Could not load file or assembly 'dotNetRdf.Client' or one of its dependencies. Strong name signature could not be verified.

[berezovskyi]

Hi, I am trying to update our OSLC4Net SDK from .NET 4.8 / dotNetRDF 1.0 to .NET Standard 2.0 + dotNetRDF 3.0.1 (.NET 6.0+ if .NET Standard 2.0 turns out to be insufficient).

I ran into the following issue after doing the migration when trying to use our newly migrated libraries under ASP.NET MVC 5 and .NET 4.8 (we are in process of migrating those too):

Could not load file or assembly 'dotNetRdf.Client' or one of its dependencies. Strong name signature could not be verified. The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)

I found #562 to be related, but not sure if the error is caused by a mistake on my side or the incomplete signing from the dotNetRDF side.

Thank you in advance for the help!

Stacktrace

[FileLoadException: Could not load file or assembly 'dotNetRdf.Client' or one of its dependencies. Strong name signature could not be verified.  The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)]

[FileLoadException: Could not load file or assembly 'dotNetRdf.Client, Version=3.0.1.0, Culture=neutral, PublicKeyToken=6055ffe4c97cc780' or one of its dependencies. Strong name signature could not be verified.  The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)]
   System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks) +0
   System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, RuntimeAssembly reqAssembly, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks) +232
   System.Reflection.RuntimeAssembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean forIntrospection) +113
   System.Reflection.RuntimeAssembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +23
   System.Reflection.Assembly.Load(String assemblyString) +35
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +49

[ConfigurationErrorsException: Could not load file or assembly 'dotNetRdf.Client, Version=3.0.1.0, Culture=neutral, PublicKeyToken=6055ffe4c97cc780' or one of its dependencies. Strong name signature could not be verified.  The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)]
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +762
   System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() +259
   System.Web.Configuration.CompilationSection.LoadAssembly(AssemblyInfo ai) +167
   System.Web.Compilation.BuildManager.GetReferencedAssemblies(CompilationSection compConfig) +238
   System.Web.Compilation.BuildManager.GetPreStartInitMethodsFromReferencedAssemblies() +78
   System.Web.Compilation.BuildManager.CallPreStartInitMethods(String preStartInitListPath, Boolean& isRefAssemblyLoaded) +334
   System.Web.Compilation.BuildManager.ExecutePreAppStart() +178
   System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters, PolicyLevel policyLevel, Exception appDomainCreationException) +746

[HttpException (0x80004005): Could not load file or assembly 'dotNetRdf.Client, Version=3.0.1.0, Culture=neutral, PublicKeyToken=6055ffe4c97cc780' or one of its dependencies. Strong name signature could not be verified.  The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)]
   System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +552
   System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +122
   System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +732

P.S. I tried to remove the dependency on dotNetRDF and replace it with a dep only on dotNetRDF.Core but the effect is similar:

Details

[FileLoadException: Could not load file or assembly 'dotNetRdf' or one of its dependencies. Strong name signature could not be verified.  The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)]

[FileLoadException: Could not load file or assembly 'dotNetRdf, Version=3.0.1.0, Culture=neutral, PublicKeyToken=6055ffe4c97cc780' or one of its dependencies. Strong name signature could not be verified.  The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)]
   System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks) +0
   System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, RuntimeAssembly reqAssembly, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks) +232
   System.Reflection.RuntimeAssembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean forIntrospection) +113
   System.Reflection.RuntimeAssembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +23
   System.Reflection.Assembly.Load(String assemblyString) +35
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +49

[ConfigurationErrorsException: Could not load file or assembly 'dotNetRdf, Version=3.0.1.0, Culture=neutral, PublicKeyToken=6055ffe4c97cc780' or one of its dependencies. Strong name signature could not be verified.  The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)]
   System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +762
   System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() +259
   System.Web.Configuration.CompilationSection.LoadAssembly(AssemblyInfo ai) +167
   System.Web.Compilation.BuildManager.GetReferencedAssemblies(CompilationSection compConfig) +238
   System.Web.Compilation.BuildManager.GetPreStartInitMethodsFromReferencedAssemblies() +78
   System.Web.Compilation.BuildManager.CallPreStartInitMethods(String preStartInitListPath, Boolean& isRefAssemblyLoaded) +334
   System.Web.Compilation.BuildManager.ExecutePreAppStart() +178
   System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters, PolicyLevel policyLevel, Exception appDomainCreationException) +746

[HttpException (0x80004005): Could not load file or assembly 'dotNetRdf, Version=3.0.1.0, Culture=neutral, PublicKeyToken=6055ffe4c97cc780' or one of its dependencies. Strong name signature could not be verified.  The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)]
   System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +552
   System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +122
   System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +732

[kal]

Hi @berezovskyi

With the 3.0.1 release we did change the assemblies to be "fake signed" using the PublicSign option. This appears to be the recommended approach for OSS libraries. However I have just found this document which lists the limitations of public signing as an approach:

• You will not be able to install the assembly to the Global Assembly Cache (GAC)
• You will not be able to load the assembly in an AppDomain where shadow copying is turned on.
• You will not be able to load the assembly in a partially trusted AppDomain
• You will not be able to pre-compile ASP.NET applications

I'm guessing that it is that last bullet that is the problem for you? Do you precompile the ASP.NET application? If you don't precompile, does the application load OK or do you still get an error?

When I changed the signing to PublicSign I didn't know that there was that restriction and that does feel like its a real problem for migrating ASP.NET applications to the 3.0 release and maybe means that we should reinstate the full signing of the assemblies, but before doing that it would be good to know if this really is the problem you are hitting!

[berezovskyi]

Thanks for a quick reply, @kal, and pointing me to this list of limitations. I looked inside the csproj file of the ASP.NET MVC app and it seems to have <MvcBuildViews>false</MvcBuildViews>, which should indicate that the pre-compilation is off.

However, I managed to solve the problem by adding <hostingEnvironment shadowCopyBinAssemblies="false" /> under the system.web tag in my Web.config file to address the limitation no. 2.

Thank you again!