Soluling home   Document home

Signing

Quite ofter, most deliverables files are signed. They are signed for two reasons. One is to prevent hacking of files (digital signature). Another, used in .NET, is to guarantee that every assembly file has a unique name (strong name). There is a separate signing method for both purposes.

Digital signature

To make sure that your customer can be sure that the file really comes from you, you can add a digital signature to the file. For Windows and .NET binaries, this is performed after building by using the Singtool.exe tool. In order to add a digital signature you need a certificate that you can purchase from a certificate authority (CA).

Strong name (.NET)

To ensure a unique name, you use strong name signing. Signing is performed on the linking process by the AL.exe tool or after building by using the Sn.exe tool. Either way, you must have a key file. Keys files contain a public-private key pair. The signed assembly will contain the sign data and the public key. Only the private key can be used to create the sign data. The .NET framework uses the public key to make sure that the signed data is authentic.

Platforms

Following file types use signing.

File type Digital signature Strong name Notes
Windows binaries (.exe, .dll) optional - Visual C++, Delphi and C++Builder.
.NET assemblies (.exe, .dll) optional optional If the main assembly has a strong name then the satellite assemblies must also have the same strong name.
Android applications (.apk) required - You cannot install your application if it is not signed. However, Android allows signing with selft made certificate.