Skip to content

Commit cfb4f0f

Browse files
siegfriedpammersiegfriedpammer
committed
Fix #3153: Always use SHA1 for public key tokens. According to ECMA-335, the hash algorithm stored in the assembly metadata is intended for file content verification purposes, not identification purposes.
1 parent 5a6f9b8 commit cfb4f0f

File tree

1 file changed

+2
-27
lines changed

1 file changed

+2
-27
lines changed

ICSharpCode.Decompiler/Metadata/MetadataExtensions.cs

Lines changed: 2 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,12 @@
11
using System;
22
using System.Buffers.Binary;
33
using System.Collections.Generic;
4-
using System.Collections.Immutable;
54
using System.Linq;
65
using System.Reflection;
76
using System.Reflection.Metadata;
87
using System.Reflection.Metadata.Ecma335;
9-
using System.Reflection.PortableExecutable;
108
using System.Security.Cryptography;
119
using System.Text;
12-
using System.Threading.Tasks;
1310

1411
using ICSharpCode.Decompiler.TypeSystem;
1512
using ICSharpCode.Decompiler.TypeSystem.Implementation;
@@ -21,33 +18,11 @@ namespace ICSharpCode.Decompiler.Metadata
2118
{
2219
public static class MetadataExtensions
2320
{
24-
static HashAlgorithm GetHashAlgorithm(this MetadataReader reader)
25-
{
26-
switch (reader.GetAssemblyDefinition().HashAlgorithm)
27-
{
28-
case AssemblyHashAlgorithm.None:
29-
// only for multi-module assemblies?
30-
return SHA1.Create();
31-
case AssemblyHashAlgorithm.MD5:
32-
return MD5.Create();
33-
case AssemblyHashAlgorithm.Sha1:
34-
return SHA1.Create();
35-
case AssemblyHashAlgorithm.Sha256:
36-
return SHA256.Create();
37-
case AssemblyHashAlgorithm.Sha384:
38-
return SHA384.Create();
39-
case AssemblyHashAlgorithm.Sha512:
40-
return SHA512.Create();
41-
default:
42-
return SHA1.Create(); // default?
43-
}
44-
}
45-
4621
static string CalculatePublicKeyToken(BlobHandle blob, MetadataReader reader)
4722
{
4823
// Calculate public key token:
49-
// 1. hash the public key using the appropriate algorithm.
50-
byte[] publicKeyTokenBytes = reader.GetHashAlgorithm().ComputeHash(reader.GetBlobBytes(blob));
24+
// 1. hash the public key (always use SHA1).
25+
byte[] publicKeyTokenBytes = SHA1.Create().ComputeHash(reader.GetBlobBytes(blob));
5126
// 2. take the last 8 bytes
5227
// 3. according to Cecil we need to reverse them, other sources did not mention this.
5328
return publicKeyTokenBytes.TakeLast(8).Reverse().ToHexString(8);

0 commit comments

Comments
 (0)