Delay Signing helps us to prevent our application from our own developers. Because our developer knows everything about our application, they know strong key file, DLL name, function name, etc. so they can easily take the strong key file and can place a fake DLL, that’s where Delay Signing comes into the picture.
Structure of Strong Key
When we create a Strong Key, there are 2 parts to it:
- Public Key
- Private Key
So we have to share only Public Strong Key with the internal developers and when we want to deploy the application at that time, we have to add the Private Strong Key and do the deployment.
We can understand the whole concept of Delay Signing by a Strong Key creation.
To create a Strong Key, we have to open “Visual Studio Command Prompt”.
- Go to the desired location where you want to create Strong Name Key file. (For example, D:\Akash\Study\Projects\Windows Application\Strong Name)
- Type- sn -k MyStrongName.snk. This command created a Strong Name Key file in the desired location. This key hold both public as well as private key.
- In order to extract Public Strong Name Key from above Strong Name Key file Type-
sn -p MyStrongName.snk MyStrongNamePublic.snk
- Now we can give the MyStrongNamePublic.snk file to our internal developers for development and store the MyStrongName.snk file in a secured location and will use this at the time of deployment. REMEMBER A POINT when we are using delay signing concept, we have to check the check box “Delay sign only” at the time of Public Strong Name Kay file assignment.
- At the time of deployment, we have to assign the secured Strong Name Key file to the DLL. To do this, we have to go to the location where the secured Strong Name Key file is stored, Type-
sn –R ClassLibrary1.dll MyStrongName.snk