windows - What is the structure of AppxSignature.p7x? -


universal windows apps in .appx file, zip of bunch of files , metadata. of metadata files extensively documented on microsoft website , trivial parse and/or regenerate. appxsignature.p7x remains mystery.

from diagram (source): enter image description here

appxsignature.p7x should have hashes of appxblockmap.xml, content & directory hashes, , signature. cannot find documentation of appxsignature.p7x file itself. ideally use alternative tool produce , verify signature, e.g. openssl/gnutls or similar. practical use update , repackage apps on linux, , prepare .appxupload file windows store.

as described in blog post link to, appxblockmap.xml file stores cryptographic block hashes every file in package. file verified , secured digital signature when package signed using authenticode.

so, on windows, have 2 tools:

  • makeappx.exe creates package (.zip format) , blockmap file at same time. important, what's in block map corresponds closely .zip file bits, can't zipping tool step, must program zip/app package creation using zip api.
  • signtool.exe adds signature package using "standard" authenticode.

with windows api can same makeappx using packaging api , can same signtool using the signersign function.

the whole makeappx process not documented imho, blockmap schema in fact described here: package block map schema reference relatively easy understand.

the authenticode signature pe document documented here: windows authenticode portable executable signature format

but it's pe (.dll, .exe, etc.) files (note it's possible sign .cab files), , don't think how signersign builds appxsignature.p7x documented. however, there open source tool here here: https://github.com/facebook/fb-util-for-appx. notice file https://github.com/facebook/fb-util-for-appx/blob/master/privateheaders/appx/sign.h declares should used input signing. have no idea got information.


Comments

Popular posts from this blog

magento2 - Magento 2 admin grid add filter to collection -

Android volley - avoid multiple requests of the same kind to the server? -

Combining PHP Registration and Login into one class with multiple functions in one PHP file -