Share via


Creating a Key Pair

To sign an assembly with a strong name, you must have a public/private key pair. This public and private cryptographic key pair is used during compilation to create a strong-named assembly. You can create a key pair using the Strong Name tool (Sn.exe). Key pair files usually have an .snk extension.

To create a key pair

  • At the command prompt, type the following command:

    sn –k <file name>

    In this command, file name is the name of the output file containing the key pair.

The following example creates a key pair called sgKey.snk.

sn -k sgKey.snk

If you intend to delay sign an assembly and you control the whole key pair (which is unlikely outside test scenarios), you can use the following commands to generate a key pair and then extract the public key from it into a separate file. First, create the key pair:

sn -k keypair.snk

Next, extract the public key from the key pair and copy it to a separate file:

sn -p keypair.snk public.snk

Once you create the key pair, you must put the file where the strong name signing tools can find it. When signing an assembly with a strong name, the Assembly Linker (Al.exe) looks for the key file relative to the current directory and to the output directory. When using command-line compilers, you can simply copy the key to the current directory containing your code modules.

If you are using an IDE, such as Visual Studio .NET, to sign an assembly with a strong name, you must understand where the IDE looks for the key file. For example, Visual Basic .NET looks for the key file in the directory containing the Visual Studio Solution, whereas the C# compiler looks for the key file in the directory containing the binary. Put the key file in the appropriate project directory and set the file attribute as follows:

<Assembly: AssemblyKeyFileAttribute("key.snk")>
[C#]
[assembly: AssemblyKeyFileAttribute(@"..\..\key.snk")]

See Also

Creating and Using Strong-Named Assemblies