Calculating the public key token from a pfx file

223 views Asked by At

I would like to calculate the public key token from a pfx file and make sure that it matches the public key token of a signed assembly, but I keep running into the following issues and would love some help on how to fix it.

From within the signed assembly, I use the following code to get the public key and the public key token:

Console.WriteLine("Public Key: {0}{1}", System.BitConverter.ToString(System.Reflection.Assembly.GetExecutingAssembly().GetName().GetPublicKey()), Environment.NewLine);
Console.WriteLine("Public Key Token: {0}{1}", System.BitConverter.ToString(System.Reflection.Assembly.GetExecutingAssembly().GetName().GetPublicKeyToken()), Environment.NewLine);

And the result is the following:

Public Key: 00-24-00-00-04-80-00-00-94-00-00-00-06-02-00-00-00-24-00-00-52-53-41-31-00-04-00-00-01-00-01-00-31-71-7C-0A-A5-A0-76-6D-EF-44-BD-F6-6F-7B-BA-C2-8F-8B-8D-09-98-8D-A6-B5-5A-C6-24-96-34-13-A0-40-5D-78-89-1C-A4-4F-B4-09-11-5C-5F-97-2C-E3-AD-A7-B1-19-41-38-25-B1-21-9F-6C-6B-DA-D5-1D-62-75-A6-25-D1-04-10-CC-A0-32-9B-A1-C9-BA-3A-DA-A5-06-F9-7F-00-02-E9-3F-46-EE-C5-DC-1E-C6-95-13-49-25-F3-E5-0D-67-35-93-0D-4C-84-89-D7-36-96-00-66-74-52-09-F4-A2-4D-2C-72-85-20-44-88-9C-B1-EE-C0-21-CE

Public Key Token: 0C-C2-5B-D7-34-42-06-3D

If I use the value of the Public Key noted above, I can recalculate the Public Key Token myself in Powershell:

$assemblyPublicKeyString = “00-24-00-00-04-80-00-00-94-00-00-00-06-02-00-00-00-24-00-00-52-53-41-31-00-04-00-00-01-00-01-00-31-71-7C-0A-A5-A0-76-6D-EF-44-BD-F6-6F-7B-BA-C2-8F-8B-8D-09-98-8D-A6-B5-5A-C6-24-96-34-13-A0-40-5D-78-89-1C-A4-4F-B4-09-11-5C-5F-97-2C-E3-AD-A7-B1-19-41-38-25-B1-21-9F-6C-6B-DA-D5-1D-62-75-A6-25-D1-04-10-CC-A0-32-9B-A1-C9-BA-3A-DA-A5-06-F9-7F-00-02-E9-3F-46-EE-C5-DC-1E-C6-95-13-49-25-F3-E5-0D-67-35-93-0D-4C-84-89-D7-36-96-00-66-74-52-09-F4-A2-4D-2C-72-85-20-44-88-9C-B1-EE-C0-21-CE”.replace(‘-’,’’)
$assemblyPublicKey = New-Object byte[] ($assemblyPublicKeyString.length/2)
$assemblyPublicKey = [byte[]] -split ($assemblyPublicKeyString -replace '..', '0x$& ')
$csp = [System.Security.Cryptography.SHA1CryptoServiceProvider]::New()
$myHash = $csp.ComputeHash($assemblyPublicKey)
$myPKT = New-Object byte[] 8
for ($i = 0; $i -le ($myPKT.length - 1); $i++) { $myPKT[$i] = $myHash[$myHash.length - $i - 1]; }
[System.BitConverter]::ToString($myPKT)

The output is:

0C-C2-5B-D7-34-42-06-3D


Now, if I use the pfx file that I used to sign the assembly above, I seem to have no way to get to the same Public Key value. Here is the closest I've managed to come:

$mypwd2 = ConvertTo-SecureString -String "atempkeytotest22" -Force -AsPlainText
$mypfx = Get-PfxData -FilePath .\atempkeytotest2.pfx -Password $mypwd2
$cspBlob = $mypfx.EndEntityCertificates[0].PublicKey.Key.ExportCspBlob($false)
$snk = [System.Reflection.StrongNameKeyPair]::New($cspBlob)
[System.BitConverter]::ToString($snk.PublicKey)

And this results in the following public key:

00-A4-00-00-04-80-00-00-94-00-00-00-06-02-00-00-00-A4-00-00-52-53-41-31-00-04-00-00-01-00-01-00-31-71-7C-0A-A5-A0-76-6D-EF-44-BD-F6-6F-7B-BA-C2-8F-8B-8D-09-98-8D-A6-B5-5A-C6-24-96-34-13-A0-40-5D-78-89-1C-A4-4F-B4-09-11-5C-5F-97-2C-E3-AD-A7-B1-19-41-38-25-B1-21-9F-6C-6B-DA-D5-1D-62-75-A6-25-D1-04-10-CC-A0-32-9B-A1-C9-BA-3A-DA-A5-06-F9-7F-00-02-E9-3F-46-EE-C5-DC-1E-C6-95-13-49-25-F3-E5-0D-67-35-93-0D-4C-84-89-D7-36-96-00-66-74-52-09-F4-A2-4D-2C-72-85-20-44-88-9C-B1-EE-C0-21-CE

As you can see it differs in two bytes, in what appears to be a header. (The A4s in the beginning.)

00-A4-00-00-04-80-00-00-94-00-00-00-06-02-00-00-00-A4-00-00-...

I've tried this with several different keys. Because the public key token is a hash, it prevents me from calculating and comparing the two public key tokens.

How do I rectify this, and do you know the meaning of these values?

0

There are 0 answers