[Sample of Apr 22nd] Create and sign a cabinet file
 |  | |
 |  | |
Sample Downloads:
C# version: https://code.msdn.microsoft.com/CSCreateCabinet-117f3934
VB version: https://code.msdn.microsoft.com/VBCreateCabinet-effd39ef
Today’s code sample demonstrates creating and signing a cabinet file. The cabinet format provides a way to efficiently package multiple files. Creating and signing a cabinet is very useful to deploy IE ActiveX control or other products. To create a cabinet package, we can use the SDK supplied by WiX Toolset, then use signtool.exe to sign the cabinet package.
The sample was written by our star developer: Ruiz Yi.
You can find more code samples that demonstrate the most typical programming scenarios by using Microsoft All-In-One Code Framework Sample Browser or Sample Browser Visual Studio extension. They give you the flexibility to search samples, download samples on demand, manage the downloaded samples in a centralized place, and automatically be notified about sample updates. If it is the first time that you hear about Microsoft All-In-One Code Framework, please watch the introduction video on Microsoft Showcase, or read the introduction on our homepage https://1code.codeplex.com/.
Introduction
The cabinet format provides a way to efficiently package multiple files. Creating and signing a cabinet is very useful to deploy IE ActiveX control or other products.
To create a cabinet package, we can use the SDK supplied by WiX Toolset, then use signtool.exe to sign the cabinet package.
Running the Sample
After you successfully build the sample project in Visual Studio 2010, you will get the application CSCreateCabinet.exe. Run the application and you will see following Console Window.
Pack a folder
Suppose D:\temp\a is an existing folder with files and sub folders, type following command and you will get a cabinet package d:\temp\a.cab.
Unpack a cabinet
Type following command and the cabinet will be extracted to d:\temp\a2.
Sign a cabinet
To sign a cabinet, we need a Personal Information Exchange (PFX) file. This project supplies Test.pfx, its password is 123456, you can also create your own PFX file.
Type following command.
Verify the signature
If the PFX file is trusted, type following command and you will see:
Otherwise, you will see
To trust a certificate, double click the PFX file, and add it in to Trusted Root Certification Authorities Store using Certificate Import Wizard.
Using the Code
How to create a cabinet and extract files from a cabinet?
/// <summary>
/// Pack a folder to the cabinet.
/// </summary>
static void RunPackMethod(string cabFilePath, string sourceFolder)
{
try
{
SignableCabinetPackage pkg = SignableCabinetPackage.LoadOrCreateCab(cabFilePath);
pkg.Pack(
sourceFolder,
true,
Microsoft.Deployment.Compression.CompressionLevel.Normal,
ProcessHandle);
Console.WriteLine("Packing cabinet succeeded.");
}
catch (Exception ex)
{
Console.WriteLine("Packing cabinet failed.");
Console.WriteLine(ex.Message);
}
}
/// <summary>
/// Unpack files from a cabinet.
/// </summary>
static void RunUnpackMethod(string cabFilePath, string destinationFolder)
{
try
{
SignableCabinetPackage pkg = SignableCabinetPackage.LoadCab(cabFilePath);
pkg.Unpack(destinationFolder, ProcessHandle);
Console.WriteLine("Unpacking cabinet succeeded.");
}
catch (Exception ex)
{
Console.WriteLine("Unpacking cabinet failed.");
Console.WriteLine(ex.Message);
}
}
The SignableCabinetPackage class inherits from the CabInfo class in Microsoft.Deployment.Compression.Cab.dll. For more information about how to create and extract a cabinet, see https://wix.codeplex.com/releases/view/60102.
How to sign a cabinet?
To sign a cabinet, we can use the signtool.exe in the Windows SDK. The sample also includes this tool in the _External_Dependencies.
public void Sign(string pfxFilePath, string password)
{
ProcessStartInfo signtool = new ProcessStartInfo
{
Arguments = string.Format("sign /f {0} /p {1} {2}",
pfxFilePath, password, this.FullPath),
FileName = "signtool.exe",
CreateNoWindow = true,
RedirectStandardOutput = true,
UseShellExecute = false
};
Process signtoolProc = Process.Start(signtool);
signtoolProc.WaitForExit();
if (signtoolProc.ExitCode != 0)
{
throw new ApplicationException(signtoolProc.StandardOutput.ReadToEnd());
}
}
How to verify the signature of a cabinet file?
The WinVerifyTrust API can be used to verify the signature of a cabinet file.
[DllImport("wintrust.dll", SetLastError = true, CharSet = CharSet.Auto)]
public static extern int WinVerifyTrust(
[In] IntPtr hwnd,
[In] [MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID,
[In] WINTRUST_DATA pWVTData
);
public void Verify()
{
using (NativeMethods.WINTRUST_DATA wtd = new NativeMethods.WINTRUST_DATA(this.FullPath))
{
Guid guidAction = new Guid(NativeMethods.WINTRUST_ACTION_GENERIC_VERIFY_V2);
int result = NativeMethods.WinVerifyTrust(
NativeMethods.INVALID_HANDLE_VALUE,
guidAction,
wtd);
if (result != 0)
{
var exception = Marshal.GetExceptionForHR(result);
throw exception;
}
}
}