简体   繁体   English

程序集以及何时不能选择强命名?

[英]Assemblies and when strong naming is not an option?

A while back I asked the following question here on Stack Overflow, Assembly Names and Versions . 不久前,我在Stack Overflow, 程序集名称和版本上询问了以下问题。

Now I have come to realize I can't sign my assembly with a strong name as one of the 3rd party dependencies is not a strongly named assembly and therefore mine is not signable. 现在我已经意识到我无法使用强名称签署我的程序集,因为第三方依赖项之一不是强名称程序集,因此我的签名不可信。

I have tried to simply change the assembly filename MyAssembly.dll to MyAssembly.v.1.1.dll but when I do this and reference the renamed assembly - it does not get copied like the rest of the references. 我试图简单地将程序集文件名MyAssembly.dll更改为MyAssembly.v.1.1.dll,但是当我这样做并引用重命名的程序集时 - 它不会像其他引用一样被复制。 There seems to be because there is a mismatch between the filename and the Identity attribute of the assembly. 似乎是因为文件名和程序集的Identity属性之间存在不匹配。

I have project A and B which are dependencies of project C. Project A needs to reference MyAssembly.dll v.1.0 and Project B needs to reference MyAssembly.dll v.2.0 so both need to be able to be located in Project C's bin/Release folder. 我有项目A和B,它们是项目C的依赖项。项目A需要引用MyAssembly.dll v.1.0,项目B需要引用MyAssembly.dll v.2.0,因此两者都需要能够位于Project C的bin /中发布文件夹。

What is there to do? 怎么办? How can I fix this? 我怎样才能解决这个问题?

Ideally, any self-respecting 3rd-party assembly developer would sign their assemblies. 理想情况下,任何自尊的第三方组装开发人员都会签署他们的程序集。 I would try the following: 我会尝试以下方法:

  1. See if you can contact the 3rd-party assembly provider and request that they sign it for you. 看看您是否可以联系第三方程序集提供商并请求他们为您签名。
  2. If the 3rd-party assembly provider is open source, download and compile the source yourself with a strong name key. 如果第三方程序集提供程序是开源的,请使用强名称密钥自行下载并编译源代码。 (Consider contributing this back to the project). (考虑将此贡献回项目)。

Otherwise, (as long as the license allows for it): 否则,(只要许可证允许):

  1. Try ildasm.exe and ilasm.exe like so: 尝试ildasm.exeilasm.exe,如下所示:

    ildasm.exe /out:TheAssembly.il TheAssembly.dll ildasm.exe /out:TheAssembly.il TheAssembly.dll

    ilasm.exe TheAssembly.il /key=MyKey.snk /dll /output=TheAssembly.dll ilasm.exe TheAssembly.il /key=MyKey.snk / dll /output=TheAssembly.dll

  2. Try ILMerge as mentioned by the others. 尝试其他人提到的ILMerge

Otherwise, you may have to look for another option for functionality you have currently in the 3rd party assembly. 否则,您可能需要为第三方程序集中当前的功能寻找其他选项。

Best of luck! 祝你好运!

一种选择可能是使用ILMerge对第三方程序集进行签名,但如果第三方非常定期地对其程序集部署更新,则更新会有点麻烦。

You could disassemble the 3rd-party library and recompile it, signing it yourself. 你可以反汇编第三方库并重新编译它,自己签名。 Of course, you shouldn't do this if it violates any licenses or if you aren't aware of the license for the 3rd-party library (which I assume you do being as you're using it). 当然,如果违反任何许可证,或者您不了解第三方库的许可证(我假设您在使用它时,您不应该这样做),则不应该这样做。 That said, if you're in contact with the 3rd-party, ask them to give you a signed version. 也就是说,如果您与第三方联系,请他们给您签名版本。

If you cannot ask the third party for a signed assembly (or in many cases the project has been abandoned) you will need to sign the assembly yourself. 如果您不能要求第三方签署装配(或者在许多情况下项目已被放弃),您需要自己签署装配。 Many of the examples online including the answer from Lloyd sometimes cause problems during a round-trip. 在线的许多例子,包括Lloyd的答案,有时会在往返过程中引起问题。

ILMerge comes with it's own risks and may not be possible and tough to maintain in certain projects. ILMerge自身存在风险,在某些项目中可能难以维护。

I have written an application to automatically perform the signing of any .NET managed assembly to overcome all these limitations and perform this seemingly simple task reliably. 我编写了一个应用程序来自动执行任何.NET托管程序集的签名,以克服所有这些限制并可靠地执行这个看似简单的任务。 This can be done from a UI, the command-line or a programatic API depending on your requirements. 这可以通过UI,命令行或编程API完成,具体取决于您的要求。 You can read more about the app and download it here: http://brutaldev.com/post/2013/10/18/NET-Assembly-Strong-Name-Signer 您可以在此处阅读有关该应用程序的更多信息并下载: http//brutaldev.com/post/2013/10/18/NET-Assembly-Strong-Name-Signer

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM