WiX:数字签名 BootStrapper 项目 [英] WiX: Digitally Sign BootStrapper project
问题描述
我有一个项目,我已经为其构建了一个 WiX msi 文件.我还有一个 WiX 引导程序(exe 文件),它检查 C++ 2005 的存在,如果找不到则安装它,然后安装 msi 包.我的项目包含 Crystal Reports 作为 msm 文件,它与 msi 一起安装,但需要 C++ 2005 才能正确安装.
I have a project for which I have built a WiX msi file. I also have a WiX bootstrapper (exe file) that checks for the existence of C++ 2005, installs it if not found and then installs the msi package. My project includes Crystal Reports as an msm file which is installed with the msi but requires C++ 2005 to install properly.
在 MSI 项目中,我包含了以下构建后事件以对 msi 文件进行数字签名.
On the MSI project I have included the following post build event to digitally sign the msi file.
sign /f "$(ProjectDir)myPFXFile.pfx" /p mySecretKey/d "My Program" /t http://timestamp.verisign.com/scripts/timstamp.dll /v "MyProgram.msi"
如果我只安装 msi,它会在请求提升的安装权限时正确识别发布者.
If I install just the msi it correctly identifies the Publisher when requesting elevated permission to install.
我尝试将相同的构建后事件添加到引导程序项目中,如下所示:
I have tried adding the same post-build event to the bootstrapper project as follows:
sign /f "$(ProjectDir)myPFXFile.pfx" /p mySecretKey/d "My Program" /t http://timestamp.verisign.com/scripts/timstamp.dll /v "MyProgram Setup.exe"
当我尝试安装 exe 文件时,它会正确识别发布者,但随后安装失败,日志文件中显示以下内容:
When I attempt to install the exe file it correctly identifies the Publisher but then fails to install with the following from the log file:
[1604:2574][2013-12-04T11:49:51]i001: Burn v3.7.1224.0, Windows v6.2 (Build 9200: Service Pack 0), path: C:Users.....MyProgram Setup.exe, cmdline: ''
[1604:2574][2013-12-04T11:49:51]i000: Setting string variable 'WixBundleLog' to value 'C:Users.....MyProgram_20131204114951.log'
[1604:2574][2013-12-04T11:49:51]i000: Setting string variable 'WixBundleOriginalSource' to value 'C:Users.....MyProgram Setup.exe'
[1604:2574][2013-12-04T11:49:51]i000: Setting string variable 'WixBundleName' to value 'MyProgram'
[1604:2574][2013-12-04T11:49:51]i100: Detect begin, 2 packages
[1604:2574][2013-12-04T11:49:51]i000: Setting string variable 'vcredist_x86' to value '1'
[1604:2574][2013-12-04T11:49:51]i000: Setting string variable 'vcredist_x64' to value '1'
[1604:2574][2013-12-04T11:49:51]i052: Condition 'vcredist_x86 AND (vcredist_x86 >= 1)' evaluates to true.
[1604:2574][2013-12-04T11:49:51]i101: Detected package: vcredist_x86, state: Present, cached: None
[1604:2574][2013-12-04T11:49:51]i101: Detected package: MyProgram, state: Absent, cached: None
[1604:2574][2013-12-04T11:49:51]i199: Detect complete, result: 0x0
[1604:2574][2013-12-04T11:49:53]i200: Plan begin, 2 packages, action: Install
[1604:2574][2013-12-04T11:49:53]w321: Skipping dependency registration on package with no dependency providers: vcredist_x86
[1604:2574][2013-12-04T11:49:53]i000: Setting string variable 'WixBundleRollbackLog_MyProgram' to value 'C:Users.....MyProgram_20131204114951_0_MyProgram_rollback.log'
[1604:2574][2013-12-04T11:49:53]i000: Setting string variable 'WixBundleLog_MyProgram' to value 'C:Users.....MyProgram_20131204114951_0_MyProgram.log'
[1604:2574][2013-12-04T11:49:53]i201: Planned package: vcredist_x86, state: Present, default requested: Present, ba requested: Present, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[1604:2574][2013-12-04T11:49:53]i201: Planned package: MyProgram, state: Absent, default requested: Present, ba requested: Present, execute: Install, rollback: Uninstall, cache: Yes, uncache: No, dependency: Register
[1604:2574][2013-12-04T11:49:53]i299: Plan complete, result: 0x0
[1604:2574][2013-12-04T11:49:53]i300: Apply begin
[1FF8:10F8][2013-12-04T11:49:58]i360: Creating a system restore point.
