brutaldev / strongnamesigner Goto Github PK

Could not load file or assembly 'Auth0.Core, Version=5.10.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. A strongly-named assembly is required. (Exception from HRESULT: 0x80131044).

For more info see auth0/auth0.net#207

By comparing the PE header of an existing unsigned assembly and the same assembly signed with StrongNameSigner, I found out that the "Debug directory" is stripped out from the PE header.

Without information in the header that it's e.g. impossible to generate a PDB with JetBrains dotPeek (https://youtrack.jetbrains.com/issue/DOTP-6889)

I'm using version 2.1.4

Example:
If you have a third party assembly that references another third party assembly, neither of which you have the source code for, called A.dll and B.dll. If both assemblies are unsigned, A will reference B with a null public key. When signing both assemblies, they will now have public key values when being referenced (kind of the point of having signed assemblies in the first place). Problem is, A will still have the internal reference to the unsigned version of B and will not resolve it because the public key of the new file does not match.

Need a new option in StrongNameSigner that lets you specify an assembly and update it's references to another assembly. In the example, you would need to pass in assembly A, and request reference updates to the newly signed assembly B.

Version numbers and fully qualified names also get involved here but it's mainly the public key value that is now new and breaks the references. The public key of the referenced assembly needs to be injected into the IL.

Getting the following error message when compiling on linux with mono

cd src
xbuild

StrongNameSigner/src/Brutal.Dev.StrongNameSigner/Brutal.Dev.StrongNameSigner.csproj (default targets) ->
/usr/lib/mono/4.5/Microsoft.Common.targets (PostBuildEvent target) ->

/usr/lib/mono/4.5/Microsoft.Common.targets: error : Command 'if /I "Debug" == "Release" "/Microsoft.NET/Framework/v4.0.30319/msbuild.exe" /p:CleanIntermediates=True /p:Configuration=Release "/StrongNameSigner/src/Brutal.Dev.StrongNameSigner.Docs/Documentation.shfbproj"' exited with code: 2.

When installing via nuget with the new PackageReference it isn't properly installed (it appears to have an incorrect file structure).

assemblies can define
[assembly: InternalsVisibleTo("Some.Assembly")]

and for this to work, it need to patch the attribute to:
[assembly: InternalsVisibleTo("Some.Assembly", PublicKey=)]

Currently signing assemblies will invalidate any debug symbols that were generated with them, making it impossible to debug using Visual Studio.

I've been able to get away with doing IL debugging using DILE so far, but it would be great to be able to debug against the actual source.

I'm interested in looking into this feature but I can't commit to a timeframe yet so I'm putting this issue here in case someone else feels up to the challenge. :)

As you may know, when declaring a friend assembly with the attribute InternalsVisibleTo, the public key of the friend assembly must be provided.

When signing assemblies with StrongNameSigner, the tool updates references very well, except these InternalsVisibleTo which then reference unsigned versions of the friend assemblies.

This leads to errors at loading.

Can you make the tool manage these cases?
Thanks!

I get this message when trying to sign an assembly:

Strong-name signing ...nuget\packages\shopifysharp\4.21.7\lib\net45\ShopifySharp.dll...
Error strong-name signing ...nuget\packages\shopifysharp\4.21.7\lib\net45\ShopifySharp.dll: Unknown blob format.

If you select an alternative output directory for the signed assemblies, then references are not fixed up (as the method looks at the previous unsigned version in the source path and considers it a no-op).

I was going to submit a PR, but don't have time right now, so logged this here.

Is it possible to overcome this if the mixed-mode assembly is unsigned? I'm trying to use the default "sign everything in the project" approach so I don't have to add a build step to specify a myriad of pure .NET DLLs to exclude a few.

2.1.0 works great, but in 2.1.1 after calling SignAssembly(....) the file remains locked untill the application is closed.

