views:

37

answers:

1

I have a problem which I'm pretty sure that I can't solve without going back to the vendor, but I thought I would float the problem here first.

Anyway, I have an assembly from a 3rd party that I have to incorporate into existing applications, but it is not signed. This obviously gives me a load of headaches as all my existing product assemblies are signed, and to reference the new dll from these would require me to not sign them. I really don't want to do that.

Do I have any other options other than a) going back to the vendor to try and get them to sign it or b) not-signing any dll that references it?

+2  A: 

Your best bet is to ask the vendor for a properly signed assembly.

Failing that, you do have the dirty option of disassembling the assembly with ILDASM, then reassembling it with your own strong name encryption key. This will require a bit of work. Talk to the vendor first, and perhaps even mention (not threaten) that you'd rather not have to disassemble their assembly.

dthorpe
I hadn't considered going to those lengths, and I hope I don't have to! I'll go back to the vendor tomorrow, but considering this DLL is shipped with their commerical product(!!!) I'm not hopeful. Thanks for the answer.
starskythehutch
This called IL round tripping and its actually fairly easy to do. `ildasm yourassembly.dll /out=yourassembly.il` and then `ilasm yourassembly.il /res=yourassembly.res /key=yourkey.snk /dll`
Brian Gideon
Thanks Brian. That's really useful.
starskythehutch