110,534
社区成员
发帖
与我相关
我的任务
分享请发表友善的回复…
发表回复
renshenwawa397 2003-12-31
- 打赏
- 举报
谢谢您,我知道了!
速马 2003-12-31
- 打赏
- 举报
.NET Framework 工具
强名称工具 (Sn.exe)请参见
.NET Framework 工具 | 程序集链接器 (Al.exe) | 具有强名称的程序集
强名称工具有助于使用强名称对程序集进行签名。Sn.exe 提供用于密钥管理、签名生成和签名验证的选项。
sn [-quiet][option [parameter(s)]]
选项 说明
-c [csp] 将默认加密服务提供程序 (CSP) 设置为用于强名称签名。此设置应用于整台计算机。如果不指定 CSP 名称,则 Sn.exe 将清除当前设置。
-d container 从强名称 CSP 中删除指定的密钥容器。
-D assembly1 assembly2 验证两个程序集是否只是签名不同。这经常用作使用不同的密钥对重新为程序集创建签名后的检查。
-e assembly outfile 从 assembly 中提取公钥并将其存储在 outfile 中。
-h 显示此工具的命令语法和选项。
-i infile container 从指定密钥容器中的 infile 安装密钥对。密钥容器位于强名称 CSP 中。
-k outfile 生成一个新的密钥对并将其写入指定的文件。
-m [y| n] 指定密钥容器是计算机特定的还是用户特定的。如果指定 y,则密钥容器是计算机特定的。如果指定 n,则密钥容器是用户特定的。
如果既没有指定 y 也没有指定 n,则此选项显示当前设置。
-o infile [outfile] 从 infile 中提取公钥并将其存储在 .csv 文件中。公钥的每一字节都由逗号分隔。这种格式对于通过硬编码在源代码中将公钥作为初始化数组引用很有用。如果不指定 outfile,则此选项将输出放到剪贴板上。
-p infile outfile 从 infile 中的密钥对提取公钥并将其存储在 outfile 中。此公钥可用于通过程序集链接器 (Al.exe) 的 /delaysign+ 和 /keyfile 选项对程序集进行延迟签名。如果延迟创建程序集的签名,则在编译时只设置公钥,并在文件中为以后知道公钥时添加的签名保留空间。
-pc container outfile 从 container 中的密钥对中提取公钥并将其存储在 outfile 中。
-q[uiet] 指定安静模式;取消显示成功消息。
-R assembly infile 使用 infile 中的密钥对,重新签名先前已签名的程序集或延迟已签名的程序集。
-Rc assembly container 使用容器中的密钥对,重新签名先前已签名的程序集或延迟已签名的程序集。
-t[p] infile 显示存储在 infile 中的公钥的标记。以前必须使用 -p 生成了 infile 的内容。
Sn.exe 使用公钥中的哈希函数计算该标记。为节省空间,公共语言运行库在记录对具有强名称的程序集的依赖性时,将公钥标记存储在清单中,作为对另一个程序集的引用的一部分。-tp 选项除显示标记外还显示公钥。
-T[p] assembly 显示 assembly 的公钥标记。assembly 必须是包含程序集清单的文件名。
Sn.exe 使用公钥中的哈希函数计算该标记。为节省空间,公共语言运行库在记录对具有强名称的程序集的依赖性时,将公钥标记存储在清单中,作为对另一个程序集的引用的一部分。-Tp 选项除显示标记外还显示公钥。
-v assembly 验证 assembly 中的强名称,其中 assembly 是包含程序集清单的文件名。
-vf assembly 验证 assembly 中的强名称。与 -v 选项不同,-vf 强制验证,即使已使用 -Vr 选项禁用了验证。
-Vl 列出此计算机上的强名称验证的当前设置。
-Vr assembly [userlist] [infile] 注册 assembly 以跳过验证。或者,可以指定用逗号分隔的用户名列表。如果指定 infile,则验证保持启用,但 infile 中的公钥将用于验证操作。可以 *, strongname 的形式指定程序集,以注册所有具有指定强名称的程序集。strongname 应指定为十六进制数字的字符串以表示标记形式的公钥。参见 -t 和 -T 选项以显示公钥标记。
警告 仅在开发期间使用此选项。将程序集添加到跳过验证列表会产生安全漏洞。如果将某程序集添加到跳过验证列表中,则恶意的程序集可以通过使用该程序集的完全限定程序集名称来隐藏身份,完全限定程序集名称由程序集名称、版本、区域性和公钥标记组成。这使恶意程序集也可以跳过验证。
-Vu assembly 注销 assembly,不跳过验证。应用于 -Vr 的同一程序集命名规则也应用于 -Vu。
-Vx 移除所有验证跳过项。
-? 显示此工具的命令语法和选项。
注意 所有 Sn.exe 选项都区分大小写,并且必须完全按上面显示的样子键入才可以被此工具识别。
备注
-R 和 -Rc 选项对被延迟签名的程序集很有用。在此方案中,编译时只设置公钥,并且以后知道私钥时执行签名。
示例
下面的命令创建一个新的随机密钥对并将其存储在 keyPair.snk 中。
sn -k keyPair.snk
下面的命令将 keyPair.snk 中的密钥存储在强名称 CSP 中的容器 MyContainer 中。
sn -i keyPair.snk MyContainer
下面的命令从 keyPair.snk 中提取公钥并将其存储在 publicKey.snk 中。
sn -p keyPair.snk publicKey.snk
下面的命令验证程序集 MyAsm.dll。
sn -v MyAsm.dll
下面的命令从默认 CSP 中删除 MyContainer。
sn -d MyContainer
请参见
.NET Framework 工具 | 程序集链接器 (Al.exe) | 具有强名称的程序集
--------------------------------------------------------------------------------
发送有关此主题的反馈
© Microsoft Corporation。保留所有权利。
强名称工具 (Sn.exe)请参见
.NET Framework 工具 | 程序集链接器 (Al.exe) | 具有强名称的程序集
强名称工具有助于使用强名称对程序集进行签名。Sn.exe 提供用于密钥管理、签名生成和签名验证的选项。
sn [-quiet][option [parameter(s)]]
选项 说明
-c [csp] 将默认加密服务提供程序 (CSP) 设置为用于强名称签名。此设置应用于整台计算机。如果不指定 CSP 名称,则 Sn.exe 将清除当前设置。
-d container 从强名称 CSP 中删除指定的密钥容器。
-D assembly1 assembly2 验证两个程序集是否只是签名不同。这经常用作使用不同的密钥对重新为程序集创建签名后的检查。
-e assembly outfile 从 assembly 中提取公钥并将其存储在 outfile 中。
-h 显示此工具的命令语法和选项。
-i infile container 从指定密钥容器中的 infile 安装密钥对。密钥容器位于强名称 CSP 中。
-k outfile 生成一个新的密钥对并将其写入指定的文件。
-m [y| n] 指定密钥容器是计算机特定的还是用户特定的。如果指定 y,则密钥容器是计算机特定的。如果指定 n,则密钥容器是用户特定的。
如果既没有指定 y 也没有指定 n,则此选项显示当前设置。
-o infile [outfile] 从 infile 中提取公钥并将其存储在 .csv 文件中。公钥的每一字节都由逗号分隔。这种格式对于通过硬编码在源代码中将公钥作为初始化数组引用很有用。如果不指定 outfile,则此选项将输出放到剪贴板上。
-p infile outfile 从 infile 中的密钥对提取公钥并将其存储在 outfile 中。此公钥可用于通过程序集链接器 (Al.exe) 的 /delaysign+ 和 /keyfile 选项对程序集进行延迟签名。如果延迟创建程序集的签名,则在编译时只设置公钥,并在文件中为以后知道公钥时添加的签名保留空间。
-pc container outfile 从 container 中的密钥对中提取公钥并将其存储在 outfile 中。
-q[uiet] 指定安静模式;取消显示成功消息。
-R assembly infile 使用 infile 中的密钥对,重新签名先前已签名的程序集或延迟已签名的程序集。
-Rc assembly container 使用容器中的密钥对,重新签名先前已签名的程序集或延迟已签名的程序集。
-t[p] infile 显示存储在 infile 中的公钥的标记。以前必须使用 -p 生成了 infile 的内容。
Sn.exe 使用公钥中的哈希函数计算该标记。为节省空间,公共语言运行库在记录对具有强名称的程序集的依赖性时,将公钥标记存储在清单中,作为对另一个程序集的引用的一部分。-tp 选项除显示标记外还显示公钥。
-T[p] assembly 显示 assembly 的公钥标记。assembly 必须是包含程序集清单的文件名。
Sn.exe 使用公钥中的哈希函数计算该标记。为节省空间,公共语言运行库在记录对具有强名称的程序集的依赖性时,将公钥标记存储在清单中,作为对另一个程序集的引用的一部分。-Tp 选项除显示标记外还显示公钥。
-v assembly 验证 assembly 中的强名称,其中 assembly 是包含程序集清单的文件名。
-vf assembly 验证 assembly 中的强名称。与 -v 选项不同,-vf 强制验证,即使已使用 -Vr 选项禁用了验证。
-Vl 列出此计算机上的强名称验证的当前设置。
-Vr assembly [userlist] [infile] 注册 assembly 以跳过验证。或者,可以指定用逗号分隔的用户名列表。如果指定 infile,则验证保持启用,但 infile 中的公钥将用于验证操作。可以 *, strongname 的形式指定程序集,以注册所有具有指定强名称的程序集。strongname 应指定为十六进制数字的字符串以表示标记形式的公钥。参见 -t 和 -T 选项以显示公钥标记。
警告 仅在开发期间使用此选项。将程序集添加到跳过验证列表会产生安全漏洞。如果将某程序集添加到跳过验证列表中,则恶意的程序集可以通过使用该程序集的完全限定程序集名称来隐藏身份,完全限定程序集名称由程序集名称、版本、区域性和公钥标记组成。这使恶意程序集也可以跳过验证。
-Vu assembly 注销 assembly,不跳过验证。应用于 -Vr 的同一程序集命名规则也应用于 -Vu。
-Vx 移除所有验证跳过项。
-? 显示此工具的命令语法和选项。
注意 所有 Sn.exe 选项都区分大小写,并且必须完全按上面显示的样子键入才可以被此工具识别。
备注
-R 和 -Rc 选项对被延迟签名的程序集很有用。在此方案中,编译时只设置公钥,并且以后知道私钥时执行签名。
示例
下面的命令创建一个新的随机密钥对并将其存储在 keyPair.snk 中。
sn -k keyPair.snk
下面的命令将 keyPair.snk 中的密钥存储在强名称 CSP 中的容器 MyContainer 中。
sn -i keyPair.snk MyContainer
下面的命令从 keyPair.snk 中提取公钥并将其存储在 publicKey.snk 中。
sn -p keyPair.snk publicKey.snk
下面的命令验证程序集 MyAsm.dll。
sn -v MyAsm.dll
下面的命令从默认 CSP 中删除 MyContainer。
sn -d MyContainer
请参见
.NET Framework 工具 | 程序集链接器 (Al.exe) | 具有强名称的程序集
--------------------------------------------------------------------------------
发送有关此主题的反馈
© Microsoft Corporation。保留所有权利。
速马 2003-12-31
- 打赏
- 举报
.NET Framework Tools
Strong Name Tool (Sn.exe)See Also
.NET Framework Tools | Assembly Linker (Al.exe) | Strong-Named Assemblies
The Strong Name tool helps sign assemblies with strong names. Sn.exe provides options for key management, signature generation, and signature verification.
sn [-quiet][option [parameter(s)]]
Option Description
-c [csp] Sets the default Cryptographic Service Provider (CSP) to use for strong name signing. This setting applies to the entire computer. If you do not specify a CSP name, Sn.exe clears the current setting.
-d container Deletes the specified key container from the strong name CSP.
-D assembly1 assembly2 Verifies that two assemblies differ only by signature. This is often used as a check after an assembly has been re-signed with a different key pair.
-e assembly outfile Extracts the public key from assembly and stores it in outfile.
-h Displays command syntax and options for the tool.
-i infile container Installs the key pair from infile in the specified key container. The key container resides in the strong name CSP.
-k outfile Generates a new key pair and writes it to the specified file.
-m [y|n] Specifies whether key containers are computer specific, or user specific. If you specify y, key containers are computer specific. If you specify n, key containers are user specific.
If neither y nor n is specified, this option displays the current setting.
