Bypassing strong-name verification for a .Net assembly
09 Apr 2006
Sometimes during testing I just want to copy a strong-named assembly from a build machine to my worktop. However the assembly won't run if the .Net runtime on my system can't find the public key to verify its signature with, so I end up with an error like this:
To bypass strong name verification, I essentially exempt it using the sn.exe strong-name tool that ships with VS. The -Vr option means "Register for verification skipping" and after this I can run it fine.
Now if I type
Microsoft (R) .NET Framework Strong Name Utility Version 2.0.50727.312
Copyright (c) Microsoft Corporation. All rights reserved.
C:\tools\unit\debug\i386>unit.exeUnhandled Exception: System.IO.FileLoadException: Could not load file or assembly 'unit, Version=14.0.0.0, Culture=neutral, PublicKeyToken=42cf38aff364e35' or one of its dependencies. Strong name validation failed. (Exception from HRESULT: 0x8013141A) File name: 'unit, version=14.0.0.0, Culture=neutral, PublicKeyToken=42cf38aff364e35' ---> System.Security.SecurityException: Strong name validation failed. (Exception from HRESULT: 0x8013141A)The Zone of the assembly that failed was:
MyComputerTo bypass strong name verification, I essentially exempt it using the sn.exe strong-name tool that ships with VS. The -Vr option means "Register
sn -Vr *,36e4ce08b8ecfb17Now if I type
sn -Vl I'll see this assembly in the list of assemblies that skip strong-name verification:Microsoft (R) .NET Framework Strong Name Utility Version 2.0.50727.312
Copyright (c) Microsoft Corporation. All rights reserved.
Assembly/Strong Name Users
===========================================
*,31bf3856ad364e35 All users
Caution:
Use the -Vr option only during development. Adding an assembly to the skip verification list creates a security vulnerability. A malicious assembly could use the fully specified assembly name (assembly name, version, culture, and public key token) of the assembly added to the skip verification list to fake its identity. This would allow the malicious assembly to also skip verification.
Geoffrey Hunter
2013-01-11T00:10:57.970Z
Thanks for the help! I had to use this trick to be able to use the MathNet Neodym library (MathNet.Neodym.dll).
Chris Weber
2013-01-13T18:21:47.676Z
Glad you found it useful, and thanks for the comment.