E.g. we use a temporary directory to sign files, signing the same dll for multiple DotNet versions causes problems as we cannot delete them after signing.

Is there a way to skip one particular executable from being signed?
I have phantomjs inside of a vsix project, but it keeps spitting out 150+ warnings over it every time I compile.

It would be nice if the Strong-Name Signer app could create the post build scripts needed in Visual Studio for creating NuGet package.

David McCarter

I'm trying to use this with .NET Core and am getting the following errors:

2>C:\Users\dotnetdave.nuget\packages\brutal.dev.strongnamesigner\2.1.4\build\Brutal.Dev.StrongNameSigner.targets(6,5): error : Operation is not valid due to the current state of the object.
2>C:\Users\dotnetdave.nuget\packages\brutal.dev.strongnamesigner\2.1.4\build\Brutal.Dev.StrongNameSigner.targets(6,5): error : at Mono.Cecil.ModuleDefinition.ProcessDebugHeader()
2>C:\Users\dotnetdave.nuget\packages\brutal.dev.strongnamesigner\2.1.4\build\Brutal.Dev.StrongNameSigner.targets(6,5): error : at Mono.Cecil.ModuleDefinition.ReadSymbols(ISymbolReader reader)
2>C:\Users\dotnetdave.nuget\packages\brutal.dev.strongnamesigner\2.1.4\build\Brutal.Dev.StrongNameSigner.targets(6,5): error : at Mono.Cecil.ModuleReader.ReadSymbols(ModuleDefinition module, ReaderParameters parameters)
2>C:\Users\dotnetdave.nuget\packages\brutal.dev.strongnamesigner\2.1.4\build\Brutal.Dev.StrongNameSigner.targets(6,5): error : at Mono.Cecil.ModuleReader.CreateModuleFrom(Image image, ReaderParameters parameters)
2>C:\Users\dotnetdave.nuget\packages\brutal.dev.strongnamesigner\2.1.4\build\Brutal.Dev.StrongNameSigner.targets(6,5): error : at Mono.Cecil.ModuleDefinition.ReadModule(Stream stream, ReaderParameters parameters)
2>C:\Users\dotnetdave.nuget\packages\brutal.dev.strongnamesigner\2.1.4\build\Brutal.Dev.StrongNameSigner.targets(6,5): error : at Mono.Cecil.ModuleDefinition.ReadModule(String fileName, ReaderParameters parameters)
2>C:\Users\dotnetdave.nuget\packages\brutal.dev.strongnamesigner\2.1.4\build\Brutal.Dev.StrongNameSigner.targets(6,5): error : at Brutal.Dev.StrongNameSigner.SigningHelper.GetAssemblyInfo(String assemblyPath, String[] probingPaths)
2>C:\Users\dotnetdave.nuget\packages\brutal.dev.strongnamesigner\2.1.4\build\Brutal.Dev.StrongNameSigner.targets(6,5): error : at Brutal.Dev.StrongNameSigner.AutomaticBuildTask.Execute()

I am using latest 1.4.0.0 version from installer. I am trying to sign some ServiceStack assemblies. More specifically the package ServiceStack 3.9.71.0. It contains 2 unsigned assemblies:

• ServiceStack.dll
• ServiceStack.ServiceInterface.dll which has a reference to ServiceStack.dll

When I use -InputDirectory via the following command in my Build.proj file (please ignore the quotes escaping which results in double quotes here...):

<Exec ContinueOnError="false" Command=""$(AssemblySignerPath)" -InputDirectory "$(PackagesPath)\ServiceStack.3.9.71\lib\net35" -KeyFile "$(SnkPath)""/>

the console signer fails:

Strong-name signing E:\project\packages\ServiceStack.3.9.71\lib\net35\ServiceStack.dll...
E:\project\packages\ServiceStack.3.9.71\lib\net35\ServiceStack.dll was strong-name signed successfully!

