Manifest and CodeSigning howto?

[Seltsamuel]

Hi,

at the moment im trying to understand and use some advanced features of PellesC but i cant find any proper documentation for it.

I managed to use integrated Manifests and they seem to work as intended, but i could not find a complete documentation about whats all possible to do inside a manifest. I can do userlevel elevation that works (runasadmin) but i cannot find how to implement the other settings of the "Compatibility Tab" like run in compatibility to WInXP or deactivate desktop styling .. .. has anyone a source for this?

Another thing is how does CodeSigning work? Is there a feature to make sure the Integrity of the executable isnt touched?  (corrupt download or even better malicious codechanges by hacker or Virus?) are somewhere examples or documentation how to do it step by step? I cant be the only one in need of this ^^.

Any Help is welcome and appreciated.


Greetings

Seltsamuel

[czerny]

Hallo,

I too have more questions than answers to this topic.

I would like to discuss this a little more, to understand it.

Here are my two cents, which may be completly wrong!

The first sort of manifest was the XP manifest which enables XP-style with the common controls.

Code: [Select]

<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity
name="MySoft.exe"
processorArchitecture="*"
version="2.0.0.0"
type="win32"/>
<description>My Soft</description>
<dependency>
<dependentAssembly>
<assemblyIdentity
type="win32"
name="Microsoft.Windows.Common-Controls"
version="6.0.0.0"
processorArchitecture="X86"
publicKeyToken="6595b64144ccf1df"
language="*"
/>
</dependentAssembly>
</dependency>
</assembly>
Here I do not understand the publicKeyToken. May be this is a sort of certification key?

'processorArchitecture' kann also be explicite set to "X86" per example.
And    'type' kann also be "*". What consequences?

The next comes with vista I thinck:

Code: [Select]

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity
name="MySoft.exe"
processorArchitecture="*"
version="2.0.0.0"
type="win32"/>
  <description>My Soft</description>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
   <security>
     <requestedPrivileges>
      <requestedExecutionLevel level="asInvoker" uiAccess="false" />
     </requestedPrivileges>
   </security>
  </trustInfo>
  <dependency>
   <dependentAssembly>
     <assemblyIdentity
type="win32"
name="Microsoft.Windows.Common-Controls"
version="6.0.0.0"
publicKeyToken="6595b64144ccf1df"
language="*"
processorArchitecture="*"/>
   </dependentAssembly>
  </dependency>
</assembly>

New is the <trustInfo> passage, which asks for minimum (?) rights.

One can also set this to

Code: [Select]

<requestedExecutionLevel level="requireAdministrator" uiAccess="false"/>

The next that I have seen is:

Code: [Select]

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity
   name="MySoft.exe"
   processorArchitecture="*"
   version="2.0.0.0"
   type="win32"
 />
  <description>My Soft</description>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity
       type="win32"
       name="Microsoft.Windows.Common-Controls"
       version="6.0.0.0"
       processorArchitecture="*"
       publicKeyToken="6595b64144ccf1df"
       language="*"
     />
    </dependentAssembly>
  </dependency>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false" />
      </requestedPrivileges>
    </security>
  </trustInfo>
  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
    <application>
      <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}" />
      <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}" />
      <supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}" />
    </application>
  </compatibility>
  <asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">
    <asmv3:windowsSettings
        xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
      <dpiAware>true</dpiAware>
    </asmv3:windowsSettings>
  </asmv3:application>
</assembly>

It seems that the schema version for the rights have increased (v2 --> v3). Consequences?
There is also a passage <asmv3> which I do not understand at all.

At last there is a passage which discribes for what windows versions the software is written.

I don't know, if there is a supportedOS Id for XP and older. The above used are for vista, win7 and win8 in this order. Here it is also unknown to me if this section is needed, to write XP-above software. What are the consequences to include or exclude this.

czerny

[CommonTater]

The documentation for Windows Manifests is  here  and, yes, it's poorly documented.
 
A couple of things I can answer...
1) the PublicKeyToken in DependentAssembly is the public token of the windows common controls DLL.  Thus it should always be... publicKeyToken="6595b64144ccf1df"

2) ProcessorArchitecture has to match the code... for 64bit code use "amd64" for 32 bit code use "x86."
 
3) The execution level setting is about the Vista/Win7 User Account Control --that stupid nagging "do you want to allow this" window people absolutely hated in Vista.  Basically it sets the level at which your program will operate within the system... known values are "AsInvoker" (same as user), "HighestAvailable" (as Admin if availble, AsInvoker if not), "RequireAdministrator" (pops up a window saying "you need permission...")... The most common level is "AsInvoker".  If this is not present, the Vista UAC will ask if you wish to allow the program, *every time* it is run.
 
