C#:为什么要签署程序集? [英] C#: why sign an assembly?

问题描述

在我接管的一些 C# 代码中(在 Visual Studio 2005 中)，我注意到所有程序集都使用相同的 .snk 文件签名.

In some C# code I have taken over (in Visual Studio 2005), I have noticed that the assemblies are all signed with the same .snk file.

• 为什么以前的作者会以这种方式签署程序集?
• 是否需要对程序集进行签名以及什么不签字会错吗?
• 有什么缺点签署程序集 - 是否会导致延迟?

推荐答案

为什么以前的作者会以这种方式签署程序集?

Why would the previous author have signed the assemblies in this way?

不知道，也许他希望他的所有程序集都使用相同的密钥进行签名.

No idea, maybe he wanted all his assemblies to be signed with the same key.

对程序集进行签名是否必要，不签名会有什么问题?

Is signing assemblies necessary and what would be wrong with not signing it?

不，这不是必需的，但它是一种机制，可让您确保程序集的真实性.它允许您确保程序集未被篡改，并且确实来自该作者.如果你想把它们放到 GAC 中也是必要的.

No, it is not necessary but it is a mechanism allowing you to ensure the authenticity of an assembly. It allows you to ensure that an assembly hasn't been tampered with and indeed it origins from this author. It is also necessary if you want to put them into the GAC.

签署程序集有哪些缺点 - 会导致延迟吗?

What disadvantages are there in signing assemblies - does it cause delays?

签名程序集只能加载其他签名程序集.此外，它们与特定版本相关联，这意味着如果您想使用不同版本，则需要使用绑定重定向或重新编译应用程序.由于签名的验证，也有一些性能开销，但它非常小，您不应该担心.

Signed assemblies can only load other signed assemblies. Also they are tied to a specific version meaning that you need to use binding redirects or recompile the application if you wanted to use a different version. There's a little performance overhead as well due to the verification of the signature but it is so little that you shouldn't be concerned about.

这篇关于C#:为什么要签署程序集?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！