I was reading CLR via c# (Fourth Edition) and in chapter 3 about strong named assembly author says:
When the compiler or AL.exe detects that you’re delay signing an assembly, it will emit the assembly’s AssemblyDef manifest entry, which will contain the assembly’s public key. Again, the presence of the public key allows the assembly to be placed in the GAC. It also allows you to build other assemblies that reference this assembly; the referencing assemblies will have the correct public key in their AssemblyRef metadata table entries. When creating the resulting assembly, space is left in the resulting PE file for the RSA digital signature. (The utility can determine how much space is necessary from the size of the public key.) Note that the file’s contents won’t be hashed at this time either.
At this point, the resulting assembly doesn’t have a valid signature. Attempting to install the assembly into the GAC will fail because a hash of the file’s contents hasn’t been done—the file appears to have been tampered with.
As you can see, in the first paragraph, he says, when we use /delaysign the assemlby's manifest will contain the public key which will aloow it be installed in GAC. But in the second paragraph, he says, since the file is not yet singed with private key, attempting to install it into GAC would fail. So, what is it? Can you install it or not?
Ok, I found it. It will not be able installed in GAC. I delay singed an assembly and tried to install in GAC, and I got this error message
Failure adding assembly to the cache: Strong name signature could not be verified. Was the assembly build delay-signed?
( Just in case someone is here wondering the same ). You can skip the hash check by
SN -Vr assembly.dll
and then you can install it in GAC and then to rehash (or rather hash) you can do this,
SN.exe -Ra assembly.dll yourStrongNameKey.PrivateKey
The only thing I am still wondering is that how can you extract this private key from .snk file, there seems to be no way to do that.