Signing an assembly
Article Author(s): Audric Thevenet
All Rights Reserved.
You need to use sn.exe tool in order to generate files hosting your private and public keys (a public key is a number used to sign an assembly in order to present it as being done for sure by the private key holder). This file is located in the following directory for Visual Studio 2003:
C:\Program Files\Microsoft Visual Studio .NET 2003\SDK\v1.1\Bin\sn.exe
and in the following directory for Visual Studio 2005:
C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin\sn.exe
Doing the following commands will generate 2 files. "keys.snk" will host private and public pair of keys while "publickey.snk" will only host the public key:
sn -k keys.snk sn -p keys.snk publickey.snk
Now that you have these 2 files, you can give "publickeys.snk" to developers so they can sign their assemblies (*.dll, *.exe). They can do it in their project settings.
Then the developers will send you pre-signed assemblies (foo.exe for example) that you'll re-sign using "keys.snk" (thanks to the private key you're the only one to own):
sn -R foo.exe keys.snk
This prevents you from distributing the private key to all developers.