67832

How to generate strong-naming SNK key file with .net libraries

Question:

My product needs to be able to generate .snk files (without having Microsoft SDKs installed on the system). I can generate a working SNK file, but I can not seem to get it to work when specifying a password. Can anyone give me some pointers? This is what I have so far:

internal static void CreateKeyPairFile(string fileName, int keySize, string password) { if ((keySize % 8) != 0) { throw new CryptographicException("Invalid key size. Valid size is 384 to 16384 mod 8. Default 1024."); } CspParameters parms = new CspParameters(); parms.KeyNumber = 2; if (null != password) { var passwordString = new System.Security.SecureString(); foreach (char c in password) { passwordString.AppendChar(c); } parms.Flags = CspProviderFlags.UseUserProtectedKey; parms.KeyPassword = passwordString; } RSACryptoServiceProvider provider = new RSACryptoServiceProvider(keySize, parms); byte[] array = provider.ExportCspBlob(!provider.PublicOnly); using (FileStream fs = new FileStream(fileName, FileMode.Create, FileAccess.Write)) { fs.Write(array, 0, array.Length); } }

Answer1:

The <a href="http://msdn.microsoft.com/en-us/library/system.security.cryptography.cspparameters.keynumber.aspx" rel="nofollow">KeyPassword</a> parameter you use is intended for another purpose than the one you are trying to use it for. From the documentation:

<blockquote>

Use the KeyPassword property to supply a password for a smart card key. When you specify a password using this property, a password dialog will not be presented to the user.

</blockquote>

See also the answer to this question: <a href="https://stackoverflow.com/questions/1915797/simple-use-of-rsacryptoserviceprovider-keypassword-fails" rel="nofollow">Simple use of RSACryptoServiceProvider KeyPassword fails</a>

Besides this, it doesn't seem like you can protect .snk files with a password. What you can do in this case is to use a <strong>PKCS#12</strong> file (.pfx) instead which can be used to sign the assemblies and also can be password protected. You can generate a PKCS#12 file using a library such as <a href="http://www.bouncycastle.org/csharp/" rel="nofollow">BouncyCastle.NET</a>. There is good documentation out there on how to do this, so I won't go into detail here.

See for example: <a href="https://stackoverflow.com/questions/3770233/is-it-possible-to-programmatically-generate-an-x509-certificate-using-only-c" rel="nofollow">Is it possible to programmatically generate an X509 certificate using only C#?</a>

Recommend

  • Not able to set environment variable in Dockerfile for Custom runtime environment in google app engi
  • Swift 3 unresolved identifier CGColorGetComponents [duplicate]
  • How Can I Launch The App-store App Directly from my Application
  • Posting mp4 to Facebook using GraphRequest in React Native
  • Debugging ASP.NET Session State server issues
  • Bootstrap-Datetimepicker not working with the jQuery 3
  • SQLite query less than or greater than check
  • How to access JSF application-scoped managed beans from an HttpSessionListener? [duplicate]
  • TStream.Position compared to TStream.Seek
  • Unable to “List channel messages” on Azure AD Graph API Beta
  • Adding elements together across inherited arrays, LINQ
  • BigRquery will not connect and the error message is blank
  • add catalog product in wishlist programmatically in magento
  • Oracle JDBC UCP and Java
  • Getting nil from standardUserDefaults,
  • How to bend a cylinder in three.js?
  • SQL Worksheet is not displaying in SQL Developer
  • Decimal to ASCII Conversion [closed]
  • plot dirac function in matlab
  • Use awk to convert GPS Position to Latitude & Longitude
  • How to fetch asset modification history in hyperledger fabric
  • Modifying native query cannot have named parameter bindings?
  • Adding native code to an existing Worklight hybrid app
  • Exclude Classes from Being Included in Shaded Jar
  • Shiny - change the size (padding?) of dropdown menu (select tags) smaller
  • Swift manually rotate view controller
  • Set WebClient.Builder.exchangeStrategies() without losing Spring Jackson configuration
  • java.io.FileNotFoundException: Could not open ServletContext resource [/WEB-INF/SpringDispatcher-ser
  • How to use Kaminari pagination gem with Sinatra and Mongoid?
  • using maven pom while creating jar:test-jar some times it says JAR will be empty - no content was ma