程序集“未正确签名”。警告

发布于 2024-07-08 00:03:29 字数 1099 浏览 8 评论 0原文

我有一个移动 .NET 解决方案并决定对程序集进行签名。编译完成，没有错误，但出现警告

'CompactUI.Business.PocketPC.asmmeta，Version=1.0.0.0，Culture=neutral，PublicKeyToken=null' 未正确签名。

该应用程序工作正常，但我无法再使用此程序集打开表单设计器。设计者再次表示

'CompactUI.Business.PocketPC.asmmeta, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' 未正确签名。

以及堆栈信息：

位于 Microsoft.CompactFramework.Build .AsmmetaBindingService.GetAsmmetaAssembly（字符串sourceAssemblyPath，布尔验证）在 Microsoft.CompactFramework.Build.AsmmetaBindingService.LoadAsmMetaAssembly（程序集源Assembly，字符串提示路径，IDeviceTypeResolutionService 解析器）在 Microsoft.CompactFramework.Build.MetadataService.GetAsmmetaType（类型 sourceType）在Microsoft.CompactFramework.Build.MetadataService.GetTypeAttributes（类型desktopType）在 Microsoft.CompactFramework.Design.DeviceCustomTypeDescriptor.GetAttributes() ……

这是什么原因造成的呢？

编辑：尼古拉斯的建议并不能解决问题

我有一个包含公共属性的表单，它是表示层中每个表单的基础。

public class CustomForm : Form
{
    ...
}

此表单位于导致警告的业务层中。在设计器中查看时，从该基本表单继承的每个表单都会导致问题。

原文

I have a mobile .NET solution and decided to sign the assemblies.
Compilation completes without errors but gives the warning

'CompactUI.Business.PocketPC.asmmeta, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' is not signed correctly.

The application is working fine but I can't open the designer for forms using this assembly anymore. Again the designer says

'CompactUI.Business.PocketPC.asmmeta, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' is not signed correctly.

with the stack information:

at Microsoft.CompactFramework.Build.AsmmetaBindingService.GetAsmmetaAssembly(String sourceAssemblyPath, Boolean verify)
at Microsoft.CompactFramework.Build.AsmmetaBindingService.LoadAsmMetaAssembly(Assembly sourceAssembly, String hintPath, IDeviceTypeResolutionService resolver)
at Microsoft.CompactFramework.Build.MetadataService.GetAsmmetaType(Type sourceType)
at Microsoft.CompactFramework.Build.MetadataService.GetTypeAttributes(Type desktopType)
at Microsoft.CompactFramework.Design.DeviceCustomTypeDescriptor.GetAttributes()
...

What is causing this?

Edit: Nicholas suggestion is not solving the problem

I've got a Form that contains common properties which is base for every form in the presentation layer

public class CustomForm : Form
{
    ...
}

This form is in the business layer that causes the warning. Every form that inherits from this base form causes the problem when viewing in the designer.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

箜明 2024-07-15 00:03:30

验证该程序集不是在设置“延迟符号”的情况下生成的。当程序集只有一个 null 占位符时，这将导致程序集宣告它已签名。这将导致强名称验证失败。有关详细信息，您还可以查看 MSDN 上的此页面：“程序集应具有有效的强名称”

回复收藏 0 原文

女皇必胜 2024-07-15 00:03:30

我很困惑，你说你签署了程序集，但你的公钥令牌为空，如果你签署了这个程序集，那么你应该指定生成的公钥而不是空。也许我没有完全理解这个问题。尝试删除对 CompactUI.Business.PocketPC.asmmeta 的引用并重新添加签名版本。

回复收藏 0 原文

盗梦空间 2024-07-15 00:03:30

原因

程序集未使用强名称进行签名，无法验证强名称，或者如果没有计算机的当前注册表设置，强名称将无效。
规则说明

此规则检索并验证程序集的强名称。如果满足以下任一条件，则发生违规：

* The assembly does not have a strong name.

* The assembly was altered after signing.

* The assembly is delay-signed.

* The assembly was incorrectly signed, or signing failed.

* The assembly requires registry settings to pass verification. For example, the Strong Name tool (Sn.exe) was used to skip verification for the assembly.

强名称可防止客户端在不知不觉中加载已被篡改的程序集。没有强名称的程序集不应部署在非常有限的场景之外。如果共享或分发未正确签名的程序集，则该程序集可能会被篡改，公共语言运行时可能无法加载该程序集，或者用户可能必须在其计算机上禁用验证。没有强名称的程序集具有以下缺点：

* Its origins cannot be verified.

* The common language runtime cannot warn users if the contents of the assembly have been altered.

* It cannot be loaded into the global assembly cache.

请注意，要加载和分析延迟签名的程序集，必须禁用程序集的验证。

Cause

An assembly is not signed with a strong name, the strong name could not be verified, or the strong name would not be valid without the current registry settings of the computer.
Rule Description

This rule retrieves and verifies the strong name of an assembly. A violation occurs if any of the following are true:

* The assembly does not have a strong name.

* The assembly was altered after signing.

* The assembly is delay-signed.

* The assembly was incorrectly signed, or signing failed.

* The assembly requires registry settings to pass verification. For example, the Strong Name tool (Sn.exe) was used to skip verification for the assembly.

The strong name protects clients from unknowingly loading an assembly that has been tampered with. Assemblies without strong names should not be deployed outside of very limited scenarios. If you share or distribute assemblies that are not correctly signed, the assembly can be tampered with, the common language runtime might not load the assembly, or the user might have to disable verification on his or her computer. An assembly without a strong name suffers from the following drawbacks:

* Its origins cannot be verified.

* The common language runtime cannot warn users if the contents of the assembly have been altered.

* It cannot be loaded into the global assembly cache.

Note that to load and analyze a delay-signed assembly, you must disable verification for the assembly.

回复收藏 0 原文

~没有更多了~