Assembly signing #45
Comments
|
We wanted to migrate our codebase to .NET Core, this requires changing the ManagedEsent package from https://www.nuget.org/packages/ManagedEsent/ Unfortunately the latter isn't signed. So this one package is currently blocking us migrating to .NET Core. All the other packages we use are signed. Is there any plan to sign the published nuget package, if so could you say when? It would be good to know so we can put a date on our roadmap for .NET Core support. |
|
On closer inspection it looks like the new ManagedEsent DLL is signed, however it doesn't have a strong name, so I get this: This illustrates the problem: E:\packages\managedesent\1.9.4\lib\net40>sn -T Esent.Interop.dll Microsoft (R) .NET Framework Strong Name Utility Version 4.0.30319.0 E:\packages\microsoft.database.managedesent\2.0.1\lib\netstandard2.0>sn -T Esent.Interop.dll Microsoft (R) .NET Framework Strong Name Utility Version 4.0.30319.0 And here's what I get when I run my app: System.IO.FileLoadException: 'Could not load file or assembly 'Esent.Interop, Version=1.9.4.1, Culture=neutral, PublicKeyToken=null' or one of its dependencies. A strongly-named assembly is required. (Exception from HRESULT: 0x80131044)' |
|
The issue could be as simple as a missing snk file, the EsentInterop.csproj has the following: <SignAssembly>true</SignAssembly>
<PublicKeyFile>..\scripts\internal\35MSSharedLib1024.snk</PublicKeyFile>
</PropertyGroup>
<!-- The .snk file won't be published to codeplex. -->
<PropertyGroup Condition="Exists('$(PublicKeyFile)')">
<DefineConstants>$(DefineConstants);STRONG_NAMED</DefineConstants>
<DelaySign>true</DelaySign>
<AssemblyOriginatorKeyFile>$(PublicKeyFile)</AssemblyOriginatorKeyFile>
</PropertyGroup> |
|
@stewienj As you showed, signing seems to skip if the key file does not exist by the condition on the property group. Unfortunately, if no one in the project team see this issues, we have to move to another database when we need strong name for libraries. |
|
Sorry it took so long, the notifications had stopped sending me alerts about new issues. I will look into the build issue and publish a new package. |
|
I just pushed version 2.0.2 which should have the SN-signing issue resolved. There is no other update as I wanted to make sure this got addressed. Please let me know if there are any issues with this version. |
|
Esent.Interop.dll from nuget works fine on Windows 10 Enterprise, but gets a "Strong name validation failed" exception on Windows Server 2019 Standard. If I go to the VS2019 x64 command prompt and do: sn -v Esent.Interop.dll |
|
Thanks for letting me know. I've identified the issue in the build/signing infrastructure and am working on getting it fixed. I'll post here once it's updated. |
|
Just checked on Windows 10 Enterprise (Version 2004 Build 19041.450) and Windows 10 Pro (Version 20H2 Build 19042.1110). Both versions reported the exception mentioned above when executing "sn -v Esent.Interop.dll". So the exception might not be only with Windows Server 2019. |
|
No, it's across the board. I am working on a fix now; had to wait for some new permissions but they just came through. I'll publish version 2.0.3 shortly. |
|
Ok, try 2.0.3. It should now be using strong-name signing. |
|
In v2.0.4 there is the same signing issue again. It works with 2.0.3 though. |
|
I'll take a look at what changed in the signing process. |
|
@michaelthorp - were you able to take a look at the signing process? |
|
As a temporary solution try this: |
Hi.
I faced a build error that complains the Esent.Collections does not have strong name.
I think that the most packages distributed on nuget.org have strong name.
Do you have any reason that you don't sign your assemblies?
If you don't have any critical reason, could you sign the packages which you distribute after next version?
Or else, could you let me know how avoid this build error?
The text was updated successfully, but these errors were encountered: