Skip to content

Commit

Permalink
Signing instructions for Newtonsoft.Json.dll added (#2601)
Browse files Browse the repository at this point in the history
* Signing instructions for Newtonsoft.Json.dll added
* Added 3rdParty signature thumbprint to the accept list.
  • Loading branch information
Haplois authored Oct 21, 2020
1 parent 2f9043d commit 81d3148
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 5 deletions.
12 changes: 8 additions & 4 deletions scripts/verify-sign.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ $env:TP_TOOLS_DIR = Join-Path $env:TP_ROOT_DIR "tools"
Write-Verbose "Setup build configuration."
$TPB_SignCertificate = $Certificate
$TPB_Configuration = $Configuration
$TPB_AssembliesPattern = @("*test*.dll", "*qualitytools*.dll", "*test*.exe", "*datacollector*.dll", "*datacollector*.exe", "QTAgent*.exe", "VsWebSite.Interop.dll", "Microsoft.VisualStudio*.dll", "Microsoft.TestPlatform.Build.dll", "Microsoft.DiaSymReader.dll", "Microsoft.IntelliTrace*.dll", "concrt140.dll", "msvcp140.dll", "vccorlib140.dll", "vcruntime140.dll", "codecoveragemessages.dll", "covrun32.dll", "msdia140.dll", "covrun64.dll", "IntelliTrace.exe", "ProcessSnapshotCleanup.exe", "TDEnvCleanup.exe", "CodeCoverage.exe", "Microsoft.ShDocVw.dll", "UIAComwrapper.dll", "Interop.UIAutomationClient.dll", "SettingsMigrator.exe")
$TPB_AssembliesPattern = @("*test*.dll", "*qualitytools*.dll", "*test*.exe", "*datacollector*.dll", "*datacollector*.exe", "QTAgent*.exe", "VsWebSite.Interop.dll", "Microsoft.VisualStudio*.dll", "Microsoft.TestPlatform.Build.dll", "Microsoft.DiaSymReader.dll", "Microsoft.IntelliTrace*.dll", "concrt140.dll", "msvcp140.dll", "vccorlib140.dll", "vcruntime140.dll", "codecoveragemessages.dll", "covrun32.dll", "msdia140.dll", "covrun64.dll", "IntelliTrace.exe", "ProcessSnapshotCleanup.exe", "TDEnvCleanup.exe", "CodeCoverage.exe", "Microsoft.ShDocVw.dll", "UIAComwrapper.dll", "Interop.UIAutomationClient.dll", "SettingsMigrator.exe", "Newtonsoft.Json.dll")

function Verify-Assemblies
{
Expand All @@ -54,18 +54,22 @@ function Verify-Assemblies
elseif ($signature.SignerCertificate.Thumbprint -eq "5EAD300DC7E4D637948ECB0ED829A072BD152E17") {
Write-Log "Valid (Prod Signed): $($_.FullName)."
}
# For some dlls e.g. "Interop.UIAutomationClient.dll", sign certificate is different signature. Skip such binaries.
# For some dlls e.g. "Interop.UIAutomationClient.dll", sign certificate is different signature. Skip such binaries.
elseif ($signature.SignerCertificate.Thumbprint -eq "67B1757863E3EFF760EA9EBB02849AF07D3A8080") {
Write-Log "Valid (Prod Signed): $($_.FullName)."
}
# For some dlls e.g. "Microsoft.VisualStudio.ArchitectureTools.PEReader.dll", sign certificate is different signature. Skip such binaries.
# For some dlls e.g. "Microsoft.VisualStudio.ArchitectureTools.PEReader.dll", sign certificate is different signature. Skip such binaries.
elseif ($signature.SignerCertificate.Thumbprint -eq "9DC17888B5CFAD98B3CB35C1994E96227F061675") {
Write-Log "Valid (Prod Signed): $($_.FullName)."
}
# For some dlls sign certificate is different signature. Skip such binaries.
# For some dlls sign certificate is different signature. Skip such binaries.
elseif ($signature.SignerCertificate.Thumbprint -eq "62009AAABDAE749FD47D19150958329BF6FF4B34") {
Write-Log "Valid (Prod Signed): $($_.FullName)."
}
# Microsoft 3rd Party Authenticode Signature
elseif ($signature.SignerCertificate.Thumbprint -eq "899FA016DEE8E665FF2A315A1151C43FB96C430B") {
Write-Log "Valid (Prod Signed): $($_.FullName)."
}
else {
Write-FailLog "Incorrect certificate. File: $($_.FullName). Certificate: $($signature.SignerCertificate.Thumbprint)."
}
Expand Down
28 changes: 27 additions & 1 deletion src/package/sign/sign.proj
Original file line number Diff line number Diff line change
Expand Up @@ -164,6 +164,9 @@
<AssembliesToSign Include="$(ArtifactsDirectory)CUITPlugins\Microsoft.VisualStudio.TestTools.UITest.Extension.Uia.dll" />
<AssembliesToSign Include="$(ArtifactsDirectory)CUITPlugins\Microsoft.VisualStudio.TestTools.UITest.Extension.UiaWidget.dll" />
<AssembliesToSign Include="$(ArtifactsDirectory)CUITPlugins\Microsoft.VisualStudio.TestTools.UITest.Extension.UiaWidget.UIAHtmlElementUtilities.dll" />

