Re-enable strong-naming

EasyPost/EasyPost.csproj

@@ -45,8 +45,10 @@
     <SignAssembly>false</SignAssembly>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)' == 'Release' ">
-    <SignAssembly>false</SignAssembly>
-    <!-- We manually sign the DLLs later -->
+    <!-- Strong-name the assembly, required for .NET Framework compatibility -->
+    <SignAssembly>true</SignAssembly>
+    <DelaySign>true</DelaySign>
+    <AssemblyOriginatorKeyFile>..\EasyPost.pub</AssemblyOriginatorKeyFile>
   </PropertyGroup>
   <PropertyGroup>
     <GenerateAssemblyInfo>false</GenerateAssemblyInfo>
@@ -61,9 +63,9 @@
   </ItemGroup>
   <ItemGroup>
     <None Include="..\README.md">
+      <Link>README.md</Link>
       <Pack>true</Pack>
       <PackagePath>/</PackagePath>
-      <Link>README.md</Link>
     </None>
   </ItemGroup>
 

scripts/build_release_nuget.bat

@@ -25,13 +25,16 @@ CALL "scripts\install_cert.bat" %certFile% %certPass% %containerName% || GOTO :c
 :: Restore dependencies and build solution
 CALL "scripts\build_project.bat" %buildMode% || GOTO :commandFailed
 
-:: Sign the DLLs
-CALL "scripts\sign_dlls.bat" %certFile% %certPass% %containerName% || GOTO :commandFailed
+:: Strong-name the DLLs
+CALL "scripts\strong_name_dlls.bat" %containerName% || GOTO :commandFailed
+
+:: Sign the DLLs for authenticity
+CALL "scripts\sign_dlls.bat" %certFile% %certPass% || GOTO :commandFailed
 
 :: Package the DLLs in a NuGet package (will fail if DLLs are missing)
 CALL "scripts\pack_nuget.bat" %projectName% || GOTO :commandFailed
 
-:: Sign the NuGet package
+:: Sign the NuGet package for authenticity
 CALL "scripts\sign_nuget.bat" %certFile% %certPass% || GOTO :commandFailed
 SET nugetFileName=
 FOR /R %%F IN (*.nupkg) DO (

scripts/sign_dlls.bat

@@ -1,24 +1,19 @@
-:: This script will find and sign any DLLs with a provided PFX certificate
+:: This script will find and sign any DLLs with a provided PFX certificate for authenticity
 
 :: Requirements:
 :: - dotnet is installed on the machine and is accessible everywhere (added to PATH) (might be in C:\Program Files\dotnet)
-:: - sn.exe is installed on the machine and is accessible everywhere (added to PATH)
 :: - signtool is installed on the machine and is accessible everywhere (added to PATH) (might be in C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64)
 
 @ECHO OFF
 
 :: Parse command line arguments
 SET certFile=%1
 SET certPass=%2
-SET containerName=%3
 
-:: Sign all DLLs found in the lib folder
+:: Sign all DLLs found in the lib folder with our certificate to guarantee authenticity
 @ECHO:
-@ECHO Signing DLLs with certificate...
+@ECHO Authenticating DLLs with %certFile%...
 FOR /R "lib" %%F IN (*.dll) DO (
-    REM We need to run the DLLs through both sn.exe and signtool to get complete the signing process
-    REM sn erroneously triggers command failed if we put a fallback on this
-    sn -Rca "%%F" %containerName%
     signtool sign /f %certFile% /p %certPass% /v /tr http://timestamp.digicert.com?alg=sha256 /td SHA256 /fd SHA256 "%%F" || GOTO :commandFailed
 )
 

scripts/sign_nuget.bat

@@ -1,4 +1,4 @@
-:: This script will find and sign any NuGet packages with a provided PFX certificate
+:: This script will find and sign any NuGet packages with a provided PFX certificate for authenticity
 
 :: Requirements:
 :: - NuGet is installed on the machine and is accessible everywhere (added to PATH)
@@ -9,9 +9,9 @@
 SET certFile=%1
 SET certPass=%2
 
-:: Sign all NuGet packages found
+:: Sign all NuGet packages found with our certificate to guarantee authenticity
 @ECHO:
-@ECHO Signing NuGet package with %certFile%...
+@ECHO Authenticating NuGet package with %certFile%...
 :: Should only be one .nupkg file at this point, since we deleted the old ones
 FOR /R %%F IN (*.nupkg) DO (
     nuget sign "%%F" -Timestamper http://timestamp.digicert.com -CertificatePath "%certFile%" -CertificatePassword "%certPass%" || GOTO :commandFailed

scripts/strong_name_dlls.bat

@@ -0,0 +1,28 @@
+:: This script will find and finish strong-naming any DLLs with a provided PFX certificate
+
+:: Requirements:
+:: - dotnet is installed on the machine and is accessible everywhere (added to PATH) (might be in C:\Program Files\dotnet)
+:: - sn.exe is installed on the machine and is accessible everywhere (added to PATH)
+
+@ECHO OFF
+
+:: Parse command line arguments
+SET containerName=%1
+
+:: Strong-name all DLLs found in the lib folder
+@ECHO:
+@ECHO Strong-naming (finishing delayed signing) DLLs with %certFile%...
+FOR /R "lib" %%F IN (*.dll) DO (
+    REM sn erroneously triggers command failed if we put a fallback on this
+    sn -Rca "%%F" %containerName%
+)
+
+EXIT /B 0
+
+:commandFailed
+@ECHO Command failed.
+GOTO :exitWithError
+
+:exitWithError
+@ECHO Exiting...
+EXIT /B 1