How to Assign a Strong Name to an Unsigned 3rd-Party Assembly

Here is the scenario:  You get a .NET DLL from somewhere that provides some really cool functionality that you need for your BizTalk/SharePoint/etc application.  So you go to install the utility into the GAC, and then you realize that the DLL has not been signed.  If the assembly must be installed into the GAC, what can you do at this point to get this resolved?

The first options (and likely the best) would be to ask the developer(s) that created the assembly to give you a signed version.  If they are providing a .NET assembly for public use, it is a best practice to ensure that the assembly has a strong name.

If they will not provide you with a signed assembly, or you just can't wait for them to do that, there is another option.

Create a key pair that you will use to sign the assembly:

sn.exe -k key.snk

Disassemble the DLL using ILDASM:

ILDASM.exe SomeLibrary.dll /OUTPUT=SomeLibrary.il

This will create a "SomeLibrary.il" file that contains the IL for the assembly.  If the original assembly had embedded resources, it will also output a "SomeLibrary.res" file that contains the resources.  If that file exists, then append "/RESOURCE=SomeLibrary.res" to the command line shown below.

Reassemble the DLL using ILASM to sign the output with the key that you created:

ILASM.exe SomeLibrary.il /DLL /OUTPUT=SomeLibrary.dll /KEY=key.snk

Now you have a signed version of the assembly that you can install into the GAC.  You might want to make a backup of the original DLL, since this will overwrite that file (or you could specify a different name in OUTPUT).

I am sure that there are other ways to do this same thing.  This is just the method that I was introduced to.