ReadyToRun assemblies don't get strong name signed

dotnet / sdk

Core functionality needed to create .NET Core projects, that is shared between Visual Studio and CLI

https://dot.net/core

MIT License

2.6k stars 1.03k forks source link

ReadyToRun assemblies don't get strong name signed #20032

Open novinc opened 2 years ago

novinc commented 2 years ago

When publishing a project with

<PublishReadyToRun>True</PublishReadyToRun>
<SignAssembly>true</SignAssembly>
<DelaySign>true</DelaySign>
<AssemblyOriginatorKeyFile>mysignkey</AssemblyOriginatorKeyFile>

The non-R2R dlls in bin\Debug\netcoreapp3.1\win-x64 end up having a valid strong name. The R2R dlls in obj\Debug\netcoreapp3.1\win-x64\R2R end up not having a strong name.

This prevents us from signing the R2R binaries in our devops pipeline with an authenticode certificate.

davidwrighton commented 2 years ago

@eritstj Eric could your team help out with understanding what the ReadyToRun infrastructure might need to do here?

@agocke Fyi, I suspect this may be an issue with the IL trimmer as well.

novinc commented 2 years ago

One thing that I did find is that using .NET 6.0 (preview 7) this wasn't a problem (R2R binaries end up having a strong name). The difference seems to be crossgen vs crossgen2? I did notice though that adding in the new ReadyToRunComposite feature in my csproj, I ran into the same thing with the composite binary (no strong name on it)