I see tool like SN which generates private/public key pair for signing an assembly. and using AL tool we can assign a strong name to an assembly
我看到SN这样的工具生成用于签署程序集的私钥/公钥对。使用AL工具,我们可以为程序集指定一个强名称
And we have also Sign tool which is used for signing the assembly (probably for using with certificates exclusively?).
我们还有Sign工具,用于签署程序集(可能只用于证书?)。
What is the exact difference between the two?. Is it sign tool have to be used when working with certificates and can it we acheive it SN?. or are they totally different.?
这两者之间的确切区别是什么?在使用证书时是否必须使用签名工具,我们能否实现SN?或者他们完全不同。
Please help.
1 个解决方案
#1
7
Signtool is to do code signing, which provides code integrity check and authentication of the publisher.
Signtool将进行代码签名,该代码签名提供发布者的代码完整性检查和身份验证。
Sn is to do strong name. It's just for .NET assembly. It addresses the unique ID issue.
Sn是做强名。它只适用于.NET程序集。它解决了唯一的ID问题。
Both tools can make sure the files have not been tampered with but only code signing (signtool) can assure you who is the publisher of the files.
这两个工具都可以确保文件没有被篡改,但只有代码签名(signtool)可以向您保证文件的发布者。
We can use SignTool.exe to sign and time stamp a file with given pfx, even though the file is a strong named dll.
我们可以使用SignTool.exe对给定pfx的文件进行签名和时间戳,即使该文件是强名称dll。
#1
7
Signtool is to do code signing, which provides code integrity check and authentication of the publisher.
Signtool将进行代码签名,该代码签名提供发布者的代码完整性检查和身份验证。
Sn is to do strong name. It's just for .NET assembly. It addresses the unique ID issue.
Sn是做强名。它只适用于.NET程序集。它解决了唯一的ID问题。
Both tools can make sure the files have not been tampered with but only code signing (signtool) can assure you who is the publisher of the files.
这两个工具都可以确保文件没有被篡改,但只有代码签名(signtool)可以向您保证文件的发布者。
We can use SignTool.exe to sign and time stamp a file with given pfx, even though the file is a strong named dll.
我们可以使用SignTool.exe对给定pfx的文件进行签名和时间戳,即使该文件是强名称dll。