您可以在GAC中安装延迟签名的程序集吗?通过C#第4版进行CLR [英] Can you install delayed signed assembly in GAC? CLR via C# 4th Edition

问题描述

我正在通过c#(第四版)阅读 CLR ，在有关强命名程序集作者的第3章中说:

I was reading CLR via c# (Fourth Edition) and in chapter 3 about strong named assembly author says:

当编译器或AL.exe检测到您延迟签名时，程序集，它将发出程序集的AssemblyDef清单条目，其中将包含程序集的公钥.再次，存在公共密钥允许将程序集放置在GAC中.它也是允许您构建引用该程序集的其他程序集；这引用程序集将在其中具有正确的公钥AssemblyRef元数据表条目.创建结果时程序集，在生成的PE文件中为RSA数字留下了空间签名.(实用程序可以从中确定需要多少空间公钥的大小.)请注意，文件内容不会是还是在这个时候进行了哈希处理.

When the compiler or AL.exe detects that you’re delay signing an assembly, it will emit the assembly’s AssemblyDef manifest entry, which will contain the assembly’s public key. Again, the presence of the public key allows the assembly to be placed in the GAC. It also allows you to build other assemblies that reference this assembly; the referencing assemblies will have the correct public key in their AssemblyRef metadata table entries. When creating the resulting assembly, space is left in the resulting PE file for the RSA digital signature. (The utility can determine how much space is necessary from the size of the public key.) Note that the file’s contents won’t be hashed at this time either.

目前，生成的程序集没有有效的签名.尝试将程序集安装到GAC中将失败，因为文件内容的哈希值尚未完成-文件似乎具有被篡改了.

At this point, the resulting assembly doesn’t have a valid signature. Attempting to install the assembly into the GAC will fail because a hash of the file’s contents hasn’t been done—the file appears to have been tampered with.

您会看到，在第一段中，他说，当我们使用/delaysign时，assemlby的清单将包含公钥，该公钥将被安装在 GAC .但是在第二段中，他说，由于还没有使用私钥对文件进行单一标记，因此尝试将其安装到 GAC 中会失败.那是什么可以安装吗?

As you can see, in the first paragraph, he says, when we use /delaysign the assemlby's manifest will contain the public key which will aloow it be installed in GAC. But in the second paragraph, he says, since the file is not yet singed with private key, attempting to install it into GAC would fail. So, what is it? Can you install it or not?

推荐答案

好，我找到了.不能将其无法安装在 GAC 中.我延迟了一个程序集并尝试将其安装在 GAC 中，但出现了此错误消息

Ok, I found it. It will not be able installed in GAC. I delay singed an assembly and tried to install in GAC, and I got this error message

Failure adding assembly to the cache: Strong name signature could not be verified. Was the assembly build delay-signed?

(以防万一有人在想同样的事情).您可以通过

( Just in case someone is here wondering the same ). You can skip the hash check by

SN -Vr assembly.dll

，然后您可以将其安装在 GAC 中，然后重新哈希(或更确切地说是哈希)，就可以这样做，

and then you can install it in GAC and then to rehash (or rather hash) you can do this,

SN.exe -Ra assembly.dll yourStrongNameKey.PrivateKey

我唯一仍想知道的是，如何从.snk文件中提取此私钥，似乎没有办法做到这一点.

The only thing I am still wondering is that how can you extract this private key from .snk file, there seems to be no way to do that.

这篇关于您可以在GAC中安装延迟签名的程序集吗?通过C#第4版进行CLR的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！