Use the SignedFileContentKey as the key to the engine dictionary in S…

…ignTool (#8002)

* Make the engine dictionary smarter

When releasing an sdk-only release (where the sdk is new, but everything else has already been released), we occasionally end up in a state where we have two engines with the same filename but are different files, so we attempt to add them to the dictionary twice. This change does two different things:

1) Use the SignedFileContentKey as the key to the engine dictionary. This will prevent duplicate adds to it.
2) Extract the engines from two different files with the same filename to two different directories by using Guids. This will prevent us from extracting them to the same place (which insignia allows, but means that when we File.Delete later, the first copy will get signed but the second copy will have nothing, and would likely fail).

* Fix

* Fix the tests for signtool change

src/Microsoft.DotNet.SignTool.Tests/SignToolTests.cs

@@ -786,7 +786,7 @@ public void DoubleNestedContainer()
 $@"<FilesToSign Include=""{Uri.EscapeDataString(Path.Combine(_tmpDir, "ContainerSigning", "4", "ABCDEFG/MsiSetup.msi"))}"">
   <Authenticode>Microsoft400</Authenticode>
 </FilesToSign>",
-$@"<FilesToSign Include=""{Uri.EscapeDataString(Path.Combine(_tmpDir, "engines\\MsiBootstrapper.exe-engine.exe"))}"">
+$@"<FilesToSign Include=""{Uri.EscapeDataString(Path.Combine(_tmpDir, "engines\\0\\MsiBootstrapper.exe-engine.exe"))}"">
   <Authenticode>Microsoft400</Authenticode>
 </FilesToSign>",
 $@"<FilesToSign Include=""{Uri.EscapeDataString(Path.Combine(_tmpDir, "ContainerSigning", "4", "MsiBootstrapper.exe"))}"">
@@ -1195,7 +1195,7 @@ public void SignMsiEngine()
 $@"<FilesToSign Include=""{Uri.EscapeDataString(Path.Combine(_tmpDir, "ContainerSigning", "0", "ABCDEFG/MsiSetup.msi"))}"">
   <Authenticode>Microsoft400</Authenticode>
 </FilesToSign>",
- $@"<FilesToSign Include=""{Uri.EscapeDataString(Path.Combine(_tmpDir, "engines", "MsiBootstrapper.exe-engine.exe"))}"">
+ $@"<FilesToSign Include=""{Uri.EscapeDataString(Path.Combine(_tmpDir, "engines", "0", "MsiBootstrapper.exe-engine.exe"))}"">
   <Authenticode>Microsoft400</Authenticode>
 </FilesToSign>",
  $@"<FilesToSign Include=""{Uri.EscapeDataString(Path.Combine(_tmpDir, "MsiBootstrapper.exe"))}"">

src/Microsoft.DotNet.SignTool/src/BatchSignUtil.cs

@@ -153,25 +153,30 @@ bool signEngines(IEnumerable<FileSignInfo> files, out int signedCount)
 
                 _log.LogMessage(MessageImportance.High, $"Round {round}: Signing {enginesToSign.Length} engines.");
 
-                Dictionary<string, FileSignInfo> engines = new Dictionary<string, FileSignInfo>();
+                Dictionary<SignedFileContentKey, FileSignInfo> engines = new Dictionary<SignedFileContentKey, FileSignInfo>();
                 var workingDirectory = Path.Combine(_signTool.TempDir, "engines");
+                int engineContainer = 0;
                 // extract engines
                 foreach (var file in enginesToSign)
                 {
-                    string engineFileName = $"{Path.Combine(workingDirectory, file.FileName)}{SignToolConstants.MsiEngineExtension}";
+                    string engineFileName = $"{Path.Combine(workingDirectory, $"{engineContainer}", file.FileName)}{SignToolConstants.MsiEngineExtension}";
                     _log.LogMessage(MessageImportance.Normal, $"Extracting engine from {file.FullPath}");
                     if (!RunWixTool("insignia.exe", $"-ib {file.FullPath} -o {engineFileName}",
                         workingDirectory, _signTool.WixToolsPath, _log))
                     {
                         _log.LogError($"Failed to extract engine from {file.FullPath}");
                         return false;
                     }
-                    engines.Add(engineFileName, file);
+
+                    var fileUniqueKey = new SignedFileContentKey(file.ContentHash, engineFileName);
+
+                    engines.Add(fileUniqueKey, file);
+                    engineContainer++;
                 }
 
                 // sign engines
                 bool signResult = _signTool.Sign(_buildEngine, round, engines.Select(engine =>
-                    new FileSignInfo(new PathWithHash(engine.Key, engine.Value.ContentHash), engine.Value.SignInfo)));
+                    new FileSignInfo(new PathWithHash(engine.Key.FileName, engine.Value.ContentHash), engine.Value.SignInfo)));
                 if(!signResult)
                 {
                     _log.LogError($"Failed to sign engines");
@@ -181,12 +186,12 @@ bool signEngines(IEnumerable<FileSignInfo> files, out int signedCount)
                 // attach engines
                 foreach (var engine in engines)
                 {
-                    _log.LogMessage(MessageImportance.Normal, $"Attaching engine {engine.Key} to {engine.Value.FullPath}");
+                    _log.LogMessage(MessageImportance.Normal, $"Attaching engine {engine.Key.FileName} to {engine.Value.FullPath}");
 
                     try
                     {
                         if (!RunWixTool("insignia.exe",
-                            $"-ab {engine.Key} {engine.Value.FullPath} -o {engine.Value.FullPath}", workingDirectory,
+                            $"-ab {engine.Key.FileName} {engine.Value.FullPath} -o {engine.Value.FullPath}", workingDirectory,
                             _signTool.WixToolsPath, _log))
                         {
                             _log.LogError($"Failed to attach engine to {engine.Value.FullPath}");
@@ -196,7 +201,7 @@ bool signEngines(IEnumerable<FileSignInfo> files, out int signedCount)
                     finally
                     {
                         // cleanup engines (they fail signing verification if they stay in the drop
-                        File.Delete(engine.Key);
+                        File.Delete(engine.Key.FileName);
                     }
                 }
                 return true;