Add support for public sign to csc #6776
Conversation
Sometimes called "fake sign" or "OSS sign" public signing is including the public key in an output assembly and setting the "signed" flag, but not actually signing the assembly with a private key. This is useful for open source projects where people want to build assemblies which are compatible with the released "fully signed" assemblies, but don't have access to the private key used to sign the assemblies. Since almost no consumers actually need to check if the assembly is fully signed, these publicly built assemblies are useable in almost every scenario that the fully signed one would be used in. This PR implements support only for C# -- VB will be added soon. If being used at the command line, the /publicsign flag can be passed to csc and the /keyfile flag can specify the public key. Unlike fully signing, a full key pair encoded in the SNK file format is not currently supported. When using /publicsign, just the public key must be in the /keyfile file. When using the API, the public key can be passed directly using the CryptoPublicKey CompilationOption.
|
@dotnet/roslyn-compiler @tmat Please review |
|
@davidfowl FYI. This change also requires the |
|
@agocke Where is the code that extracts only the public key from the keyfile? Specifically https://github.com/aspnet/dnx/blob/72b0f325959a06d7b9d92aa438df0dc889a73ec3/src/Microsoft.Dnx.Compilation.CSharp.Common/SnkUtils.cs |
|
@davidfowl It is a breaking change, but we never intended for that to be the indicator that public signing was enabled. For the parser splitting, there is no code for that yet. I'm currently writing a parser that should get rid of all our uses of IStrongName.GetPublicKey, but this is the quickest way to get the functionality without the parser -- the public key must just be written to the file, instead of the public/private key pair. |
|
@agocke So to get the same functionality we have in dnx today there needs to be some other process that extracts the public key from a real snk file, writes it on disk, and then hand it into csc? |
|
@agocke I would still prefer not to have an extra option and do OSS signing automatically when the .snk file only contains public key. To keep it simple. The chances of using accidentally .snk file with public key only instead of full key are low, same as accidentally using a different key than intended. |
|
@davidfowl I believe you already have an SNK parser and pass the key to the CryptoPublicKey option. You can do the same thing now, just also set PublicKey sign to true. Is that a big ask? |
|
I'd rather not write a temp file to disk. The compiler can extract it from the existing file on disk and do that in memory. |
|
@davidfowl Are we still talking about DNX? Since you construct your compilation options in memory you don't have to write the public key out to disk -- just pass it to CryptoPublickKey here: |
|
@davidfowl I would also say that most public sign consumers would just store the public key in a file split out from the snk file, since the snk file couldn't be checked into version control, but the public key can. |
|
test prtest/win/dbg/unit64 please |
|
@tmat @davidfowl Added a key blob parser. Unfortunately, completely removing the StrongNameProvider.CreateKeys API is more complicated -- |
| parsedArgs = DefaultParse(new[] { "/publicsign:-", "a.cs" }, _baseDirectory); | ||
| parsedArgs.Errors.Verify( | ||
| // error CS2007: Unrecognized option: '/publicsign:-' | ||
| Diagnostic(ErrorCode.ERR_BadSwitch).WithArguments("/publicsign:-").WithLocation(1, 1)); |
| @@ -9,6 +9,7 @@ | |||
| using Microsoft.CodeAnalysis.Collections; | |||
| using Microsoft.CodeAnalysis.Interop; | |||
| using Roslyn.Utilities; | |||
| using System.Threading; | |||
| @@ -0,0 +1,312 @@ | |||
| using Microsoft.CodeAnalysis.Collections; | |||
|
@dotnet/roslyn-compiler Ping -- please review |
|
LGTM |
| generalDiagnosticOption, | ||
| specificDiagnosticOptions, | ||
| concurrentBuild, | ||
| deterministic:=False,' TODO: fix this |
There was a problem hiding this comment.
Maybe have a issue number for this TODO?
There was a problem hiding this comment.
The TODO was there when I copied this code. I don't know what's to be done here -- @TyOverby did you originally leave this TODO?
| @@ -473,6 +492,8 @@ protected override CompilationOptions CommonWithPlatform(Platform platform) | |||
| return WithPlatform(platform); | |||
| } | |||
|
|
|||
| protected override CompilationOptions CommonWithPublicSign(bool publicSign) => WithPublicSign(publicSign); | |||
There was a problem hiding this comment.
I don't have a strong preference between => and {} for single line methods. But it does irk the OCD part of my brain when we have types that mix the two styles with identical code. I think we should keep the existing style in this file or move everything to =>
|
Is there a bug filed for the MSBuild work needed as the follow up to this change? |
|
LGTM |
|
@jaredpar I was going to file bugs for the follow-on work after it was merged. |
|
@jaredpar Was that a +1 ;) |
|
@agocke it was a 👍 assuming you fixed the other feedback but it oloks like you have now so yes 👍 |
Add support for public sign to csc
Sometimes called "fake sign" or "OSS sign" public signing is including
the public key in an output assembly and setting the "signed" flag, but
not actually signing the assembly with a private key. This is useful for
open source projects where people want to build assemblies which are
compatible with the released "fully signed" assemblies, but don't have
access to the private key used to sign the assemblies. Since almost no
consumers actually need to check if the assembly is fully signed, these
publicly built assemblies are useable in almost every scenario that the
fully signed one would be used in.
This PR implements support only for C# -- VB will be added soon. If
being used at the command line, the /publicsign flag can be passed to
csc and the /keyfile flag can specify the public key. Unlike fully
signing, a full key pair encoded in the SNK file format is not currently
supported. When using /publicsign, just the public key must be in the
/keyfile file.
When using the API, the public key can be passed directly using the
CryptoPublicKey CompilationOption.