Strong Name Tool (Sn.exe)

The Strong Name command-line tool (Sn.exe) can be used for several purposes when working with shared components. First, the utility can be used to generate a new public-private key pair and to write that pair to a file:

sn -k <outfile>

The utility can also be used to extract a public key from a key pair in a file, and export it to a separate file:

sn -p <infile> <outfile>   

Two other options (-t and –T) can be used to extract key tokens from files. For efficiency, the security system in the .NET Framework stores key tokens ** in the assemblies, rather than storing complete keys. A key token consists of the last 8 bytes (or 64 bits) of the key.

Finally, the Strong Name tool can be used to verify an assembly for strong-name signature self-consistency:

sn -v[f] <assembly>

The utility can thus be used to verify that a particular assembly was signed using a particular key file. Using the files from the topic A Shared Component, you first need to extract the public key out of OrgKey.snk:

sn -p orgKey.snk pub.snk

Then you can verify that the same key pair signed both components, by obtaining the same key tokens from both of the following commands:

sn -t pub.snk
sn -T reverser.dll