summaryrefslogtreecommitdiff
path: root/eng/Signing.props
diff options
context:
space:
mode:
Diffstat (limited to 'eng/Signing.props')
-rw-r--r--eng/Signing.props61
1 files changed, 61 insertions, 0 deletions
diff --git a/eng/Signing.props b/eng/Signing.props
new file mode 100644
index 0000000000..c51b9d3d41
--- /dev/null
+++ b/eng/Signing.props
@@ -0,0 +1,61 @@
+<Project>
+ <Import Project="..\dir.props"/>
+ <Import Project="..\dir.targets" />
+
+ <PropertyGroup>
+ <!-- The SignFiles target needs OutDir to be defined -->
+ <OutDir>$(BinDir)</OutDir>
+ </PropertyGroup>
+
+ <UsingTask AssemblyFile="$(BuildToolsTaskDir)Microsoft.DotNet.Build.Tasks.dll" TaskName="ReadSigningRequired" />
+
+ <ItemGroup>
+ <WindowsNativeLocation Include="$(BinDir)*.dll" />
+ <WindowsNativeLocation Include="$(BinDir)*.exe" />
+ </ItemGroup>
+
+ <ItemGroup Condition="'$(BuildArch)' == 'x86'">
+ <!-- Sign api-ms-win-core-xstate-l2-1-0 binary as it is only catalog signed in the current SDK. -->
+ <WindowsNativeLocation Condition="'$(BuildType)'=='Release'" Include="$(BinDir)Redist\ucrt\DLLs\$(BuildArch)\api-ms-win-core-xstate-l2-1-0.dll" />
+ </ItemGroup>
+
+ <!-- sign the cross targeted files as well -->
+ <ItemGroup Condition="'$(CrossTargetComponentFolder)' != ''">
+ <WindowsNativeLocation Include="$(BinDir)$(CrossTargetComponentFolder)/*.dll" />
+ <WindowsNativeLocation Include="$(BinDir)$(CrossTargetComponentFolder)/*.exe" />
+ </ItemGroup>
+
+ <Target Name="GenerateSignForWindowsNative">
+ <!--
+ Managed assemblies should already have a requires_signing file dropped so only generate
+ a requires_signing file for ones that don't exist which should leave just native assembies
+ -->
+ <WriteSigningRequired AuthenticodeSig="$(AuthenticodeSig)"
+ MarkerFile="%(WindowsNativeLocation.Identity).requires_signing"
+ Condition="!Exists('%(WindowsNativeLocation.Identity).requires_signing')" />
+ </Target>
+
+ <!-- populates item group ItemsToSign with the list of files to sign -->
+ <Target Name="GetFilesToSignItems"
+ DependsOnTargets="GenerateSignForWindowsNative"
+ BeforeTargets="ValidateSignFileListIsNotEmpty">
+ <!-- read all of the marker files and populate the ItemsToSign item group -->
+ <ItemGroup>
+ <SignMarkerFile Include="$(OutDir)**\*.requires_signing" />
+ </ItemGroup>
+ <ReadSigningRequired MarkerFiles="@(SignMarkerFile)">
+ <Output TaskParameter="SigningMetadata" ItemName="ItemsToSign" />
+ </ReadSigningRequired>
+
+ <!-- Temporarily disable signing CoreLib due to https://github.com/dotnet/arcade/issues/1582 -->
+ <ItemGroup>
+ <ItemsToSign Remove="$(BinDir)System.Private.CoreLib.dll" />
+ </ItemGroup>
+
+ <Message Importance="High" Text="Attempting to sign %(ItemsToSign.Identity) with authenticode='%(ItemsToSign.Authenticode)' and strongname='%(ItemsToSign.StrongName)'" />
+ </Target>
+
+ <Target Name="ValidateSignFileListIsNotEmpty" BeforeTargets="Sign">
+ <Error Condition="'@(ItemsToSign)' == ''" Text="List of files to sign is empty" />
+ </Target>
+</Project> \ No newline at end of file