search

dotnet / runtime

.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
https://docs.microsoft.com/dotnet/core/
MIT License
15.41k stars 4.76k forks source link

Use the managed signer to remove the code signature from singlefile bundles #110063

Open jtschuster opened 10 hours ago

jtschuster commented 10 hours ago

When working on using the managed Mac signer in the SDK on non-mac hosts, I found that since the bundler uses codesign to remove the signature, we end up with an invalid signature for single file osx executables. This PR updates the bundler to use the managed signer to remove the signature.

Signing bundles requires a little more thought and effort since the headers/load commands need to be updated to include the bundle data in the file. This will be done in a separate PR.

Part of https://github.com/dotnet/runtime/issues/110055.

dotnet-policy-service[bot] commented 10 hours ago

Tagging subscribers to this area: @vitek-karas, @agocke See info in area-owners.md if you want to be subscribed.

dotnet-policy-service[bot] commented 10 hours ago

Tagging subscribers to this area: @agocke, @vitek-karas, @vsadov See info in area-owners.md if you want to be subscribed.

am11 commented 10 hours ago

since the bundler uses codesign to remove the signature, we end up with an invalid signature for single file osx executables

Was it due to some unintentional refactoring? SingleFile was a no-diff in https://github.com/dotnet/runtime/pull/108992 because it required follow-up work. I understand that ultimately we want to use managed codesign everywhere, just trying to understand do we know what went wrong?

jtschuster commented 10 hours ago

since the bundler uses codesign to remove the signature, we end up with an invalid signature for single file osx executables

Was it due to some unintentional refactoring? SingleFile was a no-diff in #108992 because it required follow-up work. I understand that ultimately we want to use managed codesign everywhere, just trying to understand do we know what went wrong?

Nothing went wrong, we would only end up with an invalid signature if we merge the SDK PR (https://github.com/dotnet/sdk/pull/45019) before this. HostWriter.CreateAppHost would create a signed SingleFile host on Windows or Linux, but then Bundler wouldn't remove it before creating the bundle, since it only does signing tasks with codesign.