming