eng/Signing.props

   1 <Project>
   2   <Import Project="..\dir.props"/>
   3   <Import Project="..\dir.targets" />
   4
   5   <PropertyGroup>
   6     <!-- The SignFiles target needs OutDir to be defined -->
   7     <OutDir>$(BinDir)</OutDir>
   8   </PropertyGroup>
   9
  10   <UsingTask AssemblyFile="$(BuildToolsTaskDir)Microsoft.DotNet.Build.Tasks.dll" TaskName="ReadSigningRequired" />
  11
  12   <ItemGroup>
  13     <WindowsNativeLocation Include="$(BinDir)*.dll" />
  14     <WindowsNativeLocation Include="$(BinDir)*.exe" />
  15   </ItemGroup>
  16
  17   <ItemGroup Condition="'$(BuildArch)' == 'x86'">
  18     <!-- Sign api-ms-win-core-xstate-l2-1-0 binary as it is only catalog signed in the current SDK. -->
  19     <WindowsNativeLocation Condition="'$(BuildType)'=='Release'" Include="$(BinDir)Redist\ucrt\DLLs\$(BuildArch)\api-ms-win-core-xstate-l2-1-0.dll" />
  20   </ItemGroup>
  21
  22   <!-- sign the cross targeted files as well -->
  23   <ItemGroup Condition="'$(CrossTargetComponentFolder)' != ''">
  24     <WindowsNativeLocation Include="$(BinDir)$(CrossTargetComponentFolder)/*.dll" />
  25     <WindowsNativeLocation Include="$(BinDir)$(CrossTargetComponentFolder)/*.exe" />
  26   </ItemGroup>
  27
  28   <Target Name="GenerateSignForWindowsNative">
  29     <!--
  30       Managed assemblies should already have a requires_signing file dropped so only generate
  31       a requires_signing file for ones that don't exist which should leave just native assembies
  32     -->
  33     <WriteSigningRequired AuthenticodeSig="$(AuthenticodeSig)"
  34                           MarkerFile="%(WindowsNativeLocation.Identity).requires_signing"
  35                           Condition="!Exists('%(WindowsNativeLocation.Identity).requires_signing')" />
  36   </Target>
  37
  38   <!-- populates item group ItemsToSign with the list of files to sign -->
  39   <Target Name="GetFilesToSignItems"
  40           DependsOnTargets="GenerateSignForWindowsNative"
  41           BeforeTargets="ValidateSignFileListIsNotEmpty">
  42     <!-- read all of the marker files and populate the ItemsToSign item group -->
  43     <ItemGroup>
  44       <SignMarkerFile Include="$(OutDir)**\*.requires_signing" />
  45     </ItemGroup>
  46     <ReadSigningRequired MarkerFiles="@(SignMarkerFile)">
  47       <Output TaskParameter="SigningMetadata" ItemName="ItemsToSign" />
  48     </ReadSigningRequired>
  49
  50     <Message Importance="High" Text="Attempting to sign %(ItemsToSign.Identity) with authenticode='%(ItemsToSign.Authenticode)' and strongname='%(ItemsToSign.StrongName)'" />
  51   </Target>
  52
  53   <Target Name="ValidateSignFileListIsNotEmpty" BeforeTargets="Sign">
  54     <Error Condition="'@(ItemsToSign)' == ''" Text="List of files to sign is empty" />
  55   </Target>
  56 </Project>