Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
588 views
in Technique[技术] by (71.8m points)

c# - "File has a different computed hash than specified in manifest" error when signing the EXE

My ClickOnce installation fails with an error:

File, WindowsFormsProject.exe, has a different computed hash than specified in manifest.

I use MSBuild to generate ClickOnce deployment package. The relevant line from the build script:

<MSBuild Targets="Publish"
         Projects="WindowsFormsProject.csproj"
         ContinueOnError="false" />

The WindowsFormsProject.csproj has a Post-Build step that signs the executable, as follows:

signtool sign /a $(ProjectDir)obj$(PlatformName)$(ConfigurationName)$(TargetFileName)

The trouble is, when I look at the build log I see that the manifest is generated BEFORE the Post-Build event executes. So it's not surprising that hash codes don't match. The relevant lines from the build log:

_CopyManifestFiles:

WindowsFormsProject -> ...WindowsFormsProject.application

...

PostBuildEvent:

Successfully signed: ...WindowsFormsProject.exe

So, the questions are:

  1. Is there a way to sign the assembly BEFORE the manifest is generated during the <MSBuild> task?
  2. Is there a way to re-generate the manifest (and manifest only) after the build is complete so that hash codes match again?

Or, if you can think of a different solution to the problem, I'd appreciate your ideas.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

If you are using MSBuild 4, you can use AfterTargets property to sign assembly just after it was created and before any further steps will be taken. Remove your post-build step and add this block to your project instead:

<Target Name="SignOutput" AfterTargets ="CoreCompile">
  <PropertyGroup>
    <TimestampServerUrl>http://timestamp.verisign.com/scripts/timstamp.dll</TimestampServerUrl>
  <ApplicationDescription>Foo bar</ApplicationDescription>
  <SigningCertificateCriteria>/sha1 578a9486f10ed1118f2b5f428afb842e3f374793</SigningCertificateCriteria>
  </PropertyGroup>
  <ItemGroup>
    <SignableFiles Include="$(ProjectDir)obj$(PlatformName)$(ConfigurationName)$(TargetName)$(TargetExt)" />
  </ItemGroup>
  <GetFrameworkSdkPath>
          <Output
              TaskParameter="Path"
              PropertyName="SdkPath" />
  </GetFrameworkSdkPath>
    <Exec Command="&quot;$(SdkPath)binsigntool&quot; sign $(SigningCertificateCriteria) /d &quot;$(ApplicationDescription)&quot; /t &quot;$(TimestampServerUrl)&quot; &quot;%(SignableFiles.Identity)&quot;" />
</Target>

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...