[1FF8:10F8][2013-12-04T11:49:59]i361: Created a system restore point.
[1FF8:10F8][2013-12-04T11:50:00]i000: Caching bundle from: 'C:Users.....{6ab8eece-89c6-4417-905f-6d9c5136519d}.beMyProgram Setup.exe' to: 'C:ProgramDataPackage Cache{6ab8eece-89c6-4417-905f-6d9c5136519d}MyProgram Setup.exe'
[1FF8:10F8][2013-12-04T11:50:00]i320: Registering bundle dependency provider: {6ab8eece-89c6-4417-905f-6d9c5136519d}, version: 2.0.0.0
[1604:2FB4][2013-12-04T11:50:00]i336: Acquiring container: WixAttachedContainer, copy from: C:Users.....MyProgram Setup.exe
[1604:2FB4][2013-12-04T11:50:00]i000: Setting string variable 'WixBundleLastUsedSource' to value 'C:Users.....'
[1604:24F8][2013-12-04T11:50:00]e000: Error 0x80004005: Failed to extract all files from container.
[1604:2FB4][2013-12-04T11:50:00]e000: Error 0x80004005: Failed to wait for operation complete.
[1604:2FB4][2013-12-04T11:50:00]e000: Error 0x80004005: Failed to open container.
[1604:2FB4][2013-12-04T11:50:00]e000: Error 0x80004005: Failed to open container: WixAttachedContainer.
[1604:2FB4][2013-12-04T11:50:00]e312: Failed to extract payloads from container: WixAttachedContainer to working path: C:Users.....{6ab8eece-89c6-4417-905f-6d9c5136519d}C7C1FB4E513C19E0F5E8F6856FF2ACC4D7D143A2, error: 0x80004005.
[1604:2574][2013-12-04T11:50:00]e000: Error 0x80004005: Failed while caching, aborting execution.
[1FF8:10F8][2013-12-04T11:50:00]i330: Removed bundle dependency provider: {6ab8eece-89c6-4417-905f-6d9c5136519d}
[1FF8:10F8][2013-12-04T11:50:00]i352: Removing cached bundle: {6ab8eece-89c6-4417-905f-6d9c5136519d}, from path: C:ProgramDataPackage Cache{6ab8eece-89c6-4417-905f-6d9c5136519d}
[1604:2574][2013-12-04T11:50:00]i399: Apply complete, result: 0x80004005, restart: None, ba requested restart: No
然后我通过将以下内容添加到 .wixproj 文件的末尾找到了另一种对 exe 进行签名的替代方法:
I then found another alternative to signing the exe by adding the following to the end of the .wixproj file:
<Target Name="SignBundleEngine">
<Exec Command=""C:Program Files (x86)Microsoft SDKsWindowsv7.0Ainsigntool.exe" sign /f "$(ProjectDir)sigFile.pfx" /p sigKey /d "My Program" /t http://timestamp.verisign.com/scripts/timstamp.dll "@(SignBundleEngine)"" />
</Target>
<Target Name="SignBundle">
<Exec Command=""C:Program Files (x86)Microsoft SDKsWindowsv7.0Ainsigntool.exe" sign /f "$(ProjectDir)sigFile.pfx" /p sigKey /d "My Program" /t http://timestamp.verisign.com/scripts/timstamp.dll "@(SignBundle)"" />
</Target>
<PropertyGroup>
<PostBuildEvent>"C:Program Files (x86)Microsoft SDKsWindowsv7.1ABinsigntool.exe" sign /f "$(ProjectDir)sigFile.pfx" /p sigKey /d "My Program" /t http://timestamp.verisign.com/scripts/timstamp.dll /v "MyProgram Setup.exe"</PostBuildEvent>
</PropertyGroup>
使用此方法,安装文件会正确执行并安装所有内容,但在请求提升的安装权限时无法识别发布者,它会显示发布者:未知".
Using this method the setup file executes and installs everything correctly but doesn't identify the publisher when requesting elevated permission to install, it says "Publisher: Unknown".
有人知道如何让数字签名在这个引导程序上工作吗?
Anyone know how to get the digital signing to work on this bootstrapper?
