DSA Signature in MSI file

Aug 17, 2011 at 7:45 PM

Hi,

I want to distribute my app as MSI installation, which works, but the signature of the MSI file will show up as invalid.

That is because the public DSA key file is not included into the MSI file - How can i do that ?

Thanks !

Coordinator
Aug 20, 2011 at 12:17 AM
Hi,

currently it is not supported but I have an idea how to do this also for msi encoded in a property. Do you want to open a feature request via codeplex? Would help to not forget it.

Dirk

Sent from my iPad

On 17.08.2011, at 20:45, "gumble"<notifications@codeplex.com> wrote:

From: gumble

Hi,

I want to distribute my app as MSI installation, which works, but the signature of the MSI file will show up as invalid.

That is because the public DSA key file is not included into the MSI file - How can i do that ?

Thanks !

Aug 22, 2011 at 7:17 PM

Hi,

I found a solution:

i added the public key as property in the MSI Setup and then i extract the key from the file with:

        public static string GetMsiProperty(string msiFile, string property)
        {
            string retVal = string.Empty;

            // Create an Installer instance
            Type classType = Type.GetTypeFromProgID("WindowsInstaller.Installer");
            Object installerObj = Activator.CreateInstance(classType);
            Installer installer = installerObj as Installer;

            // Open the msi file for reading
            // 0 - Read, 1 - Read/Write
            Database database = installer.OpenDatabase(msiFile, 0);

            // Fetch the requested property
            string sql = String.Format(
               "SELECT Value FROM Property WHERE Property='{0}'", property);
            WindowsInstaller.View view = database.OpenView(sql);
            view.Execute(null);

            // Read in the fetched record
            Record record = view.Fetch();
            if (record != null)
                retVal = record.get_StringData(1);

            return retVal;
        }

u need to add the msi.dll (Microsoft Windows Installer COM Object) as Reference.

I've already tested it and it works fine for me. - if you need help including this into your code you can contact me.

Thanks!

Coordinator
Aug 27, 2011 at 11:41 AM
Hi,

sorry for this late response I was on a business trip. I'm a little bit confused today :-) why do you want to store the public key in your MSI package? Normally you will store a DSA signature in your AppCast and the publich key in the app where netsparkle sits on? After that NetSparkle finds the public key and tries to build a signature with your installer binary and compares this with the signature in the AppCast. The key should not be delivered with the update binary because then everybody would be able to update your application?

Did you understand something wrong?

Thanks
Dirk


2011/8/22 gumble <notifications@codeplex.com>

From: gumble

Hi,

I found a solution:

i added the public key as property in the MSI Setup and then i extract the key from the file with:

public static string GetMsiProperty(string msiFile, string property)
{
string retVal = string.Empty;

// Create an Installer instance
Type classType = Type.GetTypeFromProgID("WindowsInstaller.Installer");
Object installerObj = Activator.CreateInstance(classType);
Installer installer = installerObj as Installer;

// Open the msi file for reading
// 0 - Read, 1 - Read/Write
Database database = installer.OpenDatabase(msiFile, 0);

// Fetch the requested property
string sql = String.Format(
"SELECT Value FROM Property WHERE Property='{0}'", property);
WindowsInstaller.View view = database.OpenView(sql);
view.Execute(null);

// Read in the fetched record
Record record = view.Fetch();
if (record != null)
retVal = record.get_StringData(1);

return retVal;
}

u need to add the msi.dll (Microsoft Windows Installer COM Object) as Reference.

I've already tested it and it works fine for me. - if you need help including this into your code you can contact me.

Thanks!

Read the full discussion online.

To add a post to this discussion, reply to this email (netsparkle@discussions.codeplex.com)

To start a new discussion for this project, email netsparkle@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe or change your settings on codePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at codeplex.com


Aug 28, 2011 at 11:22 AM

Hi,

Thank you - You're right - I was thinking the PUB Key is extracted from the downloaded file. I didn't put the Pub key in the root path - now everything works fine without my workaround.

Thanks!

Coordinator
Aug 28, 2011 at 11:51 AM
Hi,

cool. So just a note: With the latest changes in NetSparkle it is no more necessary to store the pub key in the root path :-)

Cheers
Dirk


2011/8/28 gumble <notifications@codeplex.com>

From: gumble

Hi,

Thank you - You're right - I was thinking the PUB Key is extracted from the downloaded file. I didn't put the Pub key in the root path - now everything works fine without my workaround.

Thanks!

Read the full discussion online.

To add a post to this discussion, reply to this email (netsparkle@discussions.codeplex.com)

To start a new discussion for this project, email netsparkle@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe or change your settings on codePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at codeplex.com