From c1b7e6a172c0116a5821154b761505144935a8cc Mon Sep 17 00:00:00 2001 From: "Kevin Ransom (msft)" Date: Mon, 14 Sep 2020 11:21:23 -0700 Subject: [PATCH 1/3] Bloody mutable fields (#10116) --- src/fsharp/TypedTreePickle.fs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/fsharp/TypedTreePickle.fs b/src/fsharp/TypedTreePickle.fs index 837021b92e2..970c47fc743 100644 --- a/src/fsharp/TypedTreePickle.fs +++ b/src/fsharp/TypedTreePickle.fs @@ -53,7 +53,8 @@ type PickledDataWithReferences<'rawData> = // Only fixup what needs fixing up if reqd.IsUnresolvedReference then match loader reqd.AssemblyName with - | Some loaded -> reqd.Fixup loaded + | Some loaded -> + if reqd.IsUnresolvedReference then reqd.Fixup loaded | _ -> () ) x.RawData From 23b0b982f115ff99818acad4782684291dcb09d7 Mon Sep 17 00:00:00 2001 From: "Kevin Ransom (msft)" Date: Mon, 14 Sep 2020 11:22:13 -0700 Subject: [PATCH 2/3] Fix 9150 --- #i nuget on desktop witout net48 ref assemblies fails. (#10114) --- .../FSharp.DependencyManager.ProjectFile.fs | 4 ++++ .../FSharp.DependencyManager.fs | 1 + 2 files changed, 5 insertions(+) diff --git a/src/fsharp/FSharp.DependencyManager.Nuget/FSharp.DependencyManager.ProjectFile.fs b/src/fsharp/FSharp.DependencyManager.Nuget/FSharp.DependencyManager.ProjectFile.fs index 206eaaf8591..4e545ab0954 100644 --- a/src/fsharp/FSharp.DependencyManager.Nuget/FSharp.DependencyManager.ProjectFile.fs +++ b/src/fsharp/FSharp.DependencyManager.Nuget/FSharp.DependencyManager.ProjectFile.fs @@ -144,6 +144,10 @@ $(POUND_R) 4.7.1-* + + + + $(PACKAGEREFERENCES) Date: Mon, 14 Sep 2020 11:24:04 -0700 Subject: [PATCH 3/3] signing (#10108) --- src/absil/il.fsi | 2 +- src/absil/ilsign.fs | 335 +++++++++++++++++- src/absil/ilsign.fsi | 24 ++ src/absil/ilsupp.fs | 232 ------------ src/absil/ilsupp.fsi | 19 +- src/absil/ilwrite.fs | 65 +--- src/absil/ilwrite.fsi | 9 +- .../FSharp.Compiler.Private.fsproj | 5 +- .../FSharp.Compiler.Service.fsproj | 5 +- src/fsharp/fsc.fs | 20 +- src/fsharp/fsc.fsi | 3 +- 11 files changed, 376 insertions(+), 343 deletions(-) create mode 100644 src/absil/ilsign.fsi diff --git a/src/absil/il.fsi b/src/absil/il.fsi index efed0413a67..9be60b433ac 100644 --- a/src/absil/il.fsi +++ b/src/absil/il.fsi @@ -98,7 +98,7 @@ type ILScopeRef = /// A reference to the type in the current module | Local /// A reference to a type in a module in the same assembly - | Module of ILModuleRef + | Module of ILModuleRef /// A reference to a type in another assembly | Assembly of ILAssemblyRef /// A reference to a type in the primary assembly diff --git a/src/absil/ilsign.fs b/src/absil/ilsign.fs index 6fbc1ca4525..617a102a155 100644 --- a/src/absil/ilsign.fs +++ b/src/absil/ilsign.fs @@ -7,9 +7,15 @@ module internal FSharp.Compiler.AbstractIL.Internal.StrongNameSign open System open System.IO open System.Collections.Immutable +open System.Reflection open System.Reflection.PortableExecutable open System.Security.Cryptography open System.Runtime.InteropServices +open System.Runtime.CompilerServices + + +open FSharp.Compiler.AbstractIL.Internal.Library +open FSharp.Compiler.AbstractIL.Internal.Utils type KeyType = | Public @@ -36,6 +42,9 @@ open System.Runtime.InteropServices let RSA_PRIV_MAGIC = int 0x32415352 let getResourceString (_, str) = str + let check _action (hresult) = + if uint32 hresult >= 0x80000000ul then + System.Runtime.InteropServices.Marshal.ThrowExceptionForHR hresult [] type ByteArrayUnion = @@ -173,17 +182,17 @@ open System.Runtime.InteropServices bw.Write(int CALG_RSA_SIGN) // CLRHeader.aiKeyAlg bw.Write(int CALG_SHA1) // CLRHeader.aiHashAlg - bw.Write(int (modulusLength + BLOBHEADER_LENGTH)) // CLRHeader.KeyLength + bw.Write(int (modulusLength + BLOBHEADER_LENGTH)) // CLRHeader.KeyLength // Write out the BLOBHEADER - bw.Write(byte (if isPrivate = true then PRIVATEKEYBLOB else PUBLICKEYBLOB)) // BLOBHEADER.bType + bw.Write(byte (if isPrivate = true then PRIVATEKEYBLOB else PUBLICKEYBLOB))// BLOBHEADER.bType bw.Write(byte BLOBHEADER_CURRENT_BVERSION) // BLOBHEADER.bVersion bw.Write(int16 0) // BLOBHEADER.wReserved bw.Write(int CALG_RSA_SIGN) // BLOBHEADER.aiKeyAlg // Write the RSAPubKey header - bw.Write(int (if isPrivate then RSA_PRIV_MAGIC else RSA_PUB_MAGIC)) // RSAPubKey.magic - bw.Write(int (modulusLength * 8)) // RSAPubKey.bitLen + bw.Write(int (if isPrivate then RSA_PRIV_MAGIC else RSA_PUB_MAGIC)) // RSAPubKey.magic + bw.Write(int (modulusLength * 8)) // RSAPubKey.bitLen let expAsDword = let mutable buffer = int 0 @@ -192,7 +201,7 @@ open System.Runtime.InteropServices buffer bw.Write expAsDword // RSAPubKey.pubExp - bw.Write(rsaParameters.Modulus |> Array.rev) // Copy over the modulus for both public and private + bw.Write(rsaParameters.Modulus |> Array.rev) // Copy over the modulus for both public and private if isPrivate = true then do bw.Write(rsaParameters.P |> Array.rev) bw.Write(rsaParameters.Q |> Array.rev) @@ -244,8 +253,8 @@ open System.Runtime.InteropServices let mutable reader = BlobReader pk reader.ReadBigInteger 12 |> ignore // Skip CLRHeader reader.ReadBigInteger 8 |> ignore // Skip BlobHeader - let magic = reader.ReadInt32 // Read magic - if not (magic = RSA_PRIV_MAGIC || magic = RSA_PUB_MAGIC) then // RSAPubKey.magic + let magic = reader.ReadInt32 // Read magic + if not (magic = RSA_PRIV_MAGIC || magic = RSA_PUB_MAGIC) then // RSAPubKey.magic raise (CryptographicException(getResourceString(FSComp.SR.ilSignInvalidPKBlob()))) let x = reader.ReadInt32 / 8 x @@ -256,3 +265,315 @@ open System.Runtime.InteropServices rsa.ImportParameters(RSAParamatersFromBlob keyBlob KeyType.KeyPair) let rsaParameters = rsa.ExportParameters false toCLRKeyBlob rsaParameters CALG_RSA_KEYX + + // Key signing + type keyContainerName = string + type keyPair = byte[] + type pubkey = byte[] + type pubkeyOptions = byte[] * bool + + let signerOpenPublicKeyFile filePath = FileSystem.ReadAllBytesShim filePath + + let signerOpenKeyPairFile filePath = FileSystem.ReadAllBytesShim filePath + + let signerGetPublicKeyForKeyPair (kp: keyPair) : pubkey = getPublicKeyForKeyPair kp + + let signerGetPublicKeyForKeyContainer (_kcName: keyContainerName) : pubkey = + raise (NotImplementedException("signerGetPublicKeyForKeyContainer is not yet implemented")) + + let signerCloseKeyContainer (_kc: keyContainerName) : unit = + raise (NotImplementedException("signerCloseKeyContainer is not yet implemented")) + + let signerSignatureSize (pk: pubkey) : int = signatureSize pk + + let signerSignFileWithKeyPair (fileName: string) (kp: keyPair) : unit = signFile fileName kp + + let signerSignFileWithKeyContainer (_fileName: string) (_kcName: keyContainerName) : unit = + raise (NotImplementedException("signerSignFileWithKeyContainer is not yet implemented")) + +#if !FX_NO_CORHOST_SIGNER + // New mscoree functionality + // This type represents methods that we don't currently need, so I'm leaving unimplemented + type UnusedCOMMethod = unit -> unit + [] + [] + type ICLRMetaHost = + [] + abstract GetRuntime: + [] version: string * + [] interfaceId: System.Guid -> [] System.Object + + // Methods that we don't need are stubbed out for now... + abstract GetVersionFromFile: UnusedCOMMethod + abstract EnumerateInstalledRuntimes: UnusedCOMMethod + abstract EnumerateLoadedRuntimes: UnusedCOMMethod + abstract Reserved01: UnusedCOMMethod + + // We don't currently support ComConversionLoss + [] + [] + type ICLRStrongName = + // Methods that we don't need are stubbed out for now... + abstract GetHashFromAssemblyFile: UnusedCOMMethod + abstract GetHashFromAssemblyFileW: UnusedCOMMethod + abstract GetHashFromBlob: UnusedCOMMethod + abstract GetHashFromFile: UnusedCOMMethod + abstract GetHashFromFileW: UnusedCOMMethod + abstract GetHashFromHandle: UnusedCOMMethod + abstract StrongNameCompareAssemblies: UnusedCOMMethod + + [] + abstract StrongNameFreeBuffer: [] pbMemory: nativeint -> unit + + abstract StrongNameGetBlob: UnusedCOMMethod + abstract StrongNameGetBlobFromImage: UnusedCOMMethod + + [] + abstract StrongNameGetPublicKey : + [] pwzKeyContainer: string * + [] pbKeyBlob: byte[] * + [] cbKeyBlob: uint32 * + [] ppbPublicKeyBlob: nativeint byref * + [] pcbPublicKeyBlob: uint32 byref -> unit + + abstract StrongNameHashSize: UnusedCOMMethod + + [] + abstract StrongNameKeyDelete: [] pwzKeyContainer: string -> unit + + abstract StrongNameKeyGen: UnusedCOMMethod + abstract StrongNameKeyGenEx: UnusedCOMMethod + abstract StrongNameKeyInstall: UnusedCOMMethod + + [] + abstract StrongNameSignatureGeneration : + [] pwzFilePath: string * + [] pwzKeyContainer: string * + [] pbKeyBlob: byte [] * + [] cbKeyBlob: uint32 * + [] ppbSignatureBlob: nativeint * + [] pcbSignatureBlob: uint32 byref -> unit + + abstract StrongNameSignatureGenerationEx: UnusedCOMMethod + + [] + abstract StrongNameSignatureSize : + [] pbPublicKeyBlob: byte[] * + [] cbPublicKeyBlob: uint32 * + [] pcbSize: uint32 byref -> unit + + abstract StrongNameSignatureVerification: UnusedCOMMethod + + [] + abstract StrongNameSignatureVerificationEx : + [] pwzFilePath: string * + [] fForceVerification: bool * + [] pfWasVerified: bool byref -> [] bool + + abstract StrongNameSignatureVerificationFromImage: UnusedCOMMethod + abstract StrongNameTokenFromAssembly: UnusedCOMMethod + abstract StrongNameTokenFromAssemblyEx: