[GH-ISSUE #99] Determinism? #80

New issue

Closed

opened 2026-02-25 21:30:37 +03:00 by kerem · 2 comments

kerem commented

2026-02-25 21:30:37 +03:00

Owner

Originally created by @KirillOsenkov on GitHub (Aug 26, 2024).
Original GitHub issue: https://github.com/brutaldev/StrongNameSigner/issues/99

I think I'm seeing the public key token of the assemblies signed by StrongNameSigner differ across builds.

Could you please point me to the source where the key pair is generated?

I'm wondering if we could make it deterministic, e.g. derive the public key token from the SHA hash of the assembly name.

Would be nice to have it deterministic and not change across builds (always same public key token for the same assembly) because this way you can add a binding redirect to the app.config and specify the public key token.

Thanks!

Originally created by @KirillOsenkov on GitHub (Aug 26, 2024). Original GitHub issue: https://github.com/brutaldev/StrongNameSigner/issues/99 I think I'm seeing the public key token of the assemblies signed by StrongNameSigner differ across builds. Could you please point me to the source where the key pair is generated? I'm wondering if we could make it deterministic, e.g. derive the public key token from the SHA hash of the assembly name. Would be nice to have it deterministic and not change across builds (always same public key token for the same assembly) because this way you can add a binding redirect to the app.config and specify the public key token. Thanks!

kerem

2026-02-25 21:30:37 +03:00

closed this issue
added the
question
label

kerem commented

2026-02-25 21:30:37 +03:00

Author

Owner

@brutaldev commented on GitHub (Aug 26, 2024):

Hi @KirillOsenkov

If you do not specify a key file to use, then one is generated each time you run it.

If you are using the console application, use the -k argument with a path to your own key file.
If you are using the build task, then you can set the $(StrongNameKeyFile) variable for the MSBuild target.

To generate a strong name key file, follow the steps highlighted here: https://learn.microsoft.com/en-us/dotnet/standard/assembly/create-public-private-key-pair
You can also use your own PFX file if you are signing your own assemblies that way.

@brutaldev commented on GitHub (Aug 26, 2024): Hi @KirillOsenkov If you do not specify a key file to use, then [one is generated](https://github.com/brutaldev/StrongNameSigner/blob/fe3e5024abfc0cdc7339dec66cc22dd5994d8f73/src/Brutal.Dev.StrongNameSigner/SigningHelper.cs#L530) each time you run it. If you are using the console application, use the `-k` argument with a path to your own key file. If you are using the build task, then you can set the `$(StrongNameKeyFile)` variable for the [MSBuild target](https://github.com/brutaldev/StrongNameSigner/blob/fe3e5024abfc0cdc7339dec66cc22dd5994d8f73/src/Brutal.Dev.StrongNameSigner/StrongNameSigner.targets#L9). To generate a strong name key file, follow the steps highlighted here: https://learn.microsoft.com/en-us/dotnet/standard/assembly/create-public-private-key-pair You can also use your own PFX file if you are signing your own assemblies that way.

kerem commented

2026-02-25 21:30:37 +03:00

Author

Owner

@KirillOsenkov commented on GitHub (Aug 26, 2024):

Thanks!

@KirillOsenkov commented on GitHub (Aug 26, 2024): Thanks!