How to Install Win32 Assemblies for Side-by-Side Sharing (e.g. WinSxS)

 
1.    Make a Win32 or MFC DLL with Visual C++. Assume it is named “myfile.dll”.
 
2.    Get a pair of certificate and private key (e.g. “testcert.cer” and “testcert.pvk”). As a requirement for WinSxS, the certificate key must be at least 2048 bits. As a result, we cannot use “makecert” to make it. We can request one from our Certificate Authority. Please choose the proper provider, so that we can specify 2048 bits as the “Key Size”.
 
Store the .cer, .pvk and the .dll file in the same folder.
 
3.    Open a Visual Studio 2005 Command Prompt, so that we can use the SDK utilities directly. Issue the following command to get the publicKeyToken from the .cer certificate:
 
pktextract testCert.cer
 
We will get the publicKeyToken in the output (“bb28decf5785d648”):
 
Microsoft (R) Side-By-Side Public Key Token Extractor 1.1.3.0
Copyright (C) Microsoft Corporation 2000-2002. All Rights Reserved
 
 
Certificate: "CATry-Catch" - 2048 bits long
        publicKeyToken="bb28decf5785d648"
 
Pktextract.exe
 
4.    Use Notepad to create a manifest file (e.g. “myfile.manifest”), with the following content:
 
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
    <assemblyIdentity
        type="win32"
        name="Microsoft.Windows.MySampleAssembly"
        version="1.0.0.0"
        processorArchitecture="x86"        
        publicKeyToken="bb28decf5785d648"/>
    <file name="myfile.dll" hashalg="SHA1/>
</assembly>
 
Note that we need to put the public key token extracted from the previous step into the manifest. The following is the reference to assembly manifest files:
 
Assembly Manifests
 
5.    Issue the following command:
 
mt.exe -manifest myfile.manifest -hashupdate -makecdfs
 
After this, the content of the manifest file (“myfile.manifest”) will contain the hash for the DLL (“myfile.dll”). The -makecdfs option generates a file named “myfile.manifest.cdf” that describes the contents of the security catalog that will be used to validate the manifest.
 
Mt.exe
 
6.    Issue the following command further to build a verification catalog:
 
makecat myfile.manifest.cdf
 
MakeCat
 
7.    Use the “pvkimprt” utility to generate a “.pfx” file with the “.pvk” and “.cer” file:
 
pvkimprt -pfx testcert.cer testCert.pvk
 
The utility can be downloaded from the following site:
 
 
Assume we named the PFX format file as “testcert.pfx”.
 
8.    Use the SignTool to sign the catalog with the certificate:
 
signtool sign /f testcert.pfx /p PasswordForPrivateKey /du http://www.mycompany.com/MySampleAssembly /t http://timestamp.verisign.com/scripts/timstamp.dll myfile.cat
 
Please replace “PasswordForPrivateKey” with the actual password.
 
SignTool
 
At this stage we have the 3 files required for deploying the shared Side-by-Side assembly:
 
myfile.dll
myfile.cat
myfile.manifest
 
Then we can go to the Windows Installer part.
 
1.    Use Visual Studio .Net to create a Setup project. Add the 3 files above into the project and build the project.
 
2.    Use Orca to open the built MSI file for further editing.
 
How to use the Orca database editor to edit Windows Installer files
 
3.    In the “File” table, we should see 3 rows, each’s “FileName” column points to one of the 3 files (e.g. “myfile.dll”, “myfile.cat” and “myfile.manifest”). We edit the rows for “myfile.cat” and “myfile.manifest”, by replacing their “Component_” column with the value from the “Component_” column of the “myfile.dll” row. This effectively assign the 3 files into the same component originally used by “myfile.dll”. Please take a note of the 2 component names (e.g. the original values from the “Component_” column of “myfile.manifest” and “myfile.cat” rows) being replaced.
 
4.    Go to the “Component” table. We should see 3 rows here. Let’s delete the 2 rows whose “Component” columns have the same values we replaced in step 3 (e.g. the original component names for “myfile.manifest” and “myfile.cat”).
 
5.    Go to the “FeatureComponent” table, repeat step 4 and delete the unnecessary component rows for “myfile.manifest” and “myfile.cat” also.
 
6.    Go to the “MsiAssembly” table, add a new row:
 
Component_: <the value taken from the “File” table, “Component” column for “myfile.dll”, “myfile.manifest” or “myfile.cat” (these 3 “Component” columns should contain the same value after step 3)>
Feature_: DefaultFeature(This is the only feature name in Visual Studio 2005/2003 Setup Project. It can also be found from the “Feature” table or “FeatureComponent” table.)
File_Manifest: <the value taken from the “File” table, “File” column for the file “myfile.manifest>
File_Application: <Leave this empty>
Attribute: 1
 
7.    Go to the “MsiAssemblyName” table, add 5 rows, whose “Component_” columns are all the value taken from the “File” table, “Component” column for “myfile.dll”.
 
The “Name” columns and “Value” columns of the 5 rows are taken from the content of the manifest file:
 
Name                                      Value
type                                win32
name                               Microsoft.Windows.MySampleAssembly
version                             1.0.0.0
processorArchitecture         x86
publicKeyToken                  bb28decf5785d648
 
8.    Save the MSI file and exit Orca. (Do not use “Save As” command.
 
The resultant MSI file should be able to install our “myfile.dll” as Side-by-Side shared assembly into the WinSxS folder.
 
Here are some addition references related to the subject:
 
Assembly Signing Example
 
Installing Win32 Assemblies for Side-by-Side Sharing on Windows XP
相关文章
相关标签/搜索