.NET Assembly Key Public Key Clarification
Quote from Wikipedia: "public key token". This is a 64-bit hash of the public key that corresponds to the private key used to sign 1 assembly. The signed assembly is considered to have a strong name. "[Source: http://en.wikipedia.org/wiki/.NET_assemblies ]
It is right? I believe this is inconsistent with the following explanation: "Signing an assembly involves accepting a hash of important parts of the assembly and then encrypting the hash with the private key. The signed hash is stored in the assembly along with the public key."
Is the first quote correct. Could you explain the signing process in simple terms.
EDIT: My question is, is this a hashed public key or a hash encrypted with a key?
a source to share
MSDN is always your best (and almost invariably perfectly accurate) source for this kind of thing. On the Creating and Using Strong Named Assemblies page :
A strong name consists of an assembly - a plain text name, version number, and culture information (if provided) - plus a public key and digital signature. This is generated from the assembly file using the appropriate private key. (The assembly file contains the assembly manifest, which contains the names and hashes of all the files that make up the assembly.)
So, Wikipedia seems to be vaguely correct, but won't tell the whole story there.
This MSDN page also links to some articles that go into more detail on signing .NET assembly signatures with a high name.
a source to share
The public key is based on the key that is used to sign the assembly, so if you take two assemblies and sign them with the same key, the public key token will be the same.
However, their signature (data added to the assembly by the signing process) will not be the same as they are based on the content of the assembly as well as the key.
a source to share