Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

StrongNaming with InternalsVisibleTo tag fails when SHA256 used

When using

  1. C# Strongnames on DLLs and
  2. using the InternalsVisibleTo tags and
  3. when the public key uses SHA256 (or SHA512)

We're noticing that the compile process fails as if the InternalsVisibleTo tags were never even declared. The error we get is MyInternalClass is inaccessible due to its protection level <snip>

When the public key uses sha1 (in step #3 above), the compile process works perfectly with no issues and the internals are exposed properly to the test project. The way we're creating the strongname keys is

sn -k 4096 SignKey.snk
sn -p SignKey.snk SignKeyPublic.snk sha256
sn -tp SignKeyPublic.snk

And the way we're exposing the project's internals to it's test project is:

[assembly: InternalsVisibleTo("MyProjectTest, PublicKey=LongPublicKeyHere")]

which we stick inside the Properties\AssemblyInfo.cs of the MyProject project.

Question: How to use SHA256 or better in the strongname process?

EDIT: Or is this a bug in the VS2012 tools?

Platform, Tools: VS2012 (Update 3), .NET 4.5, Windows 8 x64

like image 724
DeepSpace101 Avatar asked Sep 24 '13 03:09

DeepSpace101


1 Answers

It is pretty explicitly mentioned in this magazine article:

Various mechanisms are used to implement digital signatures. The current implementation of strong names in the .NET Framework relies on the RSA public key algorithm and the SHA-1 hash algorithm.

Presumably what you hoped to happen is that you command line argument you used for sn.exe is also visible to the CLR when it checks the strong name. That doesn't exist.

like image 177
Hans Passant Avatar answered Nov 03 '22 11:11

Hans Passant