4) The compatibility settings are about running the software in a "compatibility environment"... for example running older software in an environment that resembles Windos XP... the OS ID tokens identify the various operating system versions and should be copied exactly.  Generally this section is not needed unless you are updating some seriously old code.
 
5) the DPIAware setting is either True or False... Starting with Windows 7 you can use CTRL+MouseWheel to zoom some applications text larger and smaller, you can also set the Dots Per Inch of the display and windows will resize automatically... The DPIAware setting enables mouse wheel zooming.
 
 
Code signing is documented  here  and once again it's rather sketchy. 
 
My understanding of this is rather poor, so please forgive any errors...  The basic concept is that you acquire a certificate from a third party that is accessible online when your program runs... the hashed checksum of the code on your system is compared with that stored in the database, if they don't match you will get a certificate error and the code will not run. This is not a free thing, certificate agencies (VeriSign for example) charge thousands of dollars to issue an application certificate.  Currently code signing is optional but under the new AppStore paradigm it may become necessary to have digital certificates before you can list with the AppStore.   (And YES... I do happen to think this is a very stupid way of doing things that stifles creativity and pretty much puts the average Shareware or Freeware developer out of business.)
 
Hope this helps...
I'm attaching the manifests I commonly use in my projects...
 

[czerny]

1) the PublicKeyToken in DependentAssembly is the public token of the windows common controls DLL.  Thus it should always be... publicKeyToken="6595b64144ccf1df"

The question here is: Are there other dlls/applications with a 'publicKeyToken'. Is it possible and/or usefull to create such a token for own dlls/applications.

2) ProcessorArchitecture has to match the code... for 64bit code use "amd64" for 32 bit code use "x86."

Why not a "*"?

4) The compatibility settings are about running the software in a "compatibility environment"... for example running older software ...

This would make sence if there were OS ID's for say win2k. So that vista can switch to a win2k compatibility mode. But I have never seen OS ID's older than vistas.

czerny

[Stefan Pendl]

3) The execution level setting is about the Vista/Win7 User Account Control --that stupid nagging "do you want to allow this" window people absolutely hated in Vista.  Basically it sets the level at which your program will operate within the system... known values are "AsInvoker" (same as user), "HighestAvailable" (as Admin if availble, AsInvoker if not), "RequireAdministrator" (pops up a window saying "you need permission...")... The most common level is "AsInvoker".  If this is not present, the Vista UAC will ask if you wish to allow the program, *every time* it is run.

Not only but also, since if this part of the manifest is missing, Vista and above will enable file system virtualization for this application.
The UAC manifest is mandatory now to avoid problems due to file system virtualization, which doesn't seem to work well in some cases.

[CommonTater]

1) the PublicKeyToken in DependentAssembly is the public token of the windows common controls DLL.  Thus it should always be... publicKeyToken="6595b64144ccf1df"

The question here is: Are there other dlls/applications with a 'publicKeyToken'. Is it possible and/or usefull to create such a token for own dlls/applications.

There probably are, but in this case I'd say not to worry about it.  All this does is enable the "Look and Feel" of Visual Styles and it remains optional...  Take that section out and suddenly your apps look just like Win2k.

2) ProcessorArchitecture has to match the code... for 64bit code use "amd64" for 32 bit code use "x86."

Why not a "*"?

If it works... use it.  I've never tried that, but will.
 

4) The compatibility settings are about running the software in a "compatibility environment"... for example running older software ...

This would make sence if there were OS ID's for say win2k. So that vista can switch to a win2k compatibility mode. But I have never seen OS ID's older than vistas.

It is a new thing... part of the growing unnecessary complexity Microsoft is throwing at us. 
I imagine they just started with Vista...
 
 
For the record...
 
Win2000 had it right.  It was small, fast, easy to code for and rock stable.  In my opinion what we are seeing with all this SideBySide, Manifests, Managed Code, Code Signing, etc. is beyond unnecessary and likely the public result of nothing better than intramural competition inside Microsoft.
 
I read an article on "programmer fatigue" where they described the giant "turn off" of all this sudden complexity with it's burst of new --and mostly unnecessary-- protocals.  I am forced to agree that for a single person to keep up has become impossible and for a fact I am getting very tired of it. Windows 7 is a royal pain to program for and Windows 8 is only going to make it worse with it's totally new tiled UI that actually requires dozens of programs to be running all the time. 
 
If there was an update for Win2k that gave me SATA drives, High Quality audio and HD Video (because I work mainly in Home Theatre systems) I would be backdating myself and all my friend's HTPC systems to Win2k, as we speak...  I am tempted to bounce back to XP on a near daily basis and, even the giant disaster that is Linux is starting to look good...
 