这是我的 Bundle.wxs 和 vcredist.wxs 文件:
Here is my Bundle.wxs and vcredist.wxs files:
Bundle.wxs
<?xml version="1.0" encoding="UTF-8"?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi"
xmlns:bal="http://schemas.microsoft.com/wix/BalExtension">
<Bundle Name="My Program"
Version="2.0.0"
Manufacturer="My Company"
UpgradeCode="PUT-GUID-HERE"
HelpUrl="http://www.mycompany.com"
AboutUrl="http://www.mycompany.com"
HelpTelephone="888 888 8888"
IconSourceFile="Resourcesprogram.ico">
<BootstrapperApplicationRef Id="WixStandardBootstrapperApplication.HyperlinkLicense">
<Payload SourceFile="ResourcesBootstrapper Screen.png" />
</BootstrapperApplicationRef>
<WixVariable Id="WixStdbaLicenseUrl" Value=""/>
<WixVariable Id="WixStdbaThemeXml" Value="ResourcesCustomHyperlinkTheme.xml"/>
<WixVariable Id="WixStdbaThemeWxl" Value="ResourcesCustomHyperlinkTheme.wxl"/>
<Chain>
<!-- Define the list of chained packages. -->
<PackageGroupRef Id="vcredist"/>
<MsiPackage Id="MyProgram"
SourceFile="$(var.MyProgramSetup.TargetPath)"
ForcePerMachine="yes" />
</Chain>
</Bundle>
</Wix>
vcredist.wxs
<?xml version="1.0" encoding="UTF-8"?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi"
xmlns:util="http://schemas.microsoft.com/wix/UtilExtension">
<Fragment>
<util:RegistrySearch Root="HKLM" Key="SOFTWAREMicrosoftVisualStudio10.0VCVCRedistx86" Value="Installed" Variable="vcredist_x86" />
<util:RegistrySearch Root="HKLM" Key="SOFTWAREMicrosoftVisualStudio10.0VCVCRedistx64" Value="Installed" Variable="vcredist_x64" />
<PackageGroup Id="vcredist">
<ExePackage Id="vcredist_x86"
Cache="no"
Compressed="yes"
PerMachine="yes"
Permanent="yes"
Vital="yes"
Name="vcredist_x86.exe"
SourceFile="vcredist3.5_x86.exe"
InstallCommand="/q"
DetectCondition="vcredist_x86 AND (vcredist_x86 >= 1)">
</ExePackage>
</PackageGroup>
</Fragment>
</Wix>
推荐答案
<Target Name="UsesFrameworkSdk">
<GetFrameworkSdkPath>
<Output TaskParameter="Path" PropertyName="FrameworkSdkPath" />
</GetFrameworkSdkPath>
<PropertyGroup>
<Win8SDK>$(registry:HKEY_LOCAL_MACHINESOFTWAREMicrosoftMicrosoft SDKsWindowsv8.0@InstallationFolder)</Win8SDK>
</PropertyGroup>
</Target>
<Target Name="UsesSignTool" DependsOnTargets="UsesFrameworkSdk">
<PropertyGroup>
<SignToolPath Condition="('@(SignToolPath)'=='') and Exists('$(FrameworkSdkPath)binsigntool.exe')">$(FrameworkSdkPath)binsigntool.exe</SignToolPath>
<SignToolPath Condition="('@(SignToolPath)'=='') and Exists('$(Win8SDK)inx86signtool.exe')">$(Win8SDK)inx86signtool.exe</SignToolPath>
</PropertyGroup>
</Target>
<Target Name="SignBundleEngine" DependsOnTargets="UsesSignTool">
<Exec Command=""$(SignToolPath)" sign /d "App Setup" /t http://timestamp.digicert.com /a "@(SignBundleEngine)"" />
</Target>
<Target Name="SignBundle" DependsOnTargets="UsesSignTool">
<Exec Command=""$(SignToolPath)" sign /d "App Setup" /t http://timestamp.digicert.com /a "@(SignBundle)"" />
</Target>
这对我很有效.您可以在构建过程中执行此操作,或者您需要使用徽章.
前任:http://wixtoolset.org/documentation/manual/v3/overview/insignia.html
This works well for me. Either you do it during the build, or you need to use insignia.
Ex:
http://wixtoolset.org/documentation/manual/v3/overview/insignia.html
insignia -ib bundle.exe -o engine.exe
... sign engine.exe
insignia -ab engine.exe bundle.exe -o bundle.exe
... sign bundle.exe
这篇关于WiX:数字签名 BootStrapper 项目的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!