dotnet / runtime

.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
https://docs.microsoft.com/dotnet/core/
MIT License
15.23k stars 4.72k forks source link

ILAsm should support full signing #12132

Open ericstj opened 5 years ago

ericstj commented 5 years ago

Roslyn can do full-signing on CoreCLR, ILAsm should do the same. https://github.com/dotnet/roslyn/issues/8210

/cc @jkotas

jkotas commented 5 years ago

I do not think it makes sense to build full strong name signing into .NET Core ilasm.

If we need a full-signing in .NET Core build tooling for some reason, it should be built as separate managed tool that will handle this for all compilers.

ericstj commented 5 years ago

I noticed this when playing around with ILproj projects. Our default is sign new assemblies with the open key which contains a public/private pair and this failed. We can workaround it for sure, but I felt like the "right fix" was to address it in the tool.

gerhard17 commented 4 years ago

As a proof of concept I started migrating our .net framework infrastructure to .net 5 (rc1). We post process some assemblies with ildasm and ilasm. And I ran in exactly in this problem.

Remark: All of our assemblies are signed with a strong key, which is even checked by Anti-Maleware inside the company.

gerhard17 commented 4 years ago

Btw... Is delay-signing possible for ilasm? Too bad I found no documentation for ildasm/ilasm nuget packages. Only the documentation in ".NET Framework Tools" hosted at microsoft.