UnusedCOMMethod + abstract StrongNameTokenFromPublicKey: UnusedCOMMethod + + + [] + [] + type ICLRRuntimeInfo = + // REVIEW: Methods that we don't need will be stubbed out for now... + abstract GetVersionString: unit -> unit + abstract GetRuntimeDirectory: unit -> unit + abstract IsLoaded: unit -> unit + abstract LoadErrorString: unit -> unit + abstract LoadLibrary: unit -> unit + abstract GetProcAddress: unit -> unit + + [] + abstract GetInterface : + [] coClassId: System.Guid * + [] interfaceId: System.Guid -> []System.Object + + [] + [] + let CreateInterface ( + ([] _clsidguid: System.Guid), + ([] _guid: System.Guid), + ([] _metaHost : + ICLRMetaHost byref)) : unit = failwith "CreateInterface" + + let legacySignerOpenPublicKeyFile filePath = FileSystem.ReadAllBytesShim filePath + + let legacySignerOpenKeyPairFile filePath = FileSystem.ReadAllBytesShim filePath + + let mutable iclrsn: ICLRStrongName option = None + let getICLRStrongName () = + match iclrsn with + | None -> + let CLSID_CLRStrongName = System.Guid(0xB79B0ACDu, 0xF5CDus, 0x409bus, 0xB5uy, 0xA5uy, 0xA1uy, 0x62uy, 0x44uy, 0x61uy, 0x0Buy, 0x92uy) + let IID_ICLRStrongName = System.Guid(0x9FD93CCFu, 0x3280us, 0x4391us, 0xB3uy, 0xA9uy, 0x96uy, 0xE1uy, 0xCDuy, 0xE7uy, 0x7Cuy, 0x8Duy) + let CLSID_CLRMetaHost = System.Guid(0x9280188Du, 0x0E8Eus, 0x4867us, 0xB3uy, 0x0Cuy, 0x7Fuy, 0xA8uy, 0x38uy, 0x84uy, 0xE8uy, 0xDEuy) + let IID_ICLRMetaHost = System.Guid(0xD332DB9Eu, 0xB9B3us, 0x4125us, 0x82uy, 0x07uy, 0xA1uy, 0x48uy, 0x84uy, 0xF5uy, 0x32uy, 0x16uy) + let clrRuntimeInfoGuid = System.Guid(0xBD39D1D2u, 0xBA2Fus, 0x486aus, 0x89uy, 0xB0uy, 0xB4uy, 0xB0uy, 0xCBuy, 0x46uy, 0x68uy, 0x91uy) + + let runtimeVer = System.Runtime.InteropServices.RuntimeEnvironment.GetSystemVersion() + let mutable metaHost = Unchecked.defaultof + CreateInterface(CLSID_CLRMetaHost, IID_ICLRMetaHost, &metaHost) + if Unchecked.defaultof = metaHost then + failwith "Unable to obtain ICLRMetaHost object - check freshness of mscoree.dll" + let runtimeInfo = metaHost.GetRuntime(runtimeVer, clrRuntimeInfoGuid) :?> ICLRRuntimeInfo + let sn = runtimeInfo.GetInterface(CLSID_CLRStrongName, IID_ICLRStrongName) :?> ICLRStrongName + if Unchecked.defaultof = sn then + failwith "Unable to obtain ICLRStrongName object" + iclrsn <- Some sn + sn + | Some sn -> sn + + let legacySignerGetPublicKeyForKeyPair kp = + if runningOnMono then + let snt = System.Type.GetType("Mono.Security.StrongName") + let sn = System.Activator.CreateInstance(snt, [| box kp |]) + snt.InvokeMember("PublicKey", (BindingFlags.GetProperty ||| BindingFlags.Instance ||| BindingFlags.Public), null, sn, [| |], Globalization.CultureInfo.InvariantCulture) :?> byte[] + else + let mutable pSize = 0u + let mutable pBuffer: nativeint = (nativeint)0 + let iclrSN = getICLRStrongName() + + iclrSN.StrongNameGetPublicKey(Unchecked.defaultof, kp, (uint32) kp.Length, &pBuffer, &pSize) |> ignore + let mutable keybuffer: byte [] = Bytes.zeroCreate (int pSize) + // Copy the marshalled data over - we'll have to free this ourselves + Marshal.Copy(pBuffer, keybuffer, 0, int pSize) + iclrSN.StrongNameFreeBuffer pBuffer |> ignore + keybuffer + + let legacySignerGetPublicKeyForKeyContainer kc = + let mutable pSize = 0u + let mutable pBuffer: nativeint = (nativeint)0 + let iclrSN = getICLRStrongName() + iclrSN.StrongNameGetPublicKey(kc, Unchecked.defaultof, 0u, &pBuffer, &pSize) |> ignore + let mutable keybuffer: byte [] = Bytes.zeroCreate (int pSize) + // Copy the marshalled data over - we'll have to free this ourselves later + Marshal.Copy(pBuffer, keybuffer, 0, int pSize) + iclrSN.StrongNameFreeBuffer pBuffer |> ignore + keybuffer + + let legacySignerCloseKeyContainer kc = + let iclrSN = getICLRStrongName() + iclrSN.StrongNameKeyDelete kc |> ignore + + let legacySignerSignatureSize (pk: byte[]) = + if runningOnMono then + if pk.Length > 32 then pk.Length - 32 else 128 + else + let mutable pSize = 0u + let iclrSN = getICLRStrongName() + iclrSN.StrongNameSignatureSize(pk, uint32 pk.Length, &pSize) |> ignore + int pSize + + let legacySignerSignFileWithKeyPair fileName kp = + if runningOnMono then + let snt = System.Type.GetType("Mono.Security.StrongName") + let sn = System.Activator.CreateInstance(snt, [| box kp |]) + let conv (x: obj) = if (unbox x: bool) then 0 else -1 + snt.InvokeMember("Sign", (BindingFlags.InvokeMethod ||| BindingFlags.Instance ||| BindingFlags.Public), null, sn, [| box fileName |], Globalization.CultureInfo.InvariantCulture) |> conv |> check "Sign" + snt.InvokeMember("Verify", (BindingFlags.InvokeMethod ||| BindingFlags.Instance ||| BindingFlags.Public), null, sn, [| box fileName |], Globalization.CultureInfo.InvariantCulture) |> conv |> check "Verify" + else + let mutable pcb = 0u + let mutable ppb = (nativeint)0 + let mutable ok = false + let iclrSN = getICLRStrongName() + iclrSN.StrongNameSignatureGeneration(fileName, Unchecked.defaultof, kp, uint32 kp.Length, ppb, &pcb) |> ignore + iclrSN.StrongNameSignatureVerificationEx(fileName, true, &ok) |> ignore + + let legacySignerSignFileWithKeyContainer fileName kcName = + let mutable pcb = 0u + let mutable ppb = (nativeint)0 + let mutable ok = false + let iclrSN = getICLRStrongName() + iclrSN.StrongNameSignatureGeneration(fileName, kcName, Unchecked.defaultof, 0u, ppb, &pcb) |> ignore + iclrSN.StrongNameSignatureVerificationEx(fileName, true, &ok) |> ignore +#endif + + //--------------------------------------------------------------------- + // Strong name signing + //--------------------------------------------------------------------- + type ILStrongNameSigner = + | PublicKeySigner of pubkey + | PublicKeyOptionsSigner of pubkeyOptions + | KeyPair of keyPair + | KeyContainer of keyContainerName + + static member OpenPublicKeyOptions s p = PublicKeyOptionsSigner((signerOpenPublicKeyFile s), p) + static member OpenPublicKey pubkey = PublicKeySigner pubkey + static member OpenKeyPairFile s = KeyPair(signerOpenKeyPairFile s) + static member OpenKeyContainer s = KeyContainer s + + member s.Close () = + match s with + | PublicKeySigner _ + | PublicKeyOptionsSigner _ + | KeyPair _ -> () + | KeyContainer containerName -> +#if !FX_NO_CORHOST_SIGNER + legacySignerCloseKeyContainer containerName +#else + ignore containerName + failwith ("Key container signing is not supported on this platform") +#endif + member s.IsFullySigned = + match s with + | PublicKeySigner _ -> false + | PublicKeyOptionsSigner pko -> let _, usePublicSign = pko + usePublicSign + | KeyPair _ -> true + | KeyContainer _ -> +#if !FX_NO_CORHOST_SIGNER + true +#else + failwith ("Key container signing is not supported on this platform") +#endif + + member s.PublicKey = + match s with + | PublicKeySigner pk -> pk + | PublicKeyOptionsSigner pko -> let pk, _ = pko + pk + | KeyPair kp -> signerGetPublicKeyForKeyPair kp + | KeyContainer containerName -> +#if !FX_NO_CORHOST_SIGNER + legacySignerGetPublicKeyForKeyContainer containerName +#else + ignore containerName + failwith ("Key container signing is not supported on this platform") +#endif + + member s.SignatureSize = + let pkSignatureSize pk = + try + signerSignatureSize pk + with e -> + failwith ("A call to StrongNameSignatureSize failed ("+e.Message+")") + 0x80 + match s with + | PublicKeySigner pk -> pkSignatureSize pk + | PublicKeyOptionsSigner pko -> let pk, _ = pko + pkSignatureSize pk + | KeyPair kp -> pkSignatureSize (signerGetPublicKeyForKeyPair kp) + | KeyContainer containerName -> +#if !FX_NO_CORHOST_SIGNER + pkSignatureSize (legacySignerGetPublicKeyForKeyContainer containerName) +#else + ignore containerName + failwith ("Key container signing is not supported on this platform") +#endif + + member s.SignFile file = + match s with + | PublicKeySigner _ -> () + | PublicKeyOptionsSigner _ -> () + | KeyPair kp -> signerSignFileWithKeyPair file kp + | KeyContainer containerName -> +#if !FX_NO_CORHOST_SIGNER + legacySignerSignFileWithKeyContainer file containerName +#else + ignore containerName + failwith ("Key container signing is not supported on this platform") +#endif diff --git a/src/absil/ilsign.fsi b/src/absil/ilsign.fsi new file mode 100644 index 00000000000..ee3043a4f55 --- /dev/null +++ b/src/absil/ilsign.fsi @@ -0,0 +1,24 @@ +// Copyright (c) Microsoft Corporation. All Rights Reserved. See License.txt in the project root for license information. + +/// Functions associated with signing il assemblies which +/// vary between supported implementations of the CLI Common Language +/// Runtime, e.g. between the SSCLI, Mono and the Microsoft CLR. +/// + +module internal FSharp.Compiler.AbstractIL.Internal.StrongNameSign + +//--------------------------------------------------------------------- +// Strong name signing +//--------------------------------------------------------------------- +[] +type ILStrongNameSigner = + member PublicKey: byte[] + static member OpenPublicKeyOptions: string -> bool -> ILStrongNameSigner + static member OpenPublicKey: byte[] -> ILStrongNameSigner + static member OpenKeyPairFile: string -> ILStrongNameSigner + static member OpenKeyContainer: string -> ILStrongNameSigner + member Close: unit -> unit + member IsFullySigned: bool + member PublicKey: byte[] + member SignatureSize: int + member SignFile: string -> unit diff --git a/src/absil/ilsupp.fs b/src/absil/ilsupp.fs index 57734863883..9d88524e92c 100644 --- a/src/absil/ilsupp.fs +++ b/src/absil/ilsupp.fs @@ -1118,235 +1118,3 @@ let pdbVariableGetSignature (variable: PdbVariable) : byte[] = let pdbVariableGetAddressAttributes (variable: PdbVariable) : (int32 * int32) = (int32 variable.symVariable.AddressKind, variable.symVariable.AddressField1) #endif - -// Key signing -type keyContainerName = string -type keyPair = byte[] -type pubkey = byte[] -type pubkeyOptions = byte[] * bool - -#if FX_NO_CORHOST_SIGNER - -let signerOpenPublicKeyFile filePath = FileSystem.ReadAllBytesShim filePath - -let signerOpenKeyPairFile filePath = FileSystem.ReadAllBytesShim filePath - -let signerGetPublicKeyForKeyPair (kp: keyPair) : pubkey = - let reply = (StrongNameSign.getPublicKeyForKeyPair kp) - reply - -let signerGetPublicKeyForKeyContainer (_kcName: keyContainerName) : pubkey = - raise (NotImplementedException("signerGetPublicKeyForKeyContainer is not yet implemented")) - -let signerCloseKeyContainer (_kc: keyContainerName) : unit = - raise (NotImplementedException("signerCloseKeyContainer is not yet implemented")) - -let signerSignatureSize (pk: pubkey) : int = - (StrongNameSign.signatureSize pk) - -let signerSignFileWithKeyPair (fileName: string) (kp: keyPair) : unit = - (StrongNameSign.signFile fileName kp) - -let signerSignFileWithKeyContainer (_fileName: string) (_kcName: keyContainerName) : unit = - raise (NotImplementedException("signerSignFileWithKeyContainer is not yet implemented")) - -#else -// New mscoree functionality -// This type represents methods that we don't currently need, so I'm leaving unimplemented -type UnusedCOMMethod = unit -> unit -[] -[] -type ICLRMetaHost = - [] - abstract GetRuntime: - [] version: string * - [] interfaceId: System.Guid -> [] System.Object - - // Methods that we don't need are stubbed out for now... - abstract GetVersionFromFile: UnusedCOMMethod - abstract EnumerateInstalledRuntimes: UnusedCOMMethod - abstract EnumerateLoadedRuntimes: UnusedCOMMethod - abstract Reserved01: UnusedCOMMethod - -// We don't currently support ComConversionLoss -[] -[] -type ICLRStrongName = - // Methods that we don't need are stubbed out for now... - abstract GetHashFromAssemblyFile: UnusedCOMMethod - abstract GetHashFromAssemblyFileW: UnusedCOMMethod - abstract GetHashFromBlob: UnusedCOMMethod - abstract GetHashFromFile: UnusedCOMMethod - abstract GetHashFromFileW: UnusedCOMMethod - abstract GetHashFromHandle: UnusedCOMMethod - abstract StrongNameCompareAssemblies: UnusedCOMMethod - - [] - abstract StrongNameFreeBuffer: [] pbMemory: nativeint -> unit - - abstract StrongNameGetBlob: UnusedCOMMethod - abstract StrongNameGetBlobFromImage: UnusedCOMMethod - - [] - abstract StrongNameGetPublicKey : - [] pwzKeyContainer: string * - [] pbKeyBlob: byte[] * - [] cbKeyBlob: uint32 * - [] ppbPublicKeyBlob: nativeint byref * - [] pcbPublicKeyBlob: uint32 byref -> unit - - abstract StrongNameHashSize: UnusedCOMMethod - - [] - abstract StrongNameKeyDelete: [] pwzKeyContainer: string -> unit - - abstract StrongNameKeyGen: UnusedCOMMethod - abstract StrongNameKeyGenEx: UnusedCOMMethod - abstract StrongNameKeyInstall: UnusedCOMMethod - - [] - abstract StrongNameSignatureGeneration : - [] pwzFilePath: string * - [] pwzKeyContainer: string * - [] pbKeyBlob: byte [] * - [] cbKeyBlob: uint32 * - [] ppbSignatureBlob: nativeint * - [] pcbSignatureBlob: uint32 byref -> unit - - abstract StrongNameSignatureGenerationEx: UnusedCOMMethod - - [] - abstract StrongNameSignatureSize : - [] pbPublicKeyBlob: byte[] * - [] cbPublicKeyBlob: uint32 * - [] pcbSize: uint32 byref -> unit - - abstract StrongNameSignatureVerification: UnusedCOMMethod - - [] - abstract StrongNameSignatureVerificationEx : - [] pwzFilePath: string * - [] fForceVerification: bool * - [] pfWasVerified: bool byref -> [] bool - - abstract StrongNameSignatureVerificationFromImage: UnusedCOMMethod - abstract StrongNameTokenFromAssembly: UnusedCOMMethod - abstract StrongNameTokenFromAssemblyEx: UnusedCOMMethod - abstract StrongNameTokenFromPublicKey: UnusedCOMMethod - - -[] -[] -type ICLRRuntimeInfo = - // REVIEW: Methods that we don't need will be stubbed out for now... - abstract GetVersionString: unit -> unit - abstract GetRuntimeDirectory: unit -> unit - abstract IsLoaded: unit -> unit - abstract LoadErrorString: unit -> unit - abstract LoadLibrary: unit -> unit - abstract GetProcAddress: unit -> unit - - [] - abstract GetInterface : - [] coClassId: System.Guid * - [] interfaceId: System.Guid -> []System.Object - -[] -[] -let CreateInterface ( - ([] _clsidguid: System.Guid), - ([] _guid: