Geeks With Blogs
Teucer's Quiver Me && .net

I would like to run sn.exe as a post build instruction. Our key pair is stored in a share whose acess is controlled using ACLs hence its a protected asset. We didnt want to skip assembly verification or use the vs2005 feature for test key signing due to certain reasons notable of which is the fact that there is a dependant system which identifies our code using our strong name for the calling assembly and its a one time registration changing which would impact production or introduce maintenance issues.

So the next question is How do I get the vs.net command environment setup as a post build instruction so that I can call sn.exe? some of the solution projects use web service proxies which are sgen'd during compilation and it requires assemblies to be fully signed before it can generate serialization assemblies. I have not yet investigated the MSBuild properties SignAssembly and AssemblyOriginatorKeyFile as described here so far but not sure if that would be help us in all circumstances or not?

I have so far tried something like expanding the program files variable and hard code the rest of the path to the Microsoft Visual Studio 8\VC\ folder and run the vcvarsall.cmd script and then execute what may be necessary. There are couple of issues which our team has faced so far due to this. Some of the devs have multiple program file folders (essentially they have one partition with the OS and another with the rest of the programs hence multiple program file folders), in some cases they run the compile on machines which do not have vs.net installed and so on... What I am finally thinking is to introduce a custom environment variable with the correct path to the vsvarsall command script which a dev would set system wide before he compiles code using vs.net.

Posted on Monday, February 13, 2006 7:58 AM Technical | Back to top


Comments on this post: Delay signing and VS 2005 challenges

# re: Delay signing and VS 2005 challenges
Requesting Gravatar...
I use a post build step which sets verification for debug builds and signs the assembly for release builds using a key in the solution directory - you could change this to your share:

IF NOT $(ConfigurationName) == Release GOTO NoVerification
ECHO Note: Release build assembly requires private key file - for development use non-release build!
"$(DevEnvDir)..\..\SDK\v2.0\bin\sn.exe" –R $(TargetFileName) $(SolutionDir)key.snk
"$(DevEnvDir)..\..\SDK\v2.0\bin\sn.exe" –R $(ProjectDir)obj\Release\$(TargetFileName) $(SolutionDir)key.snk
GOTO End
:NoVerification
ECHO Note: Non-release build assembly has no verification - for development only!
"$(DevEnvDir)..\..\SDK\v2.0\bin\sn.exe" –Vr $(TargetFileName)
:End

Note: The assembly must be marked as delay signed, and reference the public key.
Hope this helps,
Phil.
Left by Phillip Trelford on May 04, 2006 1:59 AM

Your comment:
 (will show your gravatar)


Copyright © Tameem Ansari | Powered by: GeeksWithBlogs.net