Hello,
do somebody know how to compute the hash-value of the Attribute "hash" of Element ManifestInforma tion in a CLICKONCE deployment manifest. In Microsoft Documentation is mentioned this value have to be computed without Signature element, but not which Hash function to use (except CryptoBinary) and even not if the XML document should be exclusive canonized before..so it is hard to figure out that value! Maybe someone is more experienced with this problem. Thanks in advance!
Here an extraction of a general deployment manifest file in ClickOnce:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assemb ly xsi:schemaLocat ion="urn:schema s-microsoft-com:asm.v1 assembly.adapti ve.xsd" manifestVersion ="1.0" xmlns:asmv3="ur n:schemas-microsoft-com:asm.v3" xmlns:dsig="htt p://www.w3.org/2000/09/xmldsig#" xmlns:co.v1="ur n:schemas-microsoft-com:clickonce.v 1" xmlns:co.v2="ur n:schemas-microsoft-com:clickonce.v 2" xmlns="urn:sche mas-microsoft-com:asm.v2" xmlns:asmv1="ur n:schemas-microsoft-com:asm.v1" xmlns:asmv2="ur n:schemas-microsoft-com:asm.v2" xmlns:xrml="urn :mpeg:mpeg21:20 03:01-REL-R-NS" xmlns:xsi="http ://www.w3.org/2001/XMLSchema-instance">
<assemblyIdenti ty name="HelloWorl d.application" version="1.0.0. 0" publicKeyToken= "12345" language="neutr al" processorArchit ecture="x86" xmlns="urn:sche mas-microsoft-com:asm.v1" />
<description asmv2:publisher ="Microsoft" asmv2:product=" HelloWorld" xmlns="urn:sche mas-microsoft-com:asm.v1" />
<deployment/>
<dependency>
<dependentAssem bly dependencyType= "install" codebase="anywh ere.manifest" size="9999">
<assemblyIdenti ty name="HelloWorl d.exe" version="1.0.0. 0" publicKeyToken= "12345" language="neutr al" processorArchit ecture="x86" type="win32" />
<hash>
...
</hash>
</dependentAssemb ly>
</dependency>
<publisherIdent ity name="publisher name" issuerKeyHash=" 123456789" />
<Signature
Id="StrongNameS ignature" xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
...
</SignedInfo>
<SignatureValue >
...
</SignatureValue>
<KeyInfo Id="StrongNameK eyInfo">
<KeyValue>
...
</KeyValue>
<msrel:RelDat a
xmlns:msrel="ht tp://schemas.microso ft.com/windows/rel/2005/reldata">
<r:license xmlns:r="urn:mp eg:mpeg21:2003: 01-REL-R-NS"
xmlns:as="http://schemas.microso ft.com/windows/pki/2005/Authenticode">
<r:grant>
<as:ManifestInf ormation Hash="HASHVALUE TO COMPUTE"
Description="" Url="">
<as:assemblyIde ntity name="HelloWorl d.application"
version="1.0.0. 0" publicKeyToken= "12345" language="neutr al"
processorArchit ecture="x86" xmlns="urn:sche mas-microsoft-com:asm.v1" />
</as:ManifestInfo rmation>
<as:SignedBy />
<as:Authenticod ePublisher>
<as:X509Subject Name>publishern ame</as:X509SubjectN ame>
</as:Authenticode Publisher>
</r:grant>
<r:issuer>
<Signature Id="Authenticod eSignature" xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
...
</SignedInfo>
<SignatureValue >
...
</SignatureValue>
<KeyInfo>
...
<KeyValue>
<RSAKeyValue>
</RSAKeyValue>
</KeyValue>
<X509Data>
...
</X509Data>
</KeyInfo>
</Signature>
</r:issuer>
</r:license>
</msrel:RelData>
</KeyInfo>
</Signature>
do somebody know how to compute the hash-value of the Attribute "hash" of Element ManifestInforma tion in a CLICKONCE deployment manifest. In Microsoft Documentation is mentioned this value have to be computed without Signature element, but not which Hash function to use (except CryptoBinary) and even not if the XML document should be exclusive canonized before..so it is hard to figure out that value! Maybe someone is more experienced with this problem. Thanks in advance!
Here an extraction of a general deployment manifest file in ClickOnce:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assemb ly xsi:schemaLocat ion="urn:schema s-microsoft-com:asm.v1 assembly.adapti ve.xsd" manifestVersion ="1.0" xmlns:asmv3="ur n:schemas-microsoft-com:asm.v3" xmlns:dsig="htt p://www.w3.org/2000/09/xmldsig#" xmlns:co.v1="ur n:schemas-microsoft-com:clickonce.v 1" xmlns:co.v2="ur n:schemas-microsoft-com:clickonce.v 2" xmlns="urn:sche mas-microsoft-com:asm.v2" xmlns:asmv1="ur n:schemas-microsoft-com:asm.v1" xmlns:asmv2="ur n:schemas-microsoft-com:asm.v2" xmlns:xrml="urn :mpeg:mpeg21:20 03:01-REL-R-NS" xmlns:xsi="http ://www.w3.org/2001/XMLSchema-instance">
<assemblyIdenti ty name="HelloWorl d.application" version="1.0.0. 0" publicKeyToken= "12345" language="neutr al" processorArchit ecture="x86" xmlns="urn:sche mas-microsoft-com:asm.v1" />
<description asmv2:publisher ="Microsoft" asmv2:product=" HelloWorld" xmlns="urn:sche mas-microsoft-com:asm.v1" />
<deployment/>
<dependency>
<dependentAssem bly dependencyType= "install" codebase="anywh ere.manifest" size="9999">
<assemblyIdenti ty name="HelloWorl d.exe" version="1.0.0. 0" publicKeyToken= "12345" language="neutr al" processorArchit ecture="x86" type="win32" />
<hash>
...
</hash>
</dependentAssemb ly>
</dependency>
<publisherIdent ity name="publisher name" issuerKeyHash=" 123456789" />
<Signature
Id="StrongNameS ignature" xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
...
</SignedInfo>
<SignatureValue >
...
</SignatureValue>
<KeyInfo Id="StrongNameK eyInfo">
<KeyValue>
...
</KeyValue>
<msrel:RelDat a
xmlns:msrel="ht tp://schemas.microso ft.com/windows/rel/2005/reldata">
<r:license xmlns:r="urn:mp eg:mpeg21:2003: 01-REL-R-NS"
xmlns:as="http://schemas.microso ft.com/windows/pki/2005/Authenticode">
<r:grant>
<as:ManifestInf ormation Hash="HASHVALUE TO COMPUTE"
Description="" Url="">
<as:assemblyIde ntity name="HelloWorl d.application"
version="1.0.0. 0" publicKeyToken= "12345" language="neutr al"
processorArchit ecture="x86" xmlns="urn:sche mas-microsoft-com:asm.v1" />
</as:ManifestInfo rmation>
<as:SignedBy />
<as:Authenticod ePublisher>
<as:X509Subject Name>publishern ame</as:X509SubjectN ame>
</as:Authenticode Publisher>
</r:grant>
<r:issuer>
<Signature Id="Authenticod eSignature" xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
...
</SignedInfo>
<SignatureValue >
...
</SignatureValue>
<KeyInfo>
...
<KeyValue>
<RSAKeyValue>
</RSAKeyValue>
</KeyValue>
<X509Data>
...
</X509Data>
</KeyInfo>
</Signature>
</r:issuer>
</r:license>
</msrel:RelData>
</KeyInfo>
</Signature>