使用sha256算法为DigestMethod修改c# Manifest
本文关键字:修改 Manifest DigestMethod sha256 算法 使用 | 更新日期: 2023-09-27 17:50:23
我需要更新。net 4.5.1应用程序清单,确保DigestMethod保持为sha256哈希。
原因如下:我最初使用ClickOnce将WPF应用程序部署到开发环境,然后用脚本配置、签名并将应用程序复制到特定的生产环境。我有一个现有的脚本,这样做,但从。net 4.0升级到。net 4.5.1后,脚本不再工作。我认为这是由于在这些。net版本中,默认的清单哈希算法从sha1更改为sha256。
脚本的相关部分非常小:
using Microsoft.Build.Tasks.Deployment.ManifestUtilities;
// This comes from Microsoft.Build.Tasks.v12.0.dll
public class Program
{
public static void Main(string[] args)
{
// set up...
DeployManifest manifest= ManifestReader.ReadManifest(manifestPath, true) as DeployManifest;
// I perform some updates to the manifest...
ManifestWriter.WriteManifest(manifest);
}
}
}
即使我只是简单地读取清单并再次写出来,不做任何更新,DigestMethod算法从sha256更改为sha1,如下面的清单文件所示:
原始清单:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly xsi:schemaLocation="urn:schemas-microsoft-com:asm.v1 assembly.adaptive.xsd" manifestVersion="1.0" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns="urn:schemas-microsoft-com:asm.v2" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xrml="urn:mpeg:mpeg21:2003:01-REL-R-NS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:co.v1="urn:schemas-microsoft-com:clickonce.v1" xmlns:co.v2="urn:schemas-microsoft-com:clickonce.v2">
<assemblyIdentity name="program.application" version="1.9.9.10" publicKeyToken="0000000000000000" language="neutral" processorArchitecture="amd64" xmlns="urn:schemas-microsoft-com:asm.v1" />
<description asmv2:publisher="me" asmv2:product="program (dev)" xmlns="urn:schemas-microsoft-com:asm.v1" />
<deployment install="true" mapFileExtensions="true" />
<compatibleFrameworks xmlns="urn:schemas-microsoft-com:clickonce.v2">
<framework targetVersion="4.5.1" profile="Full" supportedRuntime="4.0.30319" />
</compatibleFrameworks>
<dependency>
<dependentAssembly dependencyType="install" codebase="Application Files'program_1_9_9_10'program.exe.manifest" size="44259">
<assemblyIdentity name="program.exe" version="1.9.9.10" publicKeyToken="0000000000000000" language="neutral" processorArchitecture="amd64" type="win32" />
<hash>
<dsig:Transforms>
<dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha256" />
<dsig:DigestValue>0R79PRqWqhrE60GSHC/rE2WczQ4jqxCKBGr4lsjS4ZE=</dsig:DigestValue>
</hash>
</dependentAssembly>
</dependency>
</asmv1:assembly>
重写清单:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly xsi:schemaLocation="urn:schemas-microsoft-com:asm.v1 assembly.adaptive.xsd" manifestVersion="1.0" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns="urn:schemas-microsoft-com:asm.v2" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xrml="urn:mpeg:mpeg21:2003:01-REL-R-NS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:co.v1="urn:schemas-microsoft-com:clickonce.v1" xmlns:co.v2="urn:schemas-microsoft-com:clickonce.v2">
<assemblyIdentity name="program.application" version="1.9.9.10" publicKeyToken="0000000000000000" language="neutral" processorArchitecture="amd64" xmlns="urn:schemas-microsoft-com:asm.v1" />
<description asmv2:publisher="me" asmv2:product="program (dev)" xmlns="urn:schemas-microsoft-com:asm.v1" />
<deployment install="true" mapFileExtensions="true" />
<dependency>
<dependentAssembly dependencyType="install" codebase="Application Files'program_1_9_9_10'program.exe.manifest" size="44259">
<assemblyIdentity name="program.exe" version="1.9.9.10" publicKeyToken="0000000000000000" language="neutral" processorArchitecture="amd64" type="win32" />
<hash>
<dsig:Transforms>
<dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsig:DigestValue>0R79PRqWqhrE60GSHC/rE2WczQ4jqxCKBGr4lsjS4ZE=</dsig:DigestValue>
</hash>
</dependentAssembly>
</dependency>
<compatibleFrameworks xmlns="urn:schemas-microsoft-com:clickonce.v2">
<framework targetVersion="4.5.1" profile="Full" supportedRuntime="4.0.30319" />
</compatibleFrameworks>
</asmv1:assembly>
注意两者之间的区别是designg:DigestMethod元素中的sha256到sha1的变化。奇怪的是,DigestValue没有改变。当我尝试运行部署的应用程序时,这最终会导致一个错误,"xxxx具有与清单中指定的不同的计算散列。"
我在这里展示了部署清单,但是我看到同样的效果也发生在应用程序清单上。
我想如果我能用sha256哈希写出清单,它将解决我的问题。有人知道怎么做吗?如有任何建议,不胜感激。
我能够通过使用Mage.exe而不是manifest . utilities获得正确的哈希值。
Mage.exe有-Algorithm标志来选择散列算法:
// -Algorithm <sha256RSA|sha1RSA> -a
// Specifies the algorithm to generate digests.
// Example:
// -Algorithm sha1RSA
我用来更新。net 4.5 ClickOnce清单(包括签名)的整个过程是:
// Update the application manifest
// (I first had to strip the .deploy extensions from all the files referenced in the manifest for the mage tool to work)
mage -Update <applicationManifest> -Algorithm sha256RSA -CertFile <certificate > -Password <password>
// Then I replaced the .deploy extensions
// Update the deployment manifest (I didn't need to replace any .deploy extensions for this)
mage -Update <deploymentManifest> -AppManifest <applicationManifest>
-Algorithm sha256RSA -CertFile <certificate> -Password <password>
我使用这种方法从c#运行mage.exe,在我的项目文件夹中包含mage.exe,并将"复制到输出目录"设置为"始终复制"。
private static void RunMage(string arguments)
{
var startInfo = new ProcessStartInfo
{
FileName = "mage.exe",
Arguments = arguments,
UseShellExecute = false,
RedirectStandardOutput = true,
};
using (Process mage = Process.Start(startInfo))
{
while (!mage.StandardOutput.EndOfStream)
{
Console.Out.WriteLine(mage.StandardOutput.ReadLine());
}
mage.WaitForExit();
}
}
这个链接可以帮助你弄清楚如何使用mage: http://www.nullskull.com/a/1540/update-configuration-of-a-clickonce-wpf-application-using-mage-or-mageui.aspx
我遇到了同样的问题,并通过使用允许您指定目标框架版本的重载来解决它:
ManifestWriter.WriteManifest(manifest, manifestPath, "4.5.1");