I have an unsigned test application MyApp that references an unsigned DLL MyDll. I recently signed MyDll and want to test it against MyApp in the field, but the application no longer runs. I do this by merely overwriting MyDll. I do not want to have to recompile MyApp.
Fusion log viewer proves that the issue is with the mismatched public key:
LOG: Assembly Name is: MyDll, Version=1.0.0.0, Culture=neutral, PublicKeyToken=abcd1234abcd1234
WRN: Comparing the assembly name resulted in the mismatch: PUBLIC KEY TOKEN
ERR: The assembly reference did not match the assembly definition found.
ERR: Run-from-source setup phase failed with hr = 0x80131040.
ERR: Failed to complete setup of assembly (hr = 0x80131040). Probing terminated.
In the past, I have dealt with version mismatches by creating a config file, e.g. MyApp.exe.config, with an entry like this:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<runtime>
<publisherPolicy apply="no" />
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="MyDll" publicKeyToken="abcd1234abcd1234" culture="null" />
<bindingRedirect oldVersion="1.0.0.0" newVersion="1.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
In this particular case, the version number didn't change, but I left it in there for testing.
This clearly doesn't improve anything. Fuslogvw confirms that my config file was loaded when I executed MyApp. Is there another configuration element to add to my config file that will allow my unsigned app to use a signed DLL?
Changing a dependencies signature (whether it's removal of the signature, adding it or exchanging it for another) requires you to recompile your assembly with the new dependency's signature used.
It's the point of the signature to make sure that the dependency is only loaded when the signature matches. There is no upgrading or priorities. A signature does not match no signature.
As this is a security feature, you cannot circumvent it with application configuration entries.