Include crypto hash of PDB content in the PE debug directory as a new record

[tmat]

Background

The PE file (.dll, .exe) currently stores a GUID and a 4B timestamp, which comprise PDB ID, in the debug directory that uniquely identify the content of the Portable PDB. PDB ID is calculated using SHA1 hash in deterministic builds and as random time-based bits in non-deterministic build.

PDB ID allows the debugger to find the right PDB for given PE file. PDB ID is however not good enough for security purposes, when we need to detect whether the PDB content was tempered with. To allow such check we need to use stronger hash. The hash algorithm also needs to be configurable so that it can be upgraded to even stronger one in future.

Proposal

When emitting Portable PDB the compiler uses a given crypto algorithm (SHA-256 by default) to calculate hash of the PDB content. It stores the algorithm id and the full hash to a new debug directory entry. In deterministic build it uses 20B of the hash to calculate PDB ID.

Spec:
https://github.com/dotnet/corefx/blob/master/src/System.Reflection.Metadata/specs/PE-COFF.md#portable-pdb-checksum

TODO:

• Portable PDB
• Windows PDB

We also need to add an off-switch for Windows PDBs since some tools do not recognize the new PDB Checksum debug directory entry and report an error.

[tmat]

Moving to 15.8 as the API we need from DiaSymReader is not available yet.

[gonchik]

It will be helpful to put into our corporate symbol server some pdb file from opensource products