I don’t find sn.exe command line arguments particularly intuitive, and the fact they’re case sensitive doesn’t exactly put you in the pit of success either.
Also, it turns out there are two kinds of .snk files. One kind is 596 bytes by default and contains a key pair (private and public key). The other kind is 160 bytes typically and only contains the public key.
I’ve looked at sn.exe /? for long enough to compose this cheat sheet. Hopefully it'll be useful to others too.
Create a key pair | sn –k private.snk |
Extract public key | sn –p private.snk public.snk |
View public key and public key token | sn –tp public.snk |
View public key and public key token of assembly | sn –Tp assembly.dll |
Extract public key from assembly | sn –e assembly.dll public.snk |
Verify if assembly is signed and with what key | sn –vf assembly.dll |
Show list of assemblies on machine registered for verification skipping | sn –Vl |
Register assemblies for verification skipping | sn –Vr * (must elevate) |
Resign an assembly with the key pair | sn –Ra assembly.dll private.snk |
Wow, just… wow! It seems as though the entire internet has been searching for this since 2003! That is a bit of an exaggeration but still, the amount of confusion associated with Strong Name tool is significant. I think a lot is due to casual users stumbling upon it, and worrying that it is malware e.g. "Feb 8, 2014 – 0 of 68 malware scanners detected the file sn.exe from Motus Technologies, Novell as clean" via herdprotect dot com. Scott Hanselman knows about sn (he's such a sweet heart!): "If you've ever struggled with sn.exe on a 64bit box, you know what I mean…" but he isn't loud, so to speak.
sn isn't something that most web apps developers or visual studio users would need to know, I'm guessing. That includes me! I know even less! There are only 16 questions on StackOverfow about sn.exe, and no tag wiki. I'm going to write one, right now!
Note that sn -tp private.snk won’t work on a private key (596 bytes) so you need to first run sn -tp private.snk public.snk, then run sn -tp public.snk.