-o infile [outfile] Extracts the public key from the infile and stores it in a .csv file. A comma separates each byte of the public key. This format is useful for hard coding references to keys as initialized arrays in source code. If you do not specify an outfile, this option places the output on the Clipboard.
-p infile outfile Extracts the public key from the key pair in infile and stores it in outfile. This public key can be used to delay sign an assembly using the /delaysign+ and /keyfile options of the Assembly Linker (Al.exe). When an assembly is delay signed, only the public key is set at compile time and space is reserved in the file for the signature to be added later when the private key is known.
-pc container outfile Extracts the public key from the key pair in container and stores it in outfile.
-q[uiet] Specifies quiet mode; suppresses the display of success messages.
-R assembly infile Re-signs a previously signed or delay signed assembly with the key pair in infile.
-Rc assembly container Re-signs a previously signed or delay signed assembly with the key pair in container.
-t[p] infile Displays the token for the public key stored in infile. The contents of infile must be previously generated using -p.
Sn.exe computes the token using a hash function from the public key. To save space, the common language runtime stores public key tokens in the manifest as part of a reference to another assembly when it records a dependency to an assembly that has a strong name. The -tp option displays the public key in addition to the token.
-T[p] assembly Displays the public key token for assembly. The assembly must be the name of a file that contains an assembly manifest.
Sn.exe computes the token using a hash function from the public key. To save space, the runtime stores public key tokens in the manifest as part of a reference to another assembly when it records a dependency to an assembly that has a strong name. The -Tp option displays the public key in addition to the token.
-v assembly Verifies the strong name in assembly, where assembly is the name of a file that contains an assembly manifest.
-vf assembly Verifies the strong name in assembly. Unlike the -v option, -vf forces verification even if it is disabled using the -Vr option.
-Vl Lists current settings for strong name verification on this computer.
-Vr assembly [userlist] [infile] Registers assembly for verification skipping. Optionally, you can specify a comma-separated list of user names. If you specify infile, verification remains enabled, but the public key in infile is used in verification operations. Assembly can be specified in the form *, strongname to register all assemblies with the specified strong name. Strongname should be specified as the string of hexadecimal digits representing the tokenized form of the public key. See the -t and -T options to display the public key token.
CAUTION Use this option only during development. Adding an assembly to the skip verification list creates a security vulnerability. A malicious assembly could use the fully specified assembly name (assembly name, version, culture, and public key token) of the assembly added to the skip verification list to fake its identity. This would allow the malicious assembly to also skip verification.
-Vu assembly Unregisters assembly for verification skipping. The same rules for assembly naming that apply to -Vr apply to -Vu.
-Vx Removes all verification-skipping entries.
-? Displays command syntax and options for the tool.
Note All Sn.exe options are case-sensitive and must be typed exactly as shown to be recognized by the tool.
Remarks
The -R and –Rc options are useful with assemblies that have been delay signed. In this scenario, only the public key has been set at compile time and signing is performed later when the private key is known.
Examples
The following command creates a new, random key pair and stores it in keyPair.snk.
sn -k keyPair.snk
The following command stores the key in keyPair.snk in the container MyContainer in the strong name CSP.
sn -i keyPair.snk MyContainer
The following command extracts the public key from keyPair.snk and stores it in publicKey.snk.
sn -p keyPair.snk publicKey.snk
The following command verifies the assembly MyAsm.dll.
sn -v MyAsm.dll
The following command deletes MyContainer from the default CSP.
sn -d MyContainer
See Also
.NET Framework Tools | Assembly Linker (Al.exe) | Strong-Named Assemblies
--------------------------------------------------------------------------------
Send comments on this topic.
© Microsoft Corporation. All rights reserved.
Strong Name Tool (Sn.exe)See Also
.NET Framework Tools | Assembly Linker (Al.exe) | Strong-Named Assemblies
The Strong Name tool helps sign assemblies with strong names. Sn.exe provides options for key management, signature generation, and signature verification.
sn [-quiet][option [parameter(s)]]
Option Description
-c [csp] Sets the default Cryptographic Service Provider (CSP) to use for strong name signing. This setting applies to the entire computer. If you do not specify a CSP name, Sn.exe clears the current setting.
-d container Deletes the specified key container from the strong name CSP.
-D assembly1 assembly2 Verifies that two assemblies differ only by signature. This is often used as a check after an assembly has been re-signed with a different key pair.
-e assembly outfile Extracts the public key from assembly and stores it in outfile.
-h Displays command syntax and options for the tool.
-i infile container Installs the key pair from infile in the specified key container. The key container resides in the strong name CSP.
-k outfile Generates a new key pair and writes it to the specified file.
-m [y|n] Specifies whether key containers are computer specific, or user specific. If you specify y, key containers are computer specific. If you specify n, key containers are user specific.
If neither y nor n is specified, this option displays the current setting.
-o infile [outfile] Extracts the public key from the infile and stores it in a .csv file. A comma separates each byte of the public key. This format is useful for hard coding references to keys as initialized arrays in source code. If you do not specify an outfile, this option places the output on the Clipboard.
-p infile outfile Extracts the public key from the key pair in infile and stores it in outfile. This public key can be used to delay sign an assembly using the /delaysign+ and /keyfile options of the Assembly Linker (Al.exe). When an assembly is delay signed, only the public key is set at compile time and space is reserved in the file for the signature to be added later when the private key is known.
-pc container outfile Extracts the public key from the key pair in container and stores it in outfile.
-q[uiet] Specifies quiet mode; suppresses the display of success messages.
-R assembly infile Re-signs a previously signed or delay signed assembly with the key pair in infile.
-Rc assembly container Re-signs a previously signed or delay signed assembly with the key pair in container.
-t[p] infile Displays the token for the public key stored in infile. The contents of infile must be previously generated using -p.
Sn.exe computes the token using a hash function from the public key. To save space, the common language runtime stores public key tokens in the manifest as part of a reference to another assembly when it records a dependency to an assembly that has a strong name. The -tp option displays the public key in addition to the token.
-T[p] assembly Displays the public key token for assembly. The assembly must be the name of a file that contains an assembly manifest.
Sn.exe computes the token using a hash function from the public key. To save space, the runtime stores public key tokens in the manifest as part of a reference to another assembly when it records a dependency to an assembly that has a strong name. The -Tp option displays the public key in addition to the token.
-v assembly Verifies the strong name in assembly, where assembly is the name of a file that contains an assembly manifest.
-vf assembly Verifies the strong name in assembly. Unlike the -v option, -vf forces verification even if it is disabled using the -Vr option.
-Vl Lists current settings for strong name verification on this computer.
-Vr assembly [userlist] [infile] Registers assembly for verification skipping. Optionally, you can specify a comma-separated list of user names. If you specify infile, verification remains enabled, but the public key in infile is used in verification operations. Assembly can be specified in the form *, strongname to register all assemblies with the specified strong name. Strongname should be specified as the string of hexadecimal digits representing the tokenized form of the public key. See the -t and -T options to display the public key token.
CAUTION Use this option only during development. Adding an assembly to the skip verification list creates a security vulnerability. A malicious assembly could use the fully specified assembly name (assembly name, version, culture, and public key token) of the assembly added to the skip verification list to fake its identity. This would allow the malicious assembly to also skip verification.
-Vu assembly Unregisters assembly for verification skipping. The same rules for assembly naming that apply to -Vr apply to -Vu.
-Vx Removes all verification-skipping entries.
-? Displays command syntax and options for the tool.
Note All Sn.exe options are case-sensitive and must be typed exactly as shown to be recognized by the tool.
Remarks
The -R and –Rc options are useful with assemblies that have been delay signed. In this scenario, only the public key has been set at compile time and signing is performed later when the private key is known.
Examples
The following command creates a new, random key pair and stores it in keyPair.snk.
sn -k keyPair.snk
The following command stores the key in keyPair.snk in the container MyContainer in the strong name CSP.
sn -i keyPair.snk MyContainer
The following command extracts the public key from keyPair.snk and stores it in publicKey.snk.
sn -p keyPair.snk publicKey.snk
The following command verifies the assembly MyAsm.dll.
sn -v MyAsm.dll
The following command deletes MyContainer from the default CSP.
sn -d MyContainer
See Also
.NET Framework Tools | Assembly Linker (Al.exe) | Strong-Named Assemblies
--------------------------------------------------------------------------------
Send comments on this topic.
© Microsoft Corporation. All rights reserved.
