As per the question,

Is it possible to specify a reference to another assembly, requiring a specific version but not insisting on a specific publickeytoken? My gut feel is no (since I'm guessing when versions are specified, the entire fully qualified assembly name is used which includes both version AND pkt)

So if I have this scenario:

v1.0 of Assembly A (unsigned) v1.0 of Assembly B that requires v1.0 of Assembly A

Can I, without the source code, re-sign the assemblies (via ildasm + ilasm) so I have working versions of A & B, signed?

1

There are 1 answers

1
Henry C On BEST ANSWER

So this doesn't quite answer the question, but solved my underlying scenario with moving a pair of unsigned assemblies to signed versions while maintaining the specific version requirement. It turns out that when you're re-signing the assemblies, before you ilasm them, you can open up the .il and take a look near the top and add the specific publickeytoken for the references, like below:

// Metadata version: v2.0.50727
.assembly extern mscorlib
{
  .publickeytoken = (B7 7A 5C 56 19 34 E0 89 )                         // .z\V.4..
  .ver 2:0:0:0
}
.assembly extern My.Assembly
{
  .publickeytoken = (3E 5D C7 B6 5B C4 C7 0E )                         // .z\V.4..
  .ver 1:0:0:0
}
.assembly extern System.Core
{
  .publickeytoken = (B7 7A 5C 56 19 34 E0 89 )                         // .z\V.4..
  .ver 3:5:0:0
}

When compiled, everything should work as expected :)