Obfuscating signed assemblies

Rummage supports obfuscating signed assemblies. When you run Rummage on a signed assembly with a strong name, the obfuscated assembly will also have a strong name, but it will have become invalid as a result of the changes made by Rummage. In order for the name to become valid again, you need to re-sign the assembly after obfuscation.

Rummage does not have a built-in feature in the user interface to re-sign an assembly. You have to perform this step manually, by running a command-line tool called sn.exe. This tool comes with the Windows SDK (also installed with Visual Studio). It may be located at "C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin\sn.exe", but the path varies depending on OS bitness and the version of the installed SDK.

Re-sign an assembly

Run the following command:

sn.exe -R MyAssembly.dll C:\path\to\keyPair.snk

The key file must include the private key for this to succeed. Both .snk and .pfx files are supported.

After signing, run the verification command to make sure the re-signing succeeded.

Verify that an assembly has a strong name

Run the following command:

sn.exe -Vf MyAssembly.dll

This will print one of the following messages:

  • Assembly 'MyAssembly.dll' is valid

    This assembly is signed and does not require re-signing.

  • Failed to verify assembly -- Strong name validation failed for assembly 'MyAssembly.dll'

    This assembly was signed, and requires re-signing.

  • 'MyAssembly.dll' is a delay-signed or test-signed assembly

    This assembly was delay-signed, and requires re-signing.

  • MyAssembly.dll does not represent a strongly named assembly

    This assembly is not signed; it does not require re-signing (and cannot be signed using sn.exe).

Generate an assembly with a strong name

The easiest way to give a strong name to an assembly is by enabling the option in Visual Studio's project properties. It is found on the "Signing" tab, and is called "Sign the assembly". As far as the .csproj file is concerned, this option sets the property SignAssembly to true, and also sets AssemblyOriginatorKeyFile to the key file path.

There is no easy way to add a strong name to an assembly that was compiled without one.

Other actions

The Strong Name Tool supports a number of other actions; they are all documented on MSDN.