Just sign me "frustrated in cyberland".
 
 

[CommonTater]

3) The execution level setting is about the Vista/Win7 User Account Control --that stupid nagging "do you want to allow this" window people absolutely hated in Vista.  Basically it sets the level at which your program will operate within the system... known values are "AsInvoker" (same as user), "HighestAvailable" (as Admin if availble, AsInvoker if not), "RequireAdministrator" (pops up a window saying "you need permission...")... The most common level is "AsInvoker".  If this is not present, the Vista UAC will ask if you wish to allow the program, *every time* it is run.

Not only but also, since if this part of the manifest is missing, Vista and above will enable file system virtualization for this application.
The UAC manifest is mandatory now to avoid problems due to file system virtualization, which doesn't seem to work well in some cases.

Agreed... Wanna see a Win7 app screw up *totally* ... leave out the UAC section of the manifest and then watch it try to find it's registry settings or run-time data...

[aardvajk]

4) The compatibility settings are about running the software in a "compatibility environment"... for example running older software in an environment that resembles Windos XP... the OS ID tokens identify the various operating system versions and should be copied exactly.  Generally this section is not needed unless you are updating some seriously old code.

You have that bit backwards. You always want to include them unless your code relies on the old behaviour of the functions it affects (found here). And you know that list is only going to get longer.

5) the DPIAware setting is either True or False... Starting with Windows 7 you can use CTRL+MouseWheel to zoom some applications text larger and smaller, you can also set the Dots Per Inch of the display and windows will resize automatically... The DPIAware setting enables mouse wheel zooming.

It disables DPI Virtualization

Code signing is documented  here  and once again it's rather sketchy. 
 

This is not a free thing, certificate agencies (VeriSign for example) charge thousands of dollars to issue an application certificate.

Its 129 US Dollars for a GlobalSign cert, whatever that translates to in the local currency. You can sign your own stuff with your own certificates but that requires end users to install your certificate.

Currently code signing is optional

It's required for 64-bit drivers

under the new AppStore paradigm it may become necessary to have digital certificates before you can list with the AppStore.

Not that it vindicates it, but every other mobile provider app store requires code signing, so why wouldn't Microsoft? Its just for Metro apps at the minute anyway. Though with UEFI and TPM coming to prominence who knows for how long that'll be

The question here is: Are there other dlls/applications with a 'publicKeyToken'.

You could probably specify every assembly that has a manifest under \Windows\WinSxS\manifests. The common ones you'll see are the common controls, GdiPlus, and Visual Studio's CRT/MFC/OpenMP files.

[CommonTater]

@aardvajk ... Thank you. 

As I said, what I know about this is a bit sketchy. That was a big help.
 
About supplying my own code signing certificate... I was unaware of this... how does it work?
 
For example:  Can I install the certificate along with the application?
 

 




 

[czerny]

Win2000 had it right.  It was small, fast, easy to code for and rock stable.  In my opinion what we are seeing with all this SideBySide, Manifests, Managed Code, Code Signing, etc. is beyond unnecessary and likely the public result of nothing better than intramural competition inside Microsoft.
 
I read an article on "programmer fatigue" where they described the giant "turn off" of all this sudden complexity with it's burst of new --and mostly unnecessary-- protocals.  I am forced to agree that for a single person to keep up has become impossible and for a fact I am getting very tired of it. Windows 7 is a royal pain to program for and Windows 8 is only going to make it worse with it's totally new tiled UI that actually requires dozens of programs to be running all the time.
 
If there was an update for Win2k that gave me SATA drives, High Quality audio and HD Video (because I work mainly in Home Theatre systems) I would be backdating myself and all my friend's HTPC systems to Win2k, as we speak...  I am tempted to bounce back to XP on a near daily basis and, even the giant disaster that is Linux is starting to look good...

The free software community was a problem for this MS strategy, but most of them are catched with MS's Express IDE. They are so happy to have this, that they do not see the pitfalls.

MS can easyly support or exclude older unwanted OSes. Scite, for example, in his newer versions are compiled with MS and I can not start it. I get the error message 'is not a valid win32 application'. I have to compile it myself with mingw and all is ok.

How to catch a free software community? Give them a pink, giant, free IDE.

It's frustrating!

czerny

[Stefan Pendl]

Scite, for example, in his newer versions are compiled with MS and I can not start it. I get the error message 'is not a valid win32 application'. I have to compile it myself with mingw and all is ok.

I get the same problem when using WDK7.1 to compile a project I am involved.
We needed to support large Vista icons, so we just copied the resource compiler over to the Server 2003 SP1 DDK.

The open source community is growing, but there are huge stones in the way.