Signing a DLL assembly with public key token

Hugh McMaster picture Hugh McMaster · May 26, 2015 · Viewed 7.7k times · Source

I inherited a C# .NET application that needed slight modifications to some of the path name strings in one of the DLL assemblies. I do not have the source code, unfortunately.

I made the necessary modifications using ILSpy and the Reflexil plugin. When I save the DLL, I'm told the original file was signed and that the new file won't work without it being signed. The new file is now "delay signed".

I can see the public key, the public key token and the hash algorithm with Reflexil.

I'm totally new to .NET IL. How can I use the public key information I have to sign the patched DLL?

I have Visual Studio 2013, so have access to sn.exe, if that helps.

Answer

Hugh McMaster picture Hugh McMaster · May 27, 2015

As Luaan said above, what I wanted to do is not possible. The private key is just that - private. The public key is designed for verification purposes, to ensure that the assembly has not been modified.

Removing the strong name was an option, as Luaan said in one of his comments. This did not work for me, however, as there were many dependencies, making the method impractical.

As a temporary solution, I've left the assembly file delay signed, and disabled strong name validation in the registry for the DLL concerned.

To disable strong name validation, add this key to the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\StrongName\Verification\<filename without extension>,<public key token>

For 64-bit systems, you need to add this key as well:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\StrongName\Verification\<filename without extension>,<public key token>

Note that disabling strong name validation is recommended for testing purposes only, as this could represent a security issue.