Fix signing in official build with 3rd party libraries (#41346)

* Fix signing in official build with 3rd party libraries

* Update eng/Signing.props

Co-authored-by: Alexander Köplinger <alex.koeplinger@outlook.com>

diff --git a/eng/Signing.props b/eng/Signing.props
index 5b7461f..1ca34c1 100644 (file)
--- a/eng/Signing.props
+++ b/eng/Signing.props
@@ -28,6 +28,13 @@
 
       <!-- apphost and comhost template files are not signed, by design. -->
       <FileSignInfo Include="apphost.exe;singlefilehost.exe;comhost.dll" CertificateName="None" />
+
+      <!-- Third-party components which should be signed.  -->
+      <FileSignInfo Include="Newtonsoft.Json.dll" CertificateName="3PartySHA2" />
+      <FileSignInfo Include="Mono.Cecil.dll" CertificateName="3PartySHA2" />
+      <FileSignInfo Include="Mono.Cecil.Mdb.dll" CertificateName="3PartySHA2" />
+      <FileSignInfo Include="Mono.Cecil.Pdb.dll" CertificateName="3PartySHA2" />
+      <FileSignInfo Include="Mono.Cecil.Rocks.dll" CertificateName="3PartySHA2" />
     </ItemGroup>
 
     <ItemGroup Condition="'$(CrossTargetComponentFolder)' != ''">
@@ -109,14 +116,6 @@
     </ItemGroup>
 
     <ItemGroup>
-      <!-- External files -->
-      <ItemsToSign Remove="@(ItemsToSign->WithMetadataValue('Filename', 'Newtonsoft.Json'))" />
-      <ItemsToSign Remove="@(ItemsToSign->WithMetadataValue('Filename', 'Mono.Cecil'))" />
-      <ItemsToSign Remove="@(ItemsToSign->WithMetadataValue('Filename', 'Mono.Cecil.Pdb'))" />
-      <ItemsToSign Remove="@(ItemsToSign->WithMetadataValue('Filename', 'Mono.Cecil.Rocks'))" />
-    </ItemGroup>
-
-    <ItemGroup>
       <ItemsToSign Update="@(ItemsToSign)" Authenticode="$(CertificateId)" />
     </ItemGroup>