Strong-name signing E:\project\packages\ServiceStack.3.9.71\lib\net35\ServiceStack.ServiceInterface.dll...
EXEC : error : Failed to resolve assembly: 'ServiceStack, Version=3.9.71.0, Culture=neutral, PublicKeyToken=null' [E:\project\Build.proj]

Fixing references to 'E:\project\packages\ServiceStack.3.9.71\lib\net35\ServiceStack.ServiceInterface.dll' in 'E:\project\packages\ServiceStack.3.9.71\lib\net35\ServiceStack.dll'...
Nothing to fix...

Fixing references to 'E:\project\packages\ServiceStack.3.9.71\lib\net35\ServiceStack.dll' in 'E:\project\packages\ServiceStack.3.9.71\lib\net35\ServiceStack.ServiceInterface.dll'...
EXEC : error : Failed to resolve assembly: 'ServiceStack, Version=3.9.71.0, Culture=neutral, PublicKeyToken=55b3e7db333400d4' [E:\project\Build.proj]

1 file(s) were strong-name signed.
0 references(s) were fixed.

Hello,
thanks for your tool, it's very helpful for us!

We have a little issue with the libraries of MvvmLight - it touches the assemblies on every compilation and so it took a long time.

After the compilation it says this:

 0 file(s) were strong-name signed.
 82 references(s) were fixed.

You can get the log here: https://mega.nz/#!8JllkaTI!VOpstcjIQrILlXARho9_dY0i0I5CsOTbz2rRVh_Kl1o

And my git tells me that some of the dlls have changed (only GalaSoft.MvvmLight.Extras.dll and GalaSoft.MvvmLight.Platform.dll in the different versions).

I also get several warnings like this ("the format of the executable or the library is wrong"):

>EXEC : warning : Das Format der ausführbaren Datei (.exe) oder der Bibliothek (.dll) ist ungültig.

Can this be fixed?

Best regards!
Stefan

Hi there,

I dont know what the issue is, maybe someone could help me with this little problem please. I guess it looks for C:\Program Files (x86)\Windows Kits\10\References\Windows.Foundation.UniversalApiContract\1.0.0.0\Windows.Foundation.UniversalApiContract.winmd
Why it cannot find it? Is there anything I can do?

Thank you!

1> Strong-name signing 'C:\Users\dbr.CONNEXT_NT\.nuget\packages\WinRTXamlToolkit.UWP\2.0.0\lib\uap10.0\WinRTXamlToolkit.dll'... 1>EXEC : warning : Failed to resolve assembly: 'Windows.Foundation.UniversalApiContract, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'

Hi,

Could you add a new variable here to locate StrongNameSigner?
Here:
https://github.com/brutaldev/StrongNameSigner/blob/master/src/Brutal.Dev.StrongNameSigner/StrongNameSigner.targets#L20

You could declare
<StrongNameSignerDirectory>$(MSBuildThisFileDirectory)</StrongNameSignerDirectory>

So that from pre / post build step, we can use this variable to find Brutal.Dev.StrongNameSigner console and not hardcode the path containing the version (curerntly Brutal.Dev.StrongNameSigner.2.1.2)

Thank you

When creating an empty project with NodaTime v2.1.0 and StrongNameSigner it becomes imposible to launch the project:

Severity Code Description Project File Line Suppression State
Error Operation is not valid due to the current state of the object.
at Mono.Cecil.ModuleDefinition.ProcessDebugHeader()
at Mono.Cecil.ModuleDefinition.ReadSymbols(ISymbolReader reader)
at Mono.Cecil.ModuleReader.ReadSymbols(ModuleDefinition module, ReaderParameters parameters)
at Mono.Cecil.ModuleReader.CreateModuleFrom(Image image, ReaderParameters parameters)
at Mono.Cecil.ModuleDefinition.ReadModule(Stream stream, ReaderParameters parameters)
at Mono.Cecil.ModuleDefinition.ReadModule(String fileName, ReaderParameters parameters)
at Brutal.Dev.StrongNameSigner.SigningHelper.GetAssemblyInfo(String assemblyPath, String[] probingPaths)
at Brutal.Dev.StrongNameSigner.AutomaticBuildTask.Execute() WindowsFormsApp19

