Delay signing in C# with example
Delay signing as the name suggest delaying in signing in order to make written code secure even from the internal developer during development so that complete secure and reliable code goes on production with signature.
Let us discuss above definition in more detail, prime purpose of using delay signing is that during development phase if you want to secure written code from internal developer in order no tampering or some sort of hijacking is done of the actual source code. With Delay signing, creation of partial key is done with access of only public key can be used during development by developers while private key is kept securely and is applied to the code. All this can be achieved with assigning Strong Names to DLL of the written source code. With this kind of approach faking Strong Names is not possible due to which entire code remains secure.
Practical of Delay signing
First we will create a Strong Name key and then extract it public key out of it which will later assigned to the DLL present through Visual Studio. This DLL will then be used afterwards under development environment by the developer.
- For that go and click on Start Menu then expand Visual Studio 2015 folder and under to it click on Developer Command Prompt which will open command prompt.
- As soon as command prompt is open then change from default open C: drive to D:\ drive and then go to folder where we have to create Strong Name file, here we have created one folder with name "strongname". Go to that folder by typing "cd strongname" on the keyboard as shown in the image down below.
- Once you are into the folder type line "sn –k MyStrongName.snk" then click on enter and you will find Strong Name file is just got created.
Also go and check on the windows under the strongname folder whether the file with StrongName is created.
Extracting Public Key from Strong Name
Next we have to extract public key from strong name file so that it DLL can be given to developers for writing code.
For that on command prompt write this code in order to extract public key from Strong Name. Below is the code where "sn" stand for strong name and "-p" getting public key from "MyStrongName.snk" while assigning public key with name "MyStrongNamePublic"
After writing the text do press enter which will generate public key on the same location where strong key is generated. After opening the folder on windows under File explorer you will see file of public key with name "MyStrongNamePublic" as shown in the image down below.
Now assign this pubic key to DLL file so that developer can use it.
- For that on Visual Studio go and do right click on "ClassLibrary1" under Solution Explorer.
- Then click on "Properties".
- Under the properties click on "Signing" option.
- Do a tick on the checkbox "Sign the assembly" in order to apply public key to the DLL file "ClassLibrary1".
- Next is to browse and select the location of "secured" folder where public key is present.
- Then do a tick on "Delay sign only" checkbox in order to add private key at the time when DLL is shipped at deployment.
You can go and check the public key is now added to project under the project folder as shown in the image down below.
Create Private Key
In order to create private and get it attached to DLL so that it can go for deploying the project.
First move existing strong name file to "secured" folder and then copy existing DLL file from project folder. You will be able to find DLL file of project under as shown in below path: -
C:\Documents\Visual Studio 2015\Projects\ConsoleApplication6\ClassLibrary1\bin\Release
Now on command prompt type the following code to re-signed the DLL i.e. adding private key to the DLL so that it can be sent for deployment. So "sn" stand for strong name and "-R" getting private key or resigned the DLL named "ClassLibrary1.dll" from "MyStrongName.snk"
"sn –R ClassLibrary1.dll MyStrongName.snk"
After you click ok then it will add private key to DLL successfully as shown in the image down below.
With the private key now added to the DLL can be send for deployment which makes DLL more secured even from internal developers with strong names by assigning public and private key.
Hope delay signing is clearly understood by the reader’s through this article.
Also go through first video from below fresher’s C# project series which will be helpful to the one who is new to C# programming language: -
By Preetiagarwal on 2019-04-26Really I dont know what to say about your great work on ASP.NET, SQL,C#, you are doing great job
Add a Comment
Thank you, for commenting !!
Your comment is under moderation...
Keep reading other blogs