“文件的计算哈希值与清单中指定的不同"签署EXE时出错

quot;File has a different computed hash than specified in manifestquot; error when signing the EXE(“文件的计算哈希值与清单中指定的不同签署EXE时出错)
本文介绍了“文件的计算哈希值与清单中指定的不同"签署EXE时出错的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我的 ClickOnce 安装失败并出现错误:

My ClickOnce installation fails with an error:

文件 WindowsFormsProject.exe 的计算哈希值与清单中指定的不同.

File, WindowsFormsProject.exe, has a different computed hash than specified in manifest.

我使用 MSBuild 生成 ClickOnce 部署包.构建脚本中的相关行:

I use MSBuild to generate ClickOnce deployment package. The relevant line from the build script:

<MSBuild Targets="Publish"
         Projects="WindowsFormsProject.csproj"
         ContinueOnError="false" />

WindowsFormsProject.csproj 有一个 Post-Build 步骤对可执行文件进行签名,如下所示:

The WindowsFormsProject.csproj has a Post-Build step that signs the executable, as follows:

signtool sign /a $(ProjectDir)obj$(PlatformName)$(ConfigurationName)$(TargetFileName)

问题是,当我查看构建日志时,我看到清单是在 Post-Build 事件执行之前生成的.所以哈希码不匹配也就不足为奇了.构建日志中的相关行:

The trouble is, when I look at the build log I see that the manifest is generated BEFORE the Post-Build event executes. So it's not surprising that hash codes don't match. The relevant lines from the build log:

_CopyManifestFiles:

_CopyManifestFiles:

WindowsFormsProject -> ...WindowsFormsProject.application

WindowsFormsProject -> ...WindowsFormsProject.application

...

PostBuildEvent:

PostBuildEvent:

签名成功:...WindowsFormsProject.exe

Successfully signed: ...WindowsFormsProject.exe

所以,问题是:

  1. 有没有办法在 <MSBuild> 期间生成清单之前对程序集进行签名?任务?
  2. 有没有办法在构建完成后重新生成清单(仅清单),以便哈希码再次匹配?

或者,如果您能想出不同的解决方案,我将不胜感激.

Or, if you can think of a different solution to the problem, I'd appreciate your ideas.

推荐答案

如果您使用的是 MSBuild 4,您可以使用 AfterTargets 属性在程序集刚刚创建之后和任何进一步的步骤之前对其进行签名被采取.删除您的构建后步骤并将此块添加到您的项目中:

If you are using MSBuild 4, you can use AfterTargets property to sign assembly just after it was created and before any further steps will be taken. Remove your post-build step and add this block to your project instead:

<Target Name="SignOutput" AfterTargets ="CoreCompile">
  <PropertyGroup>
    <TimestampServerUrl>http://timestamp.verisign.com/scripts/timstamp.dll</TimestampServerUrl>
  <ApplicationDescription>Foo bar</ApplicationDescription>
  <SigningCertificateCriteria>/sha1 578a9486f10ed1118f2b5f428afb842e3f374793</SigningCertificateCriteria>
  </PropertyGroup>
  <ItemGroup>
    <SignableFiles Include="$(ProjectDir)obj$(PlatformName)$(ConfigurationName)$(TargetName)$(TargetExt)" />
  </ItemGroup>
  <GetFrameworkSdkPath>
          <Output
              TaskParameter="Path"
              PropertyName="SdkPath" />
  </GetFrameworkSdkPath>
    <Exec Command="&quot;$(SdkPath)binsigntool&quot; sign $(SigningCertificateCriteria) /d &quot;$(ApplicationDescription)&quot; /t &quot;$(TimestampServerUrl)&quot; &quot;%(SignableFiles.Identity)&quot;" />
</Target>

这篇关于“文件的计算哈希值与清单中指定的不同"签署EXE时出错的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

相关文档推荐

MSBuild cannot find a reference(MSBuild 找不到参考)
The reference assemblies for framework .NETCore, Version=v5.0 were not found(未找到框架 .NETCore,Version=v5.0 的参考程序集)
Good-practices: How to reuse .csproj and .sln files to create your MSBuild script for CI?(良好实践:如何重用 .csproj 和 .sln 文件来为 CI 创建 MSBuild 脚本?)
Run an MSBuild target only if project is actually built(仅在实际构建项目时运行 MSBuild 目标)
MS-Build BeforeBuild not firing(MS-Build BeforeBuild 未触发)
Using C# 7.1 with MSBuild(将 C# 7.1 与 MSBuild 结合使用)