Skip to content

Latest commit

 

History

History
66 lines (47 loc) · 2.91 KB

authoring-a-fully-verified-signed-installation-using-automation.md

File metadata and controls

66 lines (47 loc) · 2.91 KB
Raw
description ms.assetid title ms.topic ms.date
The following sample demonstrates how to populate the MsiDigitalCertificate table and MsiDigitalSignature table by using a Visual Basic for Applications (VBA) subroutine.
3a23a721-0672-4eac-bdf2-434282b92590
Authoring a Fully Verified Signed Installation Using Automation
article
05/31/2018

Authoring a Fully Verified Signed Installation Using Automation

The following sample demonstrates how to populate the MsiDigitalCertificate table and MsiDigitalSignature table by using a Visual Basic for Applications (VBA) subroutine. For more information about securing Windows Installer packages see Guidelines for Authoring Secure Installations.

The FileSignatureInfo method returns a SAFEARRAