digital-signaturesignvsixvisual-studio-package

Signing the contents of a Visual Studio Package (and the VSIX itself)


I have a Visual Studio package project which, when compiled creates me a DLL and that DLL is placed inside a .VSIX file (which I then double-click to install).

I wish to sign the DLL and also ensure that the VSIX is signed.

I have looked at Signing VSIX Packages, but this is not terribly helpful (or I am being dumb, which is quite possible!)

I have also looked at Creating a Package with a Digital Signature Sample which seems to involve creating a package via code, from scratch and signing all of the contents. I was (perhaps naively) expecting to be able to sign via the MsBuild process that builds and creates the package.

Much appreciated if someone could tell me the appropriate hooks for MSBuild to allow me to call my signing target to sign the DLL before it added to the VSIX, and also how to sign the VSIX itself?


Solution

  • So, in the end, I created a custom task that uses the code in the examples above (and from this blog article) to take the VSIX and sign it.

    Finally, I call the target like so:

      <Target Name="VsixSign" AfterTargets="CreateVsixContainer">
        <ItemGroup>
          <TargetDll Include="$(OutputPath)\$(TargetFileName)" />
        </ItemGroup>
        <SignServiceTarget
          FileName="@(TargetDll->'%(RootDir)%(Directory)%(Filename).vsix')" 
          Description="$(ProjectName)" />
      </Target>
    

    Note that I call this target after the Visual Studio Package "CreateVsixContainer" target, so that I hook the build at the right place.