Replace strong name verification and signing with custom implementation #15309
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The goal here is two-fold: - Strong name checking could run on non-Windows platforms (not be reliant on sn.exe) - If a file has a valid strong name, do not strong name it. The implementation was pulled from a combination of roslyn's strong naming tests and runtime's checksum implemention and a few constants. The implementation was altered to remove need for private reflection and avoid unsafe code when calculating checksums. When a PE file is found, we check whether it has a valid strong name. If it does, and we would have tried to strong name sign it, avoid doing so. This should allow Mac and Linux machines to consume binaries from early build stages and run signtool without attempting to re-strong name.
ellahathaway
previously approved these changes
Dec 6, 2024
ViktorHofer
previously approved these changes
Dec 8, 2024
|
Hold on this. I've found some binaries that we build that seem to have malformed public key data. Or the metadata reader has a bug. |
mmitche
dismissed stale reviews from ViktorHofer and ellahathaway
via
da162f0
|
The issue was the binaries signed with the ECMA key do not include a typical public key blob. They include a nuetral blob, and the ECMA public key is actually in the verifying runtime.
|
mmitche
changed the title
mmitche
force-pushed
the
replace-sn-with-custom-implementation
branch
from
d4882e8 to
e01610a
Compare
mmitche
force-pushed
the
replace-sn-with-custom-implementation
branch
from
e01610a to
a0c3185
Compare
Co-authored-by: Jeremy Koritzinsky <[email protected]>
Co-authored-by: Jeremy Koritzinsky <[email protected]>
…ation' into replace-sn-with-custom-implementation
|
I'm building up a custom arcade branch to do some final verification on this in real builds. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The goal here is two-fold:
The implementation was pulled from a combination of roslyn's strong naming tests and runtime's checksum implemention and a few constants. The implementation was altered to remove need for private reflection and avoid unsafe code when calculating checksums. When a PE file is found, we check whether it has a valid strong name. If it does, and we would have tried to strong name sign it, avoid doing so.
This should allow Mac and Linux machines to consume binaries from early build stages and run signtool without attempting to re-strong name.
To double check: