Update signing for coreclr repo

Make sign.builds consistent with corefx and only add strongname
signatures for managed assemblies and not native assemblies

Author: weshaggard

src/ToolBox/SOS/NETCore/SOS.NETCore.csproj

@@ -12,7 +12,7 @@
     <NoStdLib>true</NoStdLib>
     <NoCompilerStandardLib>true</NoCompilerStandardLib>
     <IsDotNetFrameworkProductAssembly>true</IsDotNetFrameworkProductAssembly>
-    <UseOpenKey Condition="'$(UseOpenKey)'==''">true</UseOpenKey>
+    <AssemblyKey>Open</AssemblyKey>
     <ExcludeMscorlibFacade>true</ExcludeMscorlibFacade>
     <ContainsPackageReferences>true</ContainsPackageReferences>
 
@@ -71,7 +71,7 @@
       UseHardlinksIfPossible="false">
     </Copy>
 
-    <Copy 
+    <Copy
       SourceFiles="$(OutputPath)$(AssemblyName).pdb"
       DestinationFolder="$(BinDir)\PDB"
       SkipUnchangedFiles="false"

src/mscorlib/System.Private.CoreLib.csproj

@@ -729,7 +729,8 @@
   <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildThisFileDirectory), dir.targets))\dir.targets" />
   <PropertyGroup>
     <!-- Overwrite the key that we are going to use for signing -->
-    <AssemblyOriginatorKeyFile>$(MSBuildThisFileDirectory)Tools\Signing\mscorlib.snk</AssemblyOriginatorKeyFile>
+    <AssemblyOriginatorKeyFile>$(ToolsDir)SilverlightPlatformPublicKey.snk</AssemblyOriginatorKeyFile>
+    <StrongNameSig>Silverlight</StrongNameSig>
     <!-- Use a different nativeresource file to avoid conflicts with mscorlib-->
     <Win32Resource Condition="'$(GenerateNativeVersionInfo)'=='true'">$(IntermediateOutputPath)\System.Private.CoreLib.res</Win32Resource>
   </PropertyGroup>

src/mscorlib/Tools/Signing/mscorlib.snk

@@ -1,59 +1,50 @@
 <?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="12.0" DefaultTargets="SignFiles" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-
-  <!-- must set the default before importing targets -->
-  <PropertyGroup>
-    <SignType Condition="'$(SignType)' == ''">test</SignType>
-    <StrongNameSig>Silverlight</StrongNameSig>
-  </PropertyGroup>
+<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 
   <Import Project="..\dir.props"/>
   <Import Project="..\dir.targets" />
 
-  <!-- OutDir is used by the MicroBuild signing target -->
   <PropertyGroup>
+    <!-- The SignFiles target needs OutDir to be defined -->
     <OutDir>$(BinDir)</OutDir>
   </PropertyGroup>
 
   <UsingTask AssemblyFile="$(BuildToolsTaskDir)Microsoft.DotNet.Build.Tasks.dll" TaskName="ReadSigningRequired" />
 
-  <!-- apply the default signing certificates (defined in sign.targets) -->
-  <ItemDefinitionGroup>
-    <FilesToSign>
-      <Authenticode>$(AuthenticodeSig)</Authenticode>
-      <StrongName>$(StrongNameSig)</StrongName>
-    </FilesToSign>
-  </ItemDefinitionGroup>
-
-  <!-- gather the list of binaries to sign with the default certificates -->
   <ItemGroup>
-    <FilesToSign Include="$(BinDir)*.dll" Exclude="$(BinDir)*.ni.dll" />
-    <FilesToSign Include="$(BinDir)*.exe" />
+    <WindowsNativeLocation Include="$(BinDir)*.dll" />
+    <WindowsNativeLocation Include="$(BinDir)*.exe" />
   </ItemGroup>
 
-  <!--
-    for some reason the signing task incorrectly attemps to strong-name sign
-    native images which causes the signing step to fail for obvious reasons.
-  -->
-  <ItemGroup>
-    <FilesToSign Include="$(BinDir)*.ni.dll">
-      <StrongName>None</StrongName>
-    </FilesToSign>
-  </ItemGroup>
+  <Target Name="GenerateSignForWindowsNative">
+    <!--
+      Managed assemblies should already have a requires_signing file dropped so only generate
+      a requires_signing file for ones that don't exist which should leave just native assembies
+    -->
+    <WriteSigningRequired AuthenticodeSig="$(AuthenticodeSig)"
+                          MarkerFile="%(WindowsNativeLocation.Identity).requires_signing"
+                          Condition="!Exists('%(WindowsNativeLocation.Identity).requires_signing')" />
+  </Target>
 
   <!-- populates item group FilesToSign with the list of files to sign -->
-  <Target Name="GetFilesToSignItems" BeforeTargets="SignFiles">
+  <Target Name="GetFilesToSignItems"
+          DependsOnTargets="GenerateSignForWindowsNative">
     <!-- read all of the marker files and populate the FilesToSign item group -->
     <ItemGroup>
       <SignMarkerFile Include="$(OutDir)**\*.requires_signing" />
     </ItemGroup>
     <ReadSigningRequired MarkerFiles="@(SignMarkerFile)">
       <Output TaskParameter="SigningMetadata" ItemName="FilesToSign" />
     </ReadSigningRequired>
+
+    <Message Importance="High" Text="Attempting to sign %(FilesToSign.Identity) with authenticode='%(FilesToSign.Authenticode)' and strongname='%(FilesToSign.StrongName)'" />
+
   </Target>
 
-  <!-- now that signing is done clean up any marker files -->
-  <Target Name="CleanUpMarkerFiles" AfterTargets="SignFiles">
+  <Target Name="Build"
+          Condition="'$(SkipSigning)' != 'true' and '$(SignType)' != 'oss'"
+          DependsOnTargets="GetFilesToSignItems;SignFiles">
+
     <!-- now that the files have been signed delete the marker files -->
     <Delete Files="@(SignMarkerFile)" />
   </Target>