System.Guid), - ([] _metaHost : - ICLRMetaHost byref)) : unit = failwith "CreateInterface" - -let signerOpenPublicKeyFile filePath = FileSystem.ReadAllBytesShim filePath - -let signerOpenKeyPairFile filePath = FileSystem.ReadAllBytesShim filePath - -let mutable iclrsn: ICLRStrongName option = None -let getICLRStrongName () = - match iclrsn with - | None -> - let CLSID_CLRStrongName = System.Guid(0xB79B0ACDu, 0xF5CDus, 0x409bus, 0xB5uy, 0xA5uy, 0xA1uy, 0x62uy, 0x44uy, 0x61uy, 0x0Buy, 0x92uy) - let IID_ICLRStrongName = System.Guid(0x9FD93CCFu, 0x3280us, 0x4391us, 0xB3uy, 0xA9uy, 0x96uy, 0xE1uy, 0xCDuy, 0xE7uy, 0x7Cuy, 0x8Duy) - let CLSID_CLRMetaHost = System.Guid(0x9280188Du, 0x0E8Eus, 0x4867us, 0xB3uy, 0x0Cuy, 0x7Fuy, 0xA8uy, 0x38uy, 0x84uy, 0xE8uy, 0xDEuy) - let IID_ICLRMetaHost = System.Guid(0xD332DB9Eu, 0xB9B3us, 0x4125us, 0x82uy, 0x07uy, 0xA1uy, 0x48uy, 0x84uy, 0xF5uy, 0x32uy, 0x16uy) - let clrRuntimeInfoGuid = System.Guid(0xBD39D1D2u, 0xBA2Fus, 0x486aus, 0x89uy, 0xB0uy, 0xB4uy, 0xB0uy, 0xCBuy, 0x46uy, 0x68uy, 0x91uy) - - let runtimeVer = System.Runtime.InteropServices.RuntimeEnvironment.GetSystemVersion() - let mutable metaHost = Unchecked.defaultof - CreateInterface(CLSID_CLRMetaHost, IID_ICLRMetaHost, &metaHost) - if Unchecked.defaultof = metaHost then - failwith "Unable to obtain ICLRMetaHost object - check freshness of mscoree.dll" - let runtimeInfo = metaHost.GetRuntime(runtimeVer, clrRuntimeInfoGuid) :?> ICLRRuntimeInfo - let sn = runtimeInfo.GetInterface(CLSID_CLRStrongName, IID_ICLRStrongName) :?> ICLRStrongName - if Unchecked.defaultof = sn then - failwith "Unable to obtain ICLRStrongName object" - iclrsn <- Some sn - sn - | Some sn -> sn - -let signerGetPublicKeyForKeyPair kp = - if runningOnMono then - let snt = System.Type.GetType("Mono.Security.StrongName") - let sn = System.Activator.CreateInstance(snt, [| box kp |]) - snt.InvokeMember("PublicKey", (BindingFlags.GetProperty ||| BindingFlags.Instance ||| BindingFlags.Public), null, sn, [| |], Globalization.CultureInfo.InvariantCulture) :?> byte[] - else - let mutable pSize = 0u - let mutable pBuffer: nativeint = (nativeint)0 - let iclrSN = getICLRStrongName() - - iclrSN.StrongNameGetPublicKey(Unchecked.defaultof, kp, (uint32) kp.Length, &pBuffer, &pSize) |> ignore - let mutable keybuffer: byte [] = Bytes.zeroCreate (int pSize) - // Copy the marshalled data over - we'll have to free this ourselves - Marshal.Copy(pBuffer, keybuffer, 0, int pSize) - iclrSN.StrongNameFreeBuffer pBuffer |> ignore - keybuffer - -let signerGetPublicKeyForKeyContainer kc = - let mutable pSize = 0u - let mutable pBuffer: nativeint = (nativeint)0 - let iclrSN = getICLRStrongName() - iclrSN.StrongNameGetPublicKey(kc, Unchecked.defaultof, 0u, &pBuffer, &pSize) |> ignore - let mutable keybuffer: byte [] = Bytes.zeroCreate (int pSize) - // Copy the marshalled data over - we'll have to free this ourselves later - Marshal.Copy(pBuffer, keybuffer, 0, int pSize) - iclrSN.StrongNameFreeBuffer pBuffer |> ignore - keybuffer - -let signerCloseKeyContainer kc = - let iclrSN = getICLRStrongName() - iclrSN.StrongNameKeyDelete kc |> ignore - -let signerSignatureSize (pk: byte[]) = - if runningOnMono then - if pk.Length > 32 then pk.Length - 32 else 128 - else - let mutable pSize = 0u - let iclrSN = getICLRStrongName() - iclrSN.StrongNameSignatureSize(pk, uint32 pk.Length, &pSize) |> ignore - int pSize - -let signerSignFileWithKeyPair fileName kp = - if runningOnMono then - let snt = System.Type.GetType("Mono.Security.StrongName") - let sn = System.Activator.CreateInstance(snt, [| box kp |]) - let conv (x: obj) = if (unbox x: bool) then 0 else -1 - snt.InvokeMember("Sign", (BindingFlags.InvokeMethod ||| BindingFlags.Instance ||| BindingFlags.Public), null, sn, [| box fileName |], Globalization.CultureInfo.InvariantCulture) |> conv |> check "Sign" - snt.InvokeMember("Verify", (BindingFlags.InvokeMethod ||| BindingFlags.Instance ||| BindingFlags.Public), null, sn, [| box fileName |], Globalization.CultureInfo.InvariantCulture) |> conv |> check "Verify" - else - let mutable pcb = 0u - let mutable ppb = (nativeint)0 - let mutable ok = false - let iclrSN = getICLRStrongName() - iclrSN.StrongNameSignatureGeneration(fileName, Unchecked.defaultof, kp, uint32 kp.Length, ppb, &pcb) |> ignore - iclrSN.StrongNameSignatureVerificationEx(fileName, true, &ok) |> ignore - -let signerSignFileWithKeyContainer fileName kcName = - let mutable pcb = 0u - let mutable ppb = (nativeint)0 - let mutable ok = false - let iclrSN = getICLRStrongName() - iclrSN.StrongNameSignatureGeneration(fileName, kcName, Unchecked.defaultof, 0u, ppb, &pcb) |> ignore - iclrSN.StrongNameSignatureVerificationEx(fileName, true, &ok) |> ignore -#endif diff --git a/src/absil/ilsupp.fsi b/src/absil/ilsupp.fsi index a32cdb605fe..f3ba7fa5ce8 100644 --- a/src/absil/ilsupp.fsi +++ b/src/absil/ilsupp.fsi @@ -24,6 +24,7 @@ open System.Runtime.InteropServices #else open System.Diagnostics.SymbolStore #endif + open Internal.Utilities open FSharp.Compiler.AbstractIL open FSharp.Compiler.AbstractIL.Internal @@ -109,21 +110,3 @@ val pdbSetMethodRange: PdbWriter -> PdbDocumentWriter -> int -> int -> PdbDocume val pdbDefineSequencePoints: PdbWriter -> PdbDocumentWriter -> (int * int * int * int * int) array -> unit val pdbWriteDebugInfo: PdbWriter -> idd #endif - -//--------------------------------------------------------------------- -// Strong name signing -//--------------------------------------------------------------------- - -type keyContainerName = string -type keyPair = byte[] -type pubkey = byte[] -type pubkeyOptions = byte[] * bool - -val signerOpenPublicKeyFile: string -> pubkey -val signerOpenKeyPairFile: string -> keyPair -val signerSignatureSize: pubkey -> int -val signerGetPublicKeyForKeyPair: keyPair -> pubkey -val signerGetPublicKeyForKeyContainer: string -> pubkey -val signerCloseKeyContainer: keyContainerName -> unit -val signerSignFileWithKeyPair: string -> keyPair -> unit -val signerSignFileWithKeyContainer: string -> keyContainerName -> unit diff --git a/src/absil/ilwrite.fs b/src/absil/ilwrite.fs index d86a2a710c5..ccaa04b7fbb 100644 --- a/src/absil/ilwrite.fs +++ b/src/absil/ilwrite.fs @@ -13,13 +13,10 @@ open FSharp.Compiler.AbstractIL.Internal.BinaryConstants open FSharp.Compiler.AbstractIL.Internal.Support open FSharp.Compiler.AbstractIL.Internal.Library open FSharp.Compiler.AbstractIL.Internal.Utils +open FSharp.Compiler.AbstractIL.Internal.StrongNameSign open FSharp.Compiler.AbstractIL.ILPdbWriter open FSharp.Compiler.ErrorLogger open FSharp.Compiler.Range -#if FX_NO_CORHOST_SIGNER -open FSharp.Compiler.AbstractIL.Internal.StrongNameSign -#endif - #if DEBUG let showEntryLookups = false @@ -146,66 +143,6 @@ let applyFixup32 (data: byte[]) offset v = data.[offset+2] <- b2 v data.[offset+3] <- b3 v -//--------------------------------------------------------------------- -// Strong name signing -//--------------------------------------------------------------------- - -type ILStrongNameSigner = - | PublicKeySigner of Support.pubkey - | PublicKeyOptionsSigner of Support.pubkeyOptions - | KeyPair of Support.keyPair - | KeyContainer of Support.keyContainerName - - static member OpenPublicKeyOptions s p = PublicKeyOptionsSigner((Support.signerOpenPublicKeyFile s), p) - - static member OpenPublicKey pubkey = PublicKeySigner pubkey - - static member OpenKeyPairFile s = KeyPair(Support.signerOpenKeyPairFile s) - - static member OpenKeyContainer s = KeyContainer s - - member s.Close() = - match s with - | PublicKeySigner _ - | PublicKeyOptionsSigner _ - | KeyPair _ -> () - | KeyContainer containerName -> Support.signerCloseKeyContainer containerName - - member s.IsFullySigned = - match s with - | PublicKeySigner _ -> false - | PublicKeyOptionsSigner pko -> let _, usePublicSign = pko - usePublicSign - | KeyPair _ | KeyContainer _ -> true - - member s.PublicKey = - match s with - | PublicKeySigner pk -> pk - | PublicKeyOptionsSigner pko -> let pk, _ = pko - pk - | KeyPair kp -> Support.signerGetPublicKeyForKeyPair kp - | KeyContainer kn -> Support.signerGetPublicKeyForKeyContainer kn - - member s.SignatureSize = - let pkSignatureSize pk = - try Support.signerSignatureSize pk - with e -> - failwith ("A call to StrongNameSignatureSize failed ("+e.Message+")") - 0x80 - match s with - | PublicKeySigner pk -> pkSignatureSize pk - | PublicKeyOptionsSigner pko -> let pk, _ = pko - pkSignatureSize pk - | KeyPair kp -> pkSignatureSize (Support.signerGetPublicKeyForKeyPair kp) - | KeyContainer kn -> pkSignatureSize (Support.signerGetPublicKeyForKeyContainer kn) - - member s.SignFile file = - match s with - | PublicKeySigner _ -> () - | PublicKeyOptionsSigner _ -> () - | KeyPair kp -> Support.signerSignFileWithKeyPair file kp - | KeyContainer kn -> Support.signerSignFileWithKeyContainer file kn - //--------------------------------------------------------------------- // TYPES FOR TABLES //--------------------------------------------------------------------- diff --git a/src/absil/ilwrite.fsi b/src/absil/ilwrite.fsi index 9dba89c9b6c..41ba126e6b2 100644 --- a/src/absil/ilwrite.fsi +++ b/src/absil/ilwrite.fsi @@ -8,14 +8,7 @@ open FSharp.Compiler.AbstractIL open FSharp.Compiler.AbstractIL.Internal open FSharp.Compiler.AbstractIL.IL open FSharp.Compiler.AbstractIL.ILPdbWriter - -[] -type ILStrongNameSigner = - member PublicKey: byte[] - static member OpenPublicKeyOptions: string -> bool -> ILStrongNameSigner - static member OpenPublicKey: byte[] -> ILStrongNameSigner - static member OpenKeyPairFile: string -> ILStrongNameSigner - static member OpenKeyContainer: string -> ILStrongNameSigner +open FSharp.Compiler.AbstractIL.Internal.StrongNameSign type options = { ilg: ILGlobals diff --git a/src/fsharp/FSharp.Compiler.Private/FSharp.Compiler.Private.fsproj b/src/fsharp/FSharp.Compiler.Private/FSharp.Compiler.Private.fsproj index dd4cc85f781..5f27493a8ac 100644 --- a/src/fsharp/FSharp.Compiler.Private/FSharp.Compiler.Private.fsproj +++ b/src/fsharp/FSharp.Compiler.Private/FSharp.Compiler.Private.fsproj @@ -238,7 +238,10 @@ AbsIL\ilmorph.fs - + + AbsIL\ilsign.fsi + + AbsIL\ilsign.fs diff --git a/src/fsharp/FSharp.Compiler.Service/FSharp.Compiler.Service.fsproj b/src/fsharp/FSharp.Compiler.Service/FSharp.Compiler.Service.fsproj index c83d93afc3f..f3d00f102bf 100644 --- a/src/fsharp/FSharp.Compiler.Service/FSharp.Compiler.Service.fsproj +++ b/src/fsharp/FSharp.Compiler.Service/FSharp.Compiler.Service.fsproj @@ -235,7 +235,10 @@ AbsIL\ilmorph.fs - + + AbsIL\ilsign.fsi + + AbsIL\ilsign.fs diff --git a/src/fsharp/fsc.fs b/src/fsharp/fsc.fs index 68e768acbf6..89d9dc4163e 100644 --- a/src/fsharp/fsc.fs +++ b/src/fsharp/fsc.fs @@ -9,7 +9,6 @@ // - Compiling (including optimizing) // - Linking (including ILX-IL transformation) - module internal FSharp.Compiler.Driver open System @@ -26,12 +25,12 @@ open Internal.Utilities.Collections open Internal.Utilities.Filename open Internal.Utilities.StructuredFormat -open FSharp.Compiler -open FSharp.Compiler.AbstractIL -open FSharp.Compiler.AbstractIL.IL -open FSharp.Compiler.AbstractIL.ILBinaryReader +open FSharp.Compiler +open FSharp.Compiler.AbstractIL +open FSharp.Compiler.AbstractIL.IL +open FSharp.Compiler.AbstractIL.ILBinaryReader open FSharp.Compiler.AbstractIL.Internal -open FSharp.Compiler.AbstractIL.Internal.Library +open FSharp.Compiler.AbstractIL.Internal.Library open FSharp.Compiler.AbstractIL.Internal.Utils open FSharp.Compiler.AbstractIL.Diagnostics open FSharp.Compiler.AccessibilityLogic @@ -52,6 +51,8 @@ open FSharp.Compiler.TcGlobals open FSharp.Compiler.TypeChecker open FSharp.Compiler.XmlDoc +open FSharp.Compiler.AbstractIL.Internal.StrongNameSign + #if !NO_EXTENSIONTYPING open FSharp.Compiler.ExtensionTyping #endif @@ -1122,7 +1123,6 @@ module MainModuleBuilder = /// Optional static linking of all DLLs that depend on the F# Library, plus other specified DLLs module StaticLinker = - // Handles TypeForwarding for the generated IL model type TypeForwarding (tcImports: TcImports) = @@ -1675,16 +1675,16 @@ let GetStrongNameSigner signingInfo = // REVIEW: favor the container over the key file - C# appears to do this match container with | Some container -> - Some (ILBinaryWriter.ILStrongNameSigner.OpenKeyContainer container) + Some (ILStrongNameSigner.OpenKeyContainer container) | None -> match signer with | None -> None | Some s -> try if publicsign || delaysign then - Some (ILBinaryWriter.ILStrongNameSigner.OpenPublicKeyOptions s publicsign) + Some (ILStrongNameSigner.OpenPublicKeyOptions s publicsign) else - Some (ILBinaryWriter.ILStrongNameSigner.OpenKeyPairFile s) + Some (ILStrongNameSigner.OpenKeyPairFile s) with _ -> // Note :: don't use errorR here since we really want to fail and not produce a binary error(Error(FSComp.SR.fscKeyFileCouldNotBeOpened s, rangeCmdArgs)) diff --git a/src/fsharp/fsc.fsi b/src/fsharp/fsc.fsi index ae90b34b822..f0cea78323c 100755 --- a/src/fsharp/fsc.fsi +++ b/src/fsharp/fsc.fsi @@ -6,6 +6,7 @@ open FSharp.Compiler.AbstractIL open FSharp.Compiler.AbstractIL.IL open FSharp.Compiler.AbstractIL.ILBinaryReader open FSharp.Compiler.AbstractIL.Internal.Library +open FSharp.Compiler.AbstractIL.Internal.StrongNameSign open FSharp.Compiler.CompileOps open FSharp.Compiler.ErrorLogger open FSharp.Compiler.SyntaxTree @@ -25,7 +26,7 @@ val EncodeInterfaceData: tcConfig:TcConfig * tcGlobals:TcGlobals * exportRemappi val ValidateKeySigningAttributes : tcConfig:TcConfig * tcGlobals:TcGlobals * TopAttribs -> StrongNameSigningInfo -val GetStrongNameSigner : StrongNameSigningInfo -> ILBinaryWriter.ILStrongNameSigner option +val GetStrongNameSigner : StrongNameSigningInfo -> ILStrongNameSigner option /// Process the given set of command line arguments val internal ProcessCommandLineFlags : TcConfigBuilder * setProcessThreadLocals:(TcConfigBuilder -> unit) * lcidFromCodePage : int option * argv:string[] -> string list