As per the question,
Is it possible to specify a reference to another assembly, requiring a specific version but not insisting on a specific publickeytoken? My gut feel is no (since I'm guessing when versions are specified, the entire fully qualified assembly name is used which includes both version AND pkt)
So if I have this scenario:
v1.0 of Assembly A (unsigned)
v1.0 of Assembly B that requires v1.0 of Assembly A
Can I, without the source code, re-sign the assemblies (via ildasm + ilasm) so I have working versions of A & B, signed?
So this doesn't quite answer the question, but solved my underlying scenario with moving a pair of unsigned assemblies to signed versions while maintaining the specific version requirement. It turns out that when you're re-signing the assemblies, before you ilasm them, you can open up the .il and take a look near the top and add the specific publickeytoken for the references, like below:
// Metadata version: v2.0.50727
.assembly extern mscorlib
{
.publickeytoken = (B7 7A 5C 56 19 34 E0 89 ) // .z\V.4..
.ver 2:0:0:0
}
.assembly extern My.Assembly
{
.publickeytoken = (3E 5D C7 B6 5B C4 C7 0E ) // .z\V.4..
.ver 1:0:0:0
}
.assembly extern System.Core
{
.publickeytoken = (B7 7A 5C 56 19 34 E0 89 ) // .z\V.4..
.ver 3:5:0:0
}
When compiled, everything should work as expected :)