C# Signature:
/// <summary>
/// Verify a strong name/manifest against a public key blob
/// </summary>
/// <param name="wszFilePath">valid path to the PE file for the assembly</param>
/// <param name="dwInFlags">flags modifying behavior</param>
/// <param name="pdwOutFlags">[out] additional output info</param>
[DllImport("mscoree.dll")]
public static extern bool StrongNameSignatureVerification([MarshalAs(UnmanagedType.LPWStr)]string wszFilePath, StrongNameInFlags dwInFlags, Out StrongNameOutFlags pdwOutFlags);
User-Defined Types:
/// <summary>
/// Flags for use with the verify routines
/// </summary>
public enum StrongNameInFlags : int
{
/// <summary>verify even if the settings in the registry disable it</summary>
ForceVerification = 0x00000001,
/// <summary>verification is the first (on entry to the cache)</summary>
Install = 0x00000002,
/// <summary>cache protects assembly from all but admin access</summary>
AdminAccess = 0x00000004,
/// <summary>cache protects user's assembly from other users</summary>
UserAccess = 0x00000008,
/// <summary>cache provides no access restriction guarantees</summary>
AllAccess = 0x00000010
}
/// <summary>
/// Flags for use with the verify routines
/// </summary>
public enum StrongNameOutFlags : int
{
/// <summary>set to false if verify succeeded due to registry settings</summary>
WasVerified = 0x00000001
}
Notes:
This function is exported from mscorsn.dll in v1.0 and v1.1 of the .NET framework, but it will be moved to mscorwks.dll in v2.0. There is a shim in mscoree.dll which will redirect to the appropriate implementation dll, which has the same name.
Tips & Tricks:
StrongNameSignatureVerificationEx should generally be used instead of this API, since it provides a nicer wrapper, and StrongNameSignatureVerification does not provide extra user-accessable functionality.
Sample Code:
/// <summary>
/// Verify an assembly's strong name
/// </summary>
/// <param name="assembly">assembly to verify</param>
/// <param name="forceVerification">true to ignore the skip verify registry</param>
/// <returns>true if the assembly verifies, false otherwise</returns>
private static bool VerifyAssembly(string assembly, bool forceVerification)
{
// make sure the assembly is there
if(!File.Exists(assembly))
{
Console.WriteLine("'{0)' doesn't exist", assembly);
return false;
}
// do the verification
StrongNameInFlags inFlags = StrongNameInFlags.Install | StrongNameInFlags.AllAccess;
if(forceVerification)
inFlags |= StrongNameInFlags.ForceVerification;
StrongNameOutFlags outFlags;// = (StrongNameOutFlags)0;
bool passedVerification = StrongName.Native.Verification.StrongNameSignatureVerification(assembly, inFlags, out outFlags);
bool notForced = (outFlags & StrongNameOutFlags.WasVerified) == StrongNameOutFlags.WasVerified;
if(passedVerification && notForced)
Console.WriteLine("Signature of '{0}' verified", assembly);
else if(passedVerification && !notForced)
Console.WriteLine("'{0}' is delay signed", assembly);
else
Console.WriteLine("Signature of '{0}' could not be verified", assembly);
return passedVerification;
}
Alternative Managed API:
Do you know one? Please contribute it!
