Each signed .NET has both a public key token (8 byte) and a public key (128 bytes). What is the difference between the 2, and why do we need two public "keys"?
The public key token is a unique 16-character key that is given to the assembly when it is built and signed in Microsoft Visual Studio. To determine the public token key, you can run the Strong Name tool (sn.exe) on the assembly. The sn.exe is available with the Microsoft .
PublicKeyToken = null tells you that the CLR is looking for the unsigned assembly. Since you signed them, that's not going to work well and this kaboom is expected. You will have to rebuild the program so it uses the updated signed assembly and embeds the non-null PublicKeyToken into the manifest.
The public key will decrypt the signed hash. When the CLR loads a strongly named assembly it will generate a hash from the assembly and then compare this with the decrypted hash.
To add a Get Assembly Public Key item to the Tools menu In Visual Studio, click External Tools on the Tools menu. In the External Tools dialog box, click Add and enter Get Assembly Public Key in the Title box. Fill the Command box by browsing to sn.exe.
Public Key token is just the hash of the public key. Here for info.
Why we need public key?
Since assembly can be signed and signed assemblies will contain the public key. When loading DLL .NET will use the public key to validate the assembly against the signature. Signature can be only generated using the private key while public key itself can be used for validating the signature.
This process makes sure assembly is not tampered with.
From CLR via C#:
Signing an assembly with a private key ensures that the holder of the corresponding public key produced the assembly. When the assembly is installed into the GAC, the system hashes the contents of the file containing the manifest and compares the hash value with the RSA digital signature value embedded within the PE file (after unsigning it with the public key). If the values are identical, the file's contents haven't been tampered with, and you know that you have the public key that corresponds to the publisher's private key. In addition, the system hashes the contents of the assembly's other files and compares the hash values with the hash values stored in the manifest file's FileDef table. If any of the hash values don't match, at least one of the assembly's files has been tampered with, and the assembly will fail to install into the GAC.
Why public key token needed? Since public key is too big to work with so (Again from CLR visa C#):
The size of public keys makes them difficult to work with. To make things easier for the developer (and for end users too), public key tokens were created. A public key token is a 64-bit hash of the public key. SN.exe's -tp switch shows the public key token that corresponds to the complete public key at the end of its output. Because public keys are such large numbers, and a single assembly might reference many assemblies, a large percentage of the resulting file's total size would be occupied with public key information. To conserve storage space, Microsoft hashes the public key and takes the last 8 bytes of the hashed value. These reduced public key values—known as public key tokens—are what are actually stored in an AssemblyRef table. In general, developers and end users will see public key token values much more frequently than full public key values. Note, however, that the CLR never uses public key tokens when making security or trust decisions because it is possible that several public keys could hash to a single public key token.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With