Currently the program skips assemblies when they already has strong name. Please add option to allow resign assemblies with different key (and update references to the new public token)

I have a problem using your tool with 2 assemblies where one references the other one. When I sign the 2 assemblies separately, they pass validation. At runtime though, the reference is broken. If I put both of the assemblies in at once, it says the references got fixed, but then fails validation which causes a runtime compile exception, is there a trick to getting the references fixed without breaking the signature?

I'm trying to add source linking to a lib but the StrongNameSigner seems to be erasing the source linking information.

I used the Nirsoft Strong Name Remover utility to remove a signature from a signed assembly. After running the remove operation, I confirmed it was removed using snremove -d. However, when I load that assembly into SNS, it still shows that it's signed and refuses to sign it again.

Can you explain why this is happening? Also, it would be nice if SNS included the ability to remove a signature, so we don't need to use a separate utility for that.

When executing this tools as a pre-build in Visual Studio, references for the project need to be updated to reference the strong named version as well. A Visual Studio plugin would be very nice.

Some resigned assemblies use InternalsVisibleTo. This causes runtime exceptions as you can read here:

https://catelproject.atlassian.net/browse/CTL-653?focusedCommentId=19053&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-19053

Details:

An exception of type 'System.MethodAccessException' occurred in Catel.MVVM.dll but was not handled in user code
Additional information: D:\DevSamples\StrongNameProblem\MyTestApp\bin\Debug\Catel.Core.dll Strong-name signed assemblies must specify a public key in their InternalsVisibleTo declarations.

Below is the snippet from my build task. During a build it gets into an infinite loop of signing and fixing references. On the second pass nothing needs to be signed (verified with your GUI as well) and no references are fixed. Can you think of what might be causing this? This is VS2015 U1 though I doubt it is at play.

<Target Name="BeforeBuild"> <Exec ContinueOnError="false" Command="&quot;$(ProjectDir)..\packages\Brutal.Dev.StrongNameSigner.1.6.1\tools\StrongNameSigner.Console.exe&quot; -in &quot;$(ProjectDir)..\packages&quot;" /> </Target>

When I finally CTRL+BREAK the IDE build I have 1000's of lines of this

1> Fixing references to '..\packages\Microsoft.Net.Http.2.2.29\lib\portable-net45+win8+wpa81\System.Net.Http.Primitives.dll' in '..\packages\Microsoft.Net.Http.2.2.29\lib\sl4-windowsphone71\System.Net.Http.Primitives.dll'... 1> No assembly references to fix... 1> 1> Fixing references to '..\packages\Microsoft.Net.Http.2.2.29\lib\sl4-windowsphone71\System.Net.Http.dll' in '..\packages\Microsoft.Net.Http.2.2.29\lib\sl4-windowsphone71\System.Net.Http.Primitives.dll'... 1> No assembly references to fix... 1> 1> Fixing references to '..\packages\Microsoft.Net.Http.2.2.29\lib\sl4-windowsphone71\System.Net.Http.Extensions.dll' in '..\packages\Microsoft.Net.Http.2.2.29\lib\sl4-windowsphone71\System.Net.Http.Primitives.dll'... 1> No assembly references to fix... 1> 1> Fixing references to '..\packages\Microsoft.Net.Http.2.2.29\lib\win8\System.Net.Http.Extensions.dll' in '..\packages\Microsoft.Net.Http.2.2.29\lib\sl4-windowsphone71\System.Net.Http.Primitives.dll'... 1> No assembly references to fix...

If ya' click Download Installer in README.md, you get an infinite redirect error.

