Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
Mono(sn)							      Mono(sn)

NAME
       sn - Digitally sign/verify/compare strongnames on CLR assemblies.

SYNOPSIS
       sn [-q |	-quiet]	[options] [parameters]

DESCRIPTION
       Digitally sign, verify or compare CLR assemblies	using strongnames.

       You  can	 use  the sn command to	create "snk files" using the -k	option
       described below.

CONFIGURATION OPTIONS
       Configuration options are stored	in  the	 machine.config	 configuration
       file under /configuration/strongNames.

       -c provider
	      Change  the default CSP (Crypto Service Provider). Currently not
	      supported	in Mono.

       -m [y|n]
	      Use a machine [y]	key container or a  user  [n]  key  container.
	      Currently	not supported in Mono.

       -Vl    List  the	verification options. The list is kept under /configu-
	      ration/ strongNames/verificationSettings in machine.config.

       -Vr assembly [userlist]
	      Exempt the specified assembly from verification for  the	speci-
	      fied  user  list.	  Currently not	supported by sn. You must edit
	      machine.config manually if you require this.

       -Vu assembly
	      Remove the exemption entry for the specified assembly. Currently
	      not  supported  by  sn, you must edit machine.config manually if
	      you require this.

       -Vx    Remove all exemptions entries. Currently not  supported  by  sn,
	      you must edit machine.config manually if you require this.

CSP RELATED OPTIONS
       -d container
	      Delete the keypair present in the	specified key container.

       -i keypair.snk container
	      Import  the  specified  strongname  file into the	specified con-
	      tainer.

       -pc container publickey
	      Export the public	key from the specified CSP  container  to  the
	      specified	file.

CONVERSION OPTIONS
       -e assembly output.pub
	      Export the assembly public key to	the specified output file.

       -p keypair.snk output.pub
	      Export  the  public  key	from the specified strongname key file
	      (SNK) or from a PKCS#12/PFX password protected file to the spec-
	      ified output file.

       -o input	output.txt
	      Convert the input	file to	a CSV file (using decimal).

       -oh input output.txt
	      Convert the input	file to	a CSV file (using hexadecimal).

STRONGNAME SIGNING OPTIONS
       -D assembly1 assembly2
	      Compare if assembly1 and assembly2 are the same except for their
	      signature.  This is done by comparing the	hash of	 the  metadata
	      of both assemblies.

       -k [size] keypair.snk
	      Create  a	 new  strongname  keypair  in  the specified file. The
	      default key length is 1024 bits and MUST	ALWAYS	be  used  when
	      signing  1.x  assemblies.	  Any value from 384 to	16384 bits (in
	      increments of 8 bits) is a valid key length to sign  2.x	assem-
	      blies.  To ensure	maximum	compatibility you may want to continue
	      using 1024 bits keys. Note that there's no good reason, even  if
	      it's possible, to	use length lesser than 1024 bits.

       -R assembly keypair.snk
	      Re-sign  the  specified  assembly	using the specified strongname
	      keypair file (SNK) or a PKCS#12/PFX password protected file. You
	      can  only	sign an	assembly with the private key that matches the
	      public key inside	the assembly (unless it's public key token has
	      been remapped in machine.config).

       -Rc assembly container
	      Re-sign  the  specified  assembly	using the specified strongname
	      container.

       -t file
	      Show the public key token	from the specified file.

       -tp file
	      Show the public key and the public key token from	the  specified
	      file.

       -T assembly
	      Show the public key token	from the specified assembly.

       -Tp assembly
	      Show  the	public key and the public key token from the specified
	      assembly.

       -v assembly
	      Verify the specified assembly signature.

       -vf assembly
	      Verify the specified assembly signature (even if disabled).

HELP OPTIONS
       -h , -?
	      Display basic help about this tool.

       -h config , -? config
	      Display configuration related help about this tool.

       -h csp ,	-? csp
	      Display Cryptographic Service Provider related help  about  this
	      tool.

       -h convert , -? convert
	      Display conversion related help about this tool.

       -h sn , -? sn
	      Display strongname related help about this tool.

CONFIGURATION FILE
       Strongnames  configuration  is kept in "machine.config" file. Currently
       two
	      features can be configured.

       /configuration/strongNames/pubTokenMapping
	      This mechanism lets Mono remap a public key token, like the ECMA
	      token, to	another	public key for verification. This is useful in
	      two scenarios. First, assemblies signed with the "ECMA key" need
	      to be verified by	the "runtime" key (as the  ECMA	 key  isn't  a
	      public  key).  Second,  many  assemblies are signed with private
	      keys that	Mono can't use (e.g. System.Security.dll assembly).  A
	      new  key	cannot be used because it should change	the strongname
	      (a new key pair would have a new public key which	would  produce
	      a	 new  token).  Public  key token remapping is the solution for
	      both problems. Each token	must be	configured in  a  "map"	 entry
	      similar	to   this   one:  <map	Token="b77a5c561934e089"  Pub-
	      licKey="00..." />

       /configuration/strongNames/verificationSettings
	      It is often useful during	development to use delay signed	assem-
	      blies.  Normally*	the runtime wouldn't allow delay-signed	assem-
	      blies to be  loaded.   This  feature  allows  some  delay-signed
	      assemblies (based	on their public	key token, optionally assembly
	      name and user name) to be	 used  like  they  were	 fully	signed
	      assemblies.  [*]	Note  that Mono	1.0 "runtime" doesn't validate
	      strongname signatures so this option shouldn't  be  required  in
	      most scenarios.

AUTHOR
       Written by Sebastien Pouliot

COPYRIGHT
       Copyright  (C)  2003  Motus  Technologies.   Copyright (C) 2004 Novell.
       Released	under BSD license.

MAILING	LISTS
       Visit http://lists.ximian.com/mailman/listinfo/mono-list	for details.

WEB SITE
       Visit http://www.mono-project.com for details

SEE ALSO
       secutil(1)

								      Mono(sn)

NAME | SYNOPSIS | DESCRIPTION | CONFIGURATION OPTIONS | CSP RELATED OPTIONS | CONVERSION OPTIONS | STRONGNAME SIGNING OPTIONS | HELP OPTIONS | CONFIGURATION FILE | AUTHOR | COPYRIGHT | MAILING LISTS | WEB SITE | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=sn&manpath=FreeBSD+10.3-RELEASE+and+Ports>

home | help