Delay Signing an Assembly


When we talk about the Assembly then the first thing comes into our mind is the security for high level development. Delayed signing is the terminology when we are certifying the assembly which will prevent hi-jacking of that assembly.

Delayed signing refers to a technique of partially signing assemblies while they are in development phase. So, signing an assembly basically certifies that assembly by the manufacturer and prevents tampering and hi-jacking of that assembly. This is achievable by using public key/private key encoding of parts of the assembly. The public key is embedded in the assembly and will be used by third-parties who want to reference the assembly. There are many more benefits to signing an assembly, but the main purpose of delayed signing is to allow a company to protect and control its private key and only use it during the packaging process. A delayed signed assembly can still be used like a signed assembly, you just can't package and ship it.

Steps to certify the Assembly:-

Delays sign a .NET app:

sn -k keypair.snk

  1. sn -p keypair.snk public.snk
  2. Build assembly with:
    [assembly: AssemblyDelaySign("false")]
    [assembly: AssemblyKeyFile("..\\..\\keypair.snk")]
  3. sn -Vr AssemblyName.dll
  4. This step is critical and is not mentioned anywhere. Exit and restart every instance of VisualStudio running. Until you do this Visual Studio will not know of the sn -Vr from step 4 and you will get
    "COM Interop registration failed. The check of the signature failed for assembly AssemblyName.dll"