Example: click here (if this link works, it's probably fixed)

Tried with Safari and Chrome.

Hi there! I'm seeing the following error when I try to execute the StrongNameSigner.Console.exe command line tool in a Linux environment.

packages/Brutal.Dev.StrongNameSigner.1.5.1/tools/StrongNameSigner.Console.exe -in {my project}/bin/Debug -k {my signing key}.pfx -p {my password} -l Changes
Error: Win32 IO returned ERROR_GEN_FAILURE. Path: /vagrant/{my project folder}/bin/Debug/{assembly file}
Error: Win32 IO returned ERROR_GEN_FAILURE. Path: /vagrant/{my project folder}/bin/Debug/{assembly file}
.NET Assembly Strong-Name Signer Summary
0 file(s) were strong-name signed.
0 references(s) were fixed.
Unknown errno: Protocol error
Unknown errno: Protocol error

Any ideas what could be causing this?

StrongNameSigner.Console v1.5.1
Ubuntu 14.04.5 LTS
Mono 4.6.1

Hey there,

I have a scenario where I have 3 assemblies that need to be referenced by a strong-name signed project. One is a 3rd party library and 2 are created by me, but I don't want to make them strong-name signed.

• ThirdPartyLib.dll
• MyLib.dll (depends upon ThirdPartyLib.dll)
• MyLib2.dll (depends upon ThirdPartyLib and MyLib)
• MyProject.csproj (depends upon ThirdPartyLib.dll, MyLib and MyLib2)

What I've found is that in my case, MyLib2.dll is correctly compiled, but when loaded I get the error:

Could not load file or assembly 'MyLib2' or one of its dependencies. Strong name signature could not be verified. The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)

I've narrowed this error down to this line:

If I set a breakpoint before this line and use "sn.exe -v MyLib2.dll" it responds saying MyLib2.dll is valid. If I then step over this line and check again with sn.exe it responds with the "String name signature could not be verified".

I then did a quick test by hardcoding this line to this:

a.Write(assemblyPath, new WriterParameters { StrongNameKeyPair = GetStrongNameKeyPair("C:\\path\\to\\MyKeyPair.snk", null) });

And this causes the problem to disappear.

Unfortunately I haven't had time yet to create a simple failing test case but it looks to me to be a fairly simple change. I'll have a look tomorrow about coming up with a failing unit test and a pull request to fix it.

Hi,

I'm using Brutal.Dev.StrongNameSigner Nuget package, had used "Before Build" process to sign un-signed packages. Those packages will not be updated that frequently so I would like to disable signing & checking.

Is there option to do that?

Hello,

I want to use your tool to automatically sign two dll's from external nuget packages that I used in my solution. Problem is that your task checks all dll inside nuget download folder (in my case it is C:\Users\USERNAME.nuget\packages which contain 26 folders/packages) so execution time of single build takes too much time, more than 8 minutes. Is it an option to give the mask of dll's/packages that will specify for dll's file names that tool really needs to be signed?

Now that I've actually added this to my build process I'm faced with the incredibly verbose output it produces. While a "silent" mode would be nice, I probably wouldn't want it that quiet. It'd be great if it'd just print the assemblies that are fixed or signed. (e.g., don't print assemblies that have a Nothing to fix... result)

Hi.

Is this tool integrated into Visual Studio ? In that case where ?

We are using this NuGet package: Nito.AsyncEx.Tasks
This package references this Nuget package: Microsoft.Bcl.Async

The .NET 4.0 library is a PCL library that has its Retargetable=Yes attribute in the assembly. StrongNameSigner doesn't look at retargetable assemblies and will "Fix" the reference and sign the assembly back with its own strongname.

I am trying to sign the Akka NuGet Package by using Signature.Core which in turn uses your tool.

The problem is that when I try to use the signed NuGet package, it fails with the following error:
Unhandled Exception: System.MethodAccessException: [D:\AkkaTest\Akka test\Akka test\bin\Debug\Akka.dll] Strong-name signed assemblies must specify a public key in their InternalsVisibleTo declarations.