<!-- Third Party assemblies to sign -->
<ThirdPartyAssembliesToSign Include="$(ArtifactsDirectory)Newtonsoft.Json.dll" />
</ItemGroup>

<!-- Sign test platform v2 assemblies for .NET 4.6-->
Expand Down Expand Up @@ -197,7 +200,7 @@
<AssembliesToSign Include="$(ArtifactsDirectory)testhost.net472.x86.exe" />
<AssembliesToSign Include="$(ArtifactsDirectory)testhost.net48.exe" />
<AssembliesToSign Include="$(ArtifactsDirectory)testhost.net48.x86.exe" />
<AssembliesToSign Include="$(ArtifactsDirectory)SettingsMigrator.exe" />
<AssembliesToSign Include="$(ArtifactsDirectory)SettingsMigrator.exe" />

<!-- NetFullExtensions -->
<AssembliesToSign Include="$(ArtifactsDirectory)Extensions\Microsoft.VisualStudio.TestPlatform.Extensions.Trx.TestLogger.dll" />
Expand All @@ -209,6 +212,9 @@
<!-- Localized resources -->
<AssembliesToSign Include="$(ArtifactsDirectory)%(ResxLang.Identity)\*.*" />
<AssembliesToSign Include="$(ArtifactsDirectory)Extensions\%(ResxLang.Identity)\*.*" />

<!-- Third Party assemblies to sign -->
<ThirdPartyAssembliesToSign Include="$(ArtifactsDirectory)Newtonsoft.Json.dll" />
</ItemGroup>

<!-- Intellitrace -->
Expand Down Expand Up @@ -329,6 +335,10 @@
<NetStandard20AssembliesToSign Include="$(ArtifactsNS20Directory)%(ResxLang.Identity)\*.*" />
<CoreAssembliesToSign Include="$(ArtifactsCoreDirectory)Extensions\%(ResxLang.Identity)\*.*" />
<CoreAssembliesToSign Include="$(ArtifactsCoreDirectory)TestHost\%(ResxLang.Identity)\*.*" />

<!-- Third Party assemblies to sign -->
<ThirdPartyAssembliesToSign Include="$(ArtifactsCoreDirectory)Newtonsoft.Json.dll" />
<ThirdPartyAssembliesToSign Include="$(ArtifactsCoreDirectory)TestHost\Newtonsoft.Json.dll" />
</ItemGroup>

<!-- Sign Microsoft.TestPlatform.Build -->
Expand Down Expand Up @@ -419,6 +429,12 @@
<TestHostCoreAssembliesToSign Include="$(ArtifactsBaseDirectory)Microsoft.TestPlatform.TestHost\netcoreapp2.1\%(ResxLang.Identity)\*.*" />
<TestHostCoreAssembliesToSign Include="$(ArtifactsBaseDirectory)Microsoft.TestPlatform.TestHost\net451\$(TargetRuntime)\%(ResxLang.Identity)\*.*" />
<TestHostCoreAssembliesToSign Include="$(ArtifactsBaseDirectory)Microsoft.TestPlatform.TestHost\uap10.0\%(ResxLang.Identity)\*.*" />

<!-- Third Party assemblies to sign -->
<ThirdPartyAssembliesToSign Include="$(ArtifactsBaseDirectory)Microsoft.TestPlatform.TestHost\netcoreapp1.0\Newtonsoft.Json.dll" />
<ThirdPartyAssembliesToSign Include="$(ArtifactsBaseDirectory)Microsoft.TestPlatform.TestHost\netcoreapp2.1\Newtonsoft.Json.dll" />
<ThirdPartyAssembliesToSign Include="$(ArtifactsBaseDirectory)Microsoft.TestPlatform.TestHost\uap10.0\Newtonsoft.Json.dll" />
<ThirdPartyAssembliesToSign Include="$(ArtifactsBaseDirectory)Microsoft.TestPlatform.TestHost\net451\$(TargetRuntime)\Newtonsoft.Json.dll" />
</ItemGroup>

<ItemGroup>
Expand Down Expand Up @@ -466,8 +482,18 @@
<Authenticode>Microsoft402400</Authenticode>
<StrongName>StrongName</StrongName>
</CodeCoverageAssembliesToSign>

<ThirdPartyAssembliesToSign>
<Authenticode>3PartySHA2</Authenticode>
</ThirdPartyAssembliesToSign>
</ItemGroup>

<Message Text="Signing 3rd party assemblies using authenticode certificate '%(ThirdPartyAssembliesToSign.Authenticode)' for @(CoreAssembliesToSign)"/>
<SignFiles Files="@(ThirdPartyAssembliesToSign)"
BinariesDirectory="$(ArtifactsBaseDirectory)"
IntermediatesDirectory="$(IntermediatesDirectory)"
Type="$(SignType)" />

<Message Text="Signing using authenticode certificate '%(AssembliesToSign.Authenticode)' for @(CoreAssembliesToSign)"/>
<SignFiles Files="@(NetStandard10AssembliesToSign)"
BinariesDirectory="$(ArtifactsNS10Directory)"
Expand Down

0 comments on commit 81d3148

Please sign in to comment.