[BUG] Strong name signature could not be verified

[Kurpanik]

Description

I can't compile a .NET 4.7.2 project with a reference on the current version 2.80.3:

Could not load file or assembly SkiaSharp or one of its dependencies. Strong name signature could not be verified. The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key (Exception from HRESULT: 0x80131045)]

Downgrading back to 2.80.2 works fine. It seems to be the same issue as in #1267

Basic Information

• Version with issue: 2.80.3
• Last known good version: 2.80.2
• IDE: Visual Studio 2017
• Platform Target Frameworks: .NET FrameWork 4.7.2 - x86

[twilly86]

same error here

[jtothebell]

Also same issue here. Added 2.80.3 as it was the latest stable version on nuget, but got the error listed above. Downgraded to 2.80.2 and it is working.

[nesc58]

Same

[mattleibow]

Thanks folks. I am looking into this now. No idea why the strong naming would have stopped working... Unless something happened during the package upload which is basically impossible really...

[mattleibow]

I managed to locate the cause of the signing failing. It is 100% human error obscured by incremental builds.

The cause of the issue is that I made a change in PR #1698 that was to help reduce errors when the library was not built. The new (incorrect) logic was first going to check if the dll existed, and then would attach the task to the build. However, as is pretty obvious, if the dll does not exist, then it doesn't set up the strong naming. But that is always the case with CI. This was obscured by the fact that in most local builds, I already had a dll in the bin directory. So it would always sign for me.

The reason this was not caught was because the signing verification also was set up as part of the build - and would only get attached if the dll existed. Effectively, I disabled signing and verification on CI.

I have a fix and will release this ASAP.

This is being built on a path branch: https://github.com/mono/SkiaSharp/tree/patch/v2.80.4

[mattleibow]

This fix has been merged and I have release a v2.80.4-preview.4 that should be fixed.

I will put a few more fixes in and then release a 2.80.4 stable.

[nesc58]

Can you please release v2.80.4 with this bugfix? It seems to take a long time to fix the other issues for the v2.80.4 release

[mattleibow]

I have released this as 2.80.4-preview.2 a couple weeks ago. Have you been able to confirm the fix?

[nesc58]

The error seems to be fixed with 2.80.4-preview.2

[jesperll]

Just got hit by this today. Is there a new stable release coming soon? It's a bit weird to have the latest released package being a broken one.

[YipingRuan]

I have released this as 2.80.4-preview.2 a couple weeks ago. Have you been able to confirm the fix?

Can we release this?