This is due to the fact that Akka.dll contains InternalsVisibleTo references to other Akka dlls which are not present in that NuGet package.

Reading the code of your tools made me realize that you only update that field if the friend assembly is present and (in newer versions of your tool, which Signature.Core does not use yet) delete it otherwise.

Wouldn't it be safer to assume/guess that the friend reference will have the same public key as the dll we are currently signing? Since we are signing this dll, we are probably going to sign the other ones anyway. It just so happens that in a NuGet environment, the references aren't in the same package.

Thanks

I installed the GUI version and run into this error every time. I have a couple unsigned DLLs in a local folder I created on my machine. I verified my AD account has rights to this folder, as well as the DLLs. When ever I add the files, and click "Sign Assemblies" the output log says: "Error strong-name signing : Access to the path '' is denied." Tried rebooting. Tried moving them to a different folder. Not sure what's going on.

I tried to use it with a dotnet build (2.1).
I get ...Brutal.Dev.StrongNameSigner.targets (6.5): error MSB4062: The Brutal.Dev.StrongNameSigner.AutomaticBuildTask Task could not be loaded from the ...\ .nuget \ packages \ brutal.dev.strongnamesigner \ 2.3.0 \ build \ Brutal.Dev.StrongNameSigner.dll assembly. Could not load file or assembly 'Microsoft.Build.Utilities.v4.0, Version = 4.0.0.0, Culture = neutral, PublicKeyToken = b03f5f7f11d50a3a'. The system can not find the stated file....
Building locally within VS is working. Is it possible to build it with a newer Microsoft.Build.Utility reference ?

Running StrongNameSigner.Console.exe -a net452\IdentityModel.dll gives the following error:
Error: Operation is not valid due to the current state of the object..

The IdentityModel.dll is from the IdentityModel nuget package version 3.9.0, and StrongNameSigner is downloaded from NuGet version 2.1.4.

I think I found an assembly reference that's not being rewritten by StrongNameSigner, and I may know where it is.

Repro steps:

1. Create a new "WPF Custom Control Library" project (not to be confused with "WPF User Control Library").
2. Build it.
3. Close the solution.
4. Create a new "WPF Application" project.
5. Configure the project for strong name signing (project settings > signing > etc.)
6. Add a project reference to the custom control library DLL, built above.
7. Add the Strong Name Signer nuget package to the project.
8. In MainWindow.xaml, replace the grid tag with this (the xmlns value assumes the above DLL and it's .NET namespace are WpfCustomControlLibrary1, so doctor it if necessary):

   <Grid xmlns:mylib="clr-namespace:WpfCustomControlLibrary1;assembly=WpfCustomControlLibrary1">
       <mylib:CustomControl1/>
   </Grid>
   

9. Build and run.

Expected: The application runs.
Actual: It throws an exception, "FileLoadException: Could not load file or assembly 'WpfCustomControlLibrary1, PublicKeyToken=null' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)".

I may know where the un-rewritten reference is. I think it's an assembly self-reference in WpfCustomControlLibrary1.dll. That DLL contains a "generic.baml" resource (compiled from themes\generic.xaml in the project), and when I view it with dnSpy, there is a reference to the baml's own DLL, but with a null PublicKeyToken. I had to enable dnSpy's option: "View > Options > BAML decompiler > Disassemble BAML" to see the PublicKeyToken.

Edit: Looks like normal references (across assemblies) also aren't rewritten in XAML/BAML. Guessing XAML isn't yet supported.

I'have tried to add squirrel.windows nuget package after Brutal.Dev.StrongNameSigner to a WinForm application but Visual Studio 2015 uses 100% of CPU and resulting assemblies are not valid.

Best regards,
Filippo.

