-
Notifications
You must be signed in to change notification settings - Fork 354
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace strong name verification and signing with custom implementation #15309
base: main
Are you sure you want to change the base?
Replace strong name verification and signing with custom implementation #15309
Conversation
The goal here is two-fold: - Strong name checking could run on non-Windows platforms (not be reliant on sn.exe) - If a file has a valid strong name, do not strong name it. The implementation was pulled from a combination of roslyn's strong naming tests and runtime's checksum implemention and a few constants. The implementation was altered to remove need for private reflection and avoid unsafe code when calculating checksums. When a PE file is found, we check whether it has a valid strong name. If it does, and we would have tried to strong name sign it, avoid doing so. This should allow Mac and Linux machines to consume binaries from early build stages and run signtool without attempting to re-strong name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. I don't have a lot of knowledge on SN signing, so it'd be good to get another pair of eyes on this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM but I would also appreciate an additional review.
Hold on this. I've found some binaries that we build that seem to have malformed public key data. Or the metadata reader has a bug. |
da162f0
The issue was the binaries signed with the ECMA key do not include a typical public key blob. They include a nuetral blob, and the ECMA public key is actually in the verifying runtime.
|
d4882e8
to
e01610a
Compare
e01610a
to
a0c3185
Compare
Co-authored-by: Jeremy Koritzinsky <[email protected]>
Co-authored-by: Jeremy Koritzinsky <[email protected]>
…ation' into replace-sn-with-custom-implementation
I'm building up a custom arcade branch to do some final verification on this in real builds. |
https://dev.azure.com/dnceng/internal/_build/results?buildId=2605048&view=results - runtime build test |
The goal here is two-fold:
The implementation was pulled from a combination of roslyn's strong naming tests and runtime's checksum implemention and a few constants. The implementation was altered to remove need for private reflection and avoid unsafe code when calculating checksums. When a PE file is found, we check whether it has a valid strong name. If it does, and we would have tried to strong name sign it, avoid doing so.
This should allow Mac and Linux machines to consume binaries from early build stages and run signtool without attempting to re-strong name.
To double check: