Signing an unsigned assembly

Question

The recent upgrade of NHibernate 2.1 has brought a mega headache situation to the surface.

It seems most of the projects build by default as signed assemblies. For example fluentnhibernate references the keyfile fluent.snk.

Nhibernate.search builds unsigned from what I can gather and will not build signed that is if you reference a generated keyfile, you get the error:

Referenced assembly 'Lucene.Net' does not have a strong name

This means projects like castle.activerecord that have nhibernate.search as a dependency will not build as you get the horrendous error referenced assembly nhibernate.search does not have a strong name:

Quite a few projects use caslte.activerecord so it is quite important that this builds.

Has anyone any idea what to do here as I am totally out of ideas?

This is complete madness.

Answer 1

1. Obtain the MSIL for the provided assembly From a VS.NET command prompt, enter the following: c:>ildasm providedAssembly.dll /out:providedAssembly.il
2. Rename/move the original assembly I just tack on ".orig" to the filename.
3. Create a new assembly from the MSIL output and your assembly keyfile Assuming you already have an assembly key pair file, do the following from a VS.NET command prompt: c:>ilasm providedAssembly.il /dll /key=keypair001.snk

Source http://www.andrewconnell.com/blog/archive/2004/12/15/772.aspx

Answer 2

The thing is, you cannot reference non-strong-named assemblies from strong-named assemblies, but you can do the reverse. That's why every decent project out there should be signed.

When I run into that problem, I drop a line at the project author (or register an issue) with the explanation in my comment above, and while I wait for a fix, I compile and sign it myself.

Answer 3

All the given answers have a serious flaw in them - they do not work if there are more than one unsigned assemblies which depend on each other. You will have to edit the IL files manually to change unsigned references to signed ones. It is certainly possible, but error prone.

There is a much better way. First, here are my sources:

1. https://www.nuget.org/packages/Nivot.StrongNaming/1.0.4.2
2. How to download a Nuget package without nuget.exe or Visual Studio extension?

The first one is a link to a NuGet package called StrongNaming which allows to strongly name assemblies and it also takes care of unsigned references for you! The second one describes how to download NuGet packages without Visual Studio, if necessary.

I, personally, used the Visual Studio to download it using the NuGet package manager itself, however, you can always browse directly to https://www.nuget.org/api/v2/package/Nivot.StrongNaming/1.0.4.2 and download the nivot.strongnaming.1.0.4.2.zip

There is a tools folder in the downloaded zip (or package if NuGet was used). Once you have located it you can easily install it as a PowerShell module.