I am working in Visual Studio 2015 (Update 3) and I created a *.csproj as a Class Library (PCL) which I then migrated to .NET Standard 1.3, by going to the properties of the project file, under Library and change the Targeting to .NETStandard1.3.

I then installed NuGet package Brutal.Dev.StrongNameSigner.2.1.0, expecting it to pop up in my packages folder. But nothing happens. The strong name signer tool cannot be used in conjunction with a .NET Standard PCL project.

I had to add another standard .NET project to my solution and include the NuGet package for Brutal.Dev.StrongNameSigner.2.1.0 over there in order to get it into packages.

When getting the AssemblyInfo for a file the result is somehow cached.

Reproduce, start with a signed assembly, run the code below, replace with unsigned assembly run code again (without closing the application):
AssemblyInfo assemblyInfo = SigningHelper.GetAssemblyInfo(file);
if (assemblyInfo.IsSigned) { MessageBox.Show("signed"); }
else { SigningHelper.SignAssembly(....); }

Hi,

I've tried to sign big batch of assemblies in one go (400+). It doesn't finish within 30 mins.

I've add an extra method in SigningHelper to solve this issue: it allows you solve references as join rather than 2 loop matching

public static void FixAssemblyReferences(IEnumerable<string> assemblyPaths, IEnumerable<string> signedAssemblyPaths,  string keyPath, string keyFilePassword, Action<string> info, Action<string> warning, Action<string> error, params string[] probingPaths)
{

    var assemblies = assemblyPaths.Where(x => !string.IsNullOrWhiteSpace(x) && File.Exists(x)).Distinct()
    .Select(p =>
    {

        AssemblyDefinition assembly = null;

        try
        {
            assembly = AssemblyDefinition.ReadAssembly(p, GetReadParameters(p, probingPaths));
            if (assembly.Name.PublicKeyToken == null || assembly.Name.PublicKeyToken.Length == 0)
                assembly = null;
        }
        catch (BadImageFormatException bife)
        {
            warning(string.Format("Warning: {0}", bife.Message));
        }
        catch (Exception ex)
        {
            error(string.Format("Error: {0}", ex.Message));
        }

        return new {Assembly = assembly, Path = p};
    }).Where(x=>x.Assembly != null).ToList();

    var signedAssemblies = signedAssemblyPaths.Where(x => !string.IsNullOrWhiteSpace(x) && File.Exists(x)).Distinct()
        .Select(p =>
        {

            AssemblyDefinition assembly = null;

            try
            {
                assembly = AssemblyDefinition.ReadAssembly(p, GetReadParameters(p, probingPaths));
                if (assembly.Name.PublicKeyToken == null || assembly.Name.PublicKeyToken.Length == 0)
                    assembly = null;
            }
            catch (BadImageFormatException bife)
            {
                warning(string.Format("Warning: {0}", bife.Message));
            }
            catch (Exception ex)
            {
                error(string.Format("Error: {0}", ex.Message));
            }

            return new { Assembly = assembly, Path = p };
        }).Where(x => x.Assembly != null).ToList();

    var toFixReferencePair = assemblies.SelectMany(a => a.Assembly.MainModule.AssemblyReferences.Select(r => new {Assembly = a, Ref = r})).ToList()
        .Join(signedAssemblies, x => new {x.Ref.Name, x.Ref.Version}, y => new {y.Assembly.Name.Name, y.Assembly.Name.Version}, (x, y) => new {a = x.Assembly.Assembly, b = y.Assembly, assemblyPath = x.Assembly.Path, refPath = y.Path, x.Ref})
        .Distinct();

    foreach (var pair in toFixReferencePair)
    {
        try
        {
            // Found a matching reference, let's set the public key token.
            if (BitConverter.ToString(pair.Ref.PublicKeyToken) != BitConverter.ToString(pair.b.Name.PublicKeyToken))
            {
                pair.Ref.PublicKeyToken = pair.b.Name.PublicKeyToken ?? new byte[0];
                pair.Ref.Version = pair.b.Name.Version;

                // Save and resign.
                pair.a.Write(pair.assemblyPath, new WriterParameters { StrongNameKeyPair = GetStrongNameKeyPair(keyPath, keyFilePassword), WriteSymbols = File.Exists(Path.ChangeExtension(pair.assemblyPath, ".pdb")) });

                info(string.Format("References to '{1}' in '{0}' were fixed successfully.", pair.assemblyPath, pair.refPath));
            }
        }
        catch (BadImageFormatException bife)
        {
            warning(string.Format("Warning: {0}", bife.Message));
        }
        catch (Exception ex)
        {
            error(string.Format("Error: {0}", ex.Message));
        }

    }


    var friendReferences = signedAssemblies.Select(x => new {Assembly = x, Attrs = x.Assembly.CustomAttributes.Where(attr => attr.AttributeType.FullName == typeof (InternalsVisibleToAttribute).FullName).ToList()})
        .SelectMany(x => x.Attrs.Select(y => new {x.Assembly, Attr = y})).ToList()
        .Join(assemblies, x => x.Attr.ConstructorArguments[0].Value.ToString(), y => y.Assembly.Name.Name, (x, y) => new {b = x.Assembly.Assembly, refPath = x.Assembly.Path, a = y, FriendRef = x.Attr})
        .Where(x => x.a.Assembly.Name.HasPublicKey).Distinct();

    foreach (var pair in friendReferences)
    {
        try
        {
            // Add the public key to the attribute.
            var typeRef = pair.FriendRef.ConstructorArguments[0].Type;
            pair.FriendRef.ConstructorArguments.Clear();
            pair.FriendRef.ConstructorArguments.Add(new CustomAttributeArgument(typeRef, pair.a.Assembly.Name.Name + ", PublicKey=" + BitConverter.ToString(pair.a.Assembly.Name.PublicKey).Replace("-", string.Empty)));

            // Save and resign.
            pair.b.Write(pair.refPath, new WriterParameters { StrongNameKeyPair = GetStrongNameKeyPair(keyPath, keyFilePassword), WriteSymbols = File.Exists(Path.ChangeExtension(pair.refPath, ".pdb")) });
            info(string.Format("References to '{1}' in '{0}' were fixed successfully.", pair.a.Path, pair.refPath));
         }
            catch (BadImageFormatException bife)
        {
            warning(string.Format("Warning: {0}", bife.Message));
        }
        catch (Exception ex)
        {
            error(string.Format("Error: {0}", ex.Message));
        }
    }
}

I'm trying to sign Python.Runtime.DLL, but got this error:

This used to work before and stopped working in version 1.8.0.

Hello @brutaldev

If I sign a dll, I can't reference It in my visual studio anymore. What's the problem?

https://db.tt/LEmyvmWO

I'd like to drop StrongNameSigner.Console.exe in a solution's Shared folder (where I keep powershell build and deployment scripts and whatnot) so that I don't have to install Strong Name Signer on every machine this will run on. I got it working by installing just the Console app and then copying the necessary DLLs from the install directory in to my Shared folder. It'd be great if there were a standalone exe or a ZIP of the program files so I don't actually have to install it.

Also, please add a time machine and go back and write this a year earlier when I was last mucking around with signed assemblies and sorely needed this. Thanks. :-)

I installed the nuget package and attempted to build. My build immediately fails and all the assemblies in the project fail to resolve in my project. I'm not sure if I am doing something wrong or if something is broken. Any help is much appreciated.

Console signing doesn't work with asp .core applications.
There are diffrenet errors in console:
"Warning: Format of the executable (.exe) or library (.dll) is invalid"
"Error: Operation is not valid due to the current state of the object"

The project builds and runs locally, but for published click once applications the strong name validation fails for the post-signed assemblies after download and the app won't install.