SNS Claims Unsigned Assembly is Signed #53
Comments
|
I have some upgrades planned for SNS (probably over the holidays) so I'll take the removal option into consideration. Not sure why it still thinks it's signed, the remover must still be leaving a marker behind, only an assembly diff would explain if it actually removing it correctly. Do you have an assembly example you used to reproduce this problem, or do you believe it happens to all assemblies you remove the strong-name from? |
|
It seems to happen with all assemblies. I just tested it with the SNS assembly (Brutal.Dev.StrongNameSigner.dll) and it did the same thing. |
|
@bkonia did you happen to find a solution/workaround for this? I have the same requirement, and I have found the exact same thing happens when I attempt what you try above. |
|
It's possible the Fake Sign bit is being set. https://docs.microsoft.com/en-us/dotnet/csharp/language-reference/compiler-options/publicsign-compiler-option |
|
@jzabroski how would I verify if that is the case or not? |
|
Just a guess - haven't tried it -
https://github.com/jbevain/cecil/blob/b2d248c1caacf411f4b0433a807e7497a6f8e1a0/Mono.Cecil.PE/ImageReader.cs#L288
…On Wed, Nov 20, 2019 at 10:42 AM Gary Ewan Park ***@***.***> wrote:
@jzabroski <https://github.com/jzabroski> how would I verify if that is
the case or not?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#53?email_source=notifications&email_token=AADNH7L4WRRWD2DP6YIK6ITQUVLFZA5CNFSM4JG4MWG2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEESNEWA#issuecomment-556061272>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AADNH7IAUGAM6Q2777GGHMTQUVLFZANCNFSM4JG4MWGQ>
.
|
No, I'm just waiting for the upgrade from @brutaldev |
|
I'll look at this today and see if I can get it fixed up. Thanks for all the info, will be useful to track down why this happens. |
|
@brutaldev let me know if you need a volunteer to test anything out. Happy to help where I can. |
|
Sorry guys, I'll take a look at this soon, yesterday and today was consumed with project work :( |
|
@brutaldev totally understand, I know how things can go sometimes. I genuinely wouldn't have any idea on where to start with looking into this, so not in a position to help out from a code point of view, but please let me know if there is anything I can do to help within testing/verification, etc. |
|
Fixed up in version 2.6.0. The remover only sets the bit to highlight that the assembly is not signed (but keeps the public key - thanks @jzabroski). Delay-signed assemblies will be seen as NOT being signed, the UI will indicate the signing type as well and there is a new property to determine this if you use the API. Will add full-fledged removing at a later stage which is easy enough, not sure if this tool is the right thing to do that... |
|
@brutaldev thank you so much for doing this! I have just taken this for an initial spin, and it seems to work! Going to give this a larger test in the actual place that I need to make use of it to see if everything there works, but seems like it is going to! Thanks again! |
I used the Nirsoft Strong Name Remover utility to remove a signature from a signed assembly. After running the remove operation, I confirmed it was removed using snremove -d. However, when I load that assembly into SNS, it still shows that it's signed and refuses to sign it again.
Can you explain why this is happening? Also, it would be nice if SNS included the ability to remove a signature, so we don't need to use a separate utility for that.
The text was updated successfully, but these errors were encountered: