Signing an Assembly with a Strong Name

The following is an excerpt from the Microsoft MSDN Library, October 2002:

“There are two ways to sign an assembly with a strong name:

·	AssemblyKeyFileAttribute, which passes the name of the file containing the public key as a parameter to its constructor.
·	Using assembly attributes to insert the strong name information in your code. You can use either the AssemblyKeyFileAttribute or the AssemblyKeyNameAttribute, depending on where the key file to be used is located.

You must have a cryptographic key pair to sign an assembly with a strong name.

To create and sign an assembly with a strong name using the Assembly Linker

At the command prompt, type the following command:

al /out:<assembly name> <module name> /keyfile:<file name>

In this command, assembly name is the name of the assembly to sign with a strong name, module name is the name of the code module used to create the assembly, and file name is the name of the container or file that contains the key pair.

The following example signs the assembly MyAssembly.dll with a strong name using the key file sgKey.snk.

al /out:MyAssembly.dll MyModule.netmodule /keyfile:sgKey.snk

To sign an assembly with a strong name using attributes

In a code module, add the AssemblyKeyFileAttribute or the AssemblyKeyNameAttribute, specifying the name of the file or container that contains the key pair to use when signing the assembly with a strong name.

The following code example uses the AssemblyKeyFileAttribute with a key file called sgKey.snk.

[Visual Basic]
<Assembly:AssemblyKeyFileAttribute("sgKey.snk")>

[C#]
[assembly:AssemblyKeyFileAttribute(@"..\..\sgKey.snk")]

You can also delay sign an assembly when compiling.

When signing an assembly with a strong name, the Assembly Linker (Al.exe) looks for the key file relative to the current directory and to the output directory. When using command-line compilers, you can simply copy the key to the current directory containing your code modules.”