I've added a weakly named assembly to my Visual Studio 2005 project (which is strongly named). I'm now getting the error:
"Referenced assembly 'xxxxxxxx' does not have a strong name"
Do I need to sign this third-party assembly?
To avoid this error you could either:
- Load the assembly dynamically, or
- Sign the third-party assembly.
You will find instructions on signing third-party assemblies in .NET-fu: Signing an Unsigned Assembly (Without Delay Signing).
Signing Third-Party Assemblies
The basic principle to sign a thirp-party is to
Disassemble the assembly using
ildasm.exe
and save the intermediate language (IL):ildasm /all /out=thirdPartyLib.il thirdPartyLib.dll
Rebuild and sign the assembly:
ilasm /dll /key=myKey.snk thirdPartyLib.il
Fixing Additional References
The above steps work fine unless your third-party assembly (A.dll) references another library (B.dll) which also has to be signed. You can disassemble, rebuild and sign both A.dll and B.dll using the commands above, but at runtime, loading of B.dll will fail because A.dll was originally built with a reference to the unsigned version of B.dll.
The fix to this issue is to patch the IL file generated in step 1 above. You will need to add the public key token of B.dll to the reference. You get this token by calling
sn -Tp B.dll
which will give you the following output:
Microsoft (R) .NET Framework Strong Name Utility Version 4.0.30319.33440
Copyright (c) Microsoft Corporation. All rights reserved.
Public key (hash algorithm: sha1):
002400000480000094000000060200000024000052534131000400000100010093d86f6656eed3
b62780466e6ba30fd15d69a3918e4bbd75d3e9ca8baa5641955c86251ce1e5a83857c7f49288eb
4a0093b20aa9c7faae5184770108d9515905ddd82222514921fa81fff2ea565ae0e98cf66d3758
cb8b22c8efd729821518a76427b7ca1c979caa2d78404da3d44592badc194d05bfdd29b9b8120c
78effe92
Public key token is a8a7ed7203d87bc9
The last line contains the public key token. You then have to search the IL of A.dll for the reference to B.dll and add the token as follows:
.assembly extern /*23000003*/ MyAssemblyName
{
.publickeytoken = (A8 A7 ED 72 03 D8 7B C9 )
.ver 10:0:0:0
}
Expand the project file that is using the project that does not "have a strong name key" and look for the .snk
file (.StrongNameKey).
Browse through to this file in Windows Explorer (just so that you know where it is).
Back in Visual Studio in the project that does not "have a strong name key", do
- Right click on the project file
- Select Properties
- Select "Signing tab" (on the left)
- Click the check box "Sign the assembly"
- Then
<Browse>
to the.snk
file you found earlier
That should do the trick. This solved a problem for me for one project using a form inside another project in the same solution.
I hope it helps.
I was searching for solution to the very same problem and un-ticking "Sign the assembly" option works for me:
(as you may notice screenshot comes from VS2010 but hopefully it will help someone)
I have written a tool to automatically strong-name sign assemblies including ones you do not have the source code for or projects that have been abandoned. It uses many of the techniques described in the answers in a simple way without any of the flaws or drawbacks of existing tools or dated instructions.
http://brutaldev.com/post/2013/10/18/NET-Assembly-Strong-Name-Signer
Hope this helps out anyone that need to sign a third party assembly without having to jump through hoops to get there.
You can use unsigned assemblies if your assembly is also unsigned.
Signing the third party assembly worked for me:
http://www.codeproject.com/Tips/341645/Referenced-assembly-does-not-have-a-strong-name
EDIT: I've learned that it's helpful to post steps in case the linked article is no longer valid. All credit goes to Hiren Khirsaria:
Run visual studio command prompt and go to directory where your DLL located.
For Example my DLL is located in
D:/hiren/Test.dll
Now create the IL file using the command below.
D:/hiren> ildasm /all /out=Test.il Test.dll
(this command generates the code library)Generate new key to sign your project.
D:/hiren> sn -k mykey.snk
Now sign your library using
ilasm
command.D:/hiren> ilasm /dll /key=mykey.snk Test.il
How to sign an unsigned third-party assembly
- Open up Developer Command Prompt for Visual Studio. This tool is available in your Window programs and can be found using the default Windows search.
- Ensure your prompt has access to the following tools by executing them once:
sn
ildasm
andilasm
- Navigate to the folder where your Cool.Library.dll is located
sn –k Cool.Library.snk
to create a new key pairildasm Cool.Library.dll /out:Cool.Library.il
to disassemble the librarymove Cool.Library.dll Cool.Library.unsigned.dll
to keep the original library as a back-upilasm Cool.Library.il /dll /resource=Cool.Library.res /key=Cool.Library.snk
to reassemble the library with a strong namepowershell -command "& {[System.Reflection.AssemblyName]::GetAssemblyName($args).FullName} Cool.Library.dll"
to get the assembly fully qualified name. You will need this bit if you have to reference the DLL in external configuration files like web.config or app.config.
I had this issue for an app that was strongly named then had to change it in order to reference a non-strongly named assembly, so I unchecked 'Sign the assembly' in the project properties Signing section but it still complained. I figured it had to be an artifact somewhere causing the problem since I did everything else correctly and it was just that. I found and removed the line: [assembly: AssemblyKeyFile("yourkeyfilename.snk")] from its assemblyInfo.cs file. Then no build complaints after that.
Old question, but I'm surprised no one has mentioned ilmerge yet. ilmerge is from Microsoft, but not shipped with VS or the SDKs. You can download it from here though. There is also a github repository. You can also install from nuget:
PM>Install-Package ilmerge
To use:
ilmerge assembly.dll /keyfile:key.snk /out:assembly.dll /targetplatform:v4,C:\Windows\Microsoft.NET\Framework\v4.0.30319 /ndebug
If needed, You can generate your own keyfile using sn (from VS):
sn -k key.snk
For me my issue was that I had two of the same NuGet Packages installed with different Versions.
Removing the "Sign the assembly" check mark under the "Signing" tab works as @Michal Stefanow said.
Add here is the simplest way to sign your own files and/or other people's files. You just need to add this line under the "Post-build event command line":
"C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\bin\signtool.exe" sign /f "$(ProjectDir)\YourPfxFileNameHere.pfx" /p YourPfxFilePasswordHere /d "Your software title here" /du http://www.yourWebsiteHere.com /t http://timestamp.verisign.com/scripts/timstamp.dll /v "$(BaseOutputPath)$(TargetFileName)"
You can sign other people's files or your own files and as many as you want.
Situation: You had project A,B,C,D in solution X,Y
Project A, B, C in X Project A, C, D in Y
I need use project C in project A, but later i dont use. In bin Debug project A had C.dll.
If I compile solution X, all good ( in this solution i delete reference A -> C. ), but in solution Y I get this problem.
Solution is delete C.dll in project A bin Debug
来源:https://stackoverflow.com/questions/331520/how-to-fix-referenced-assembly-does-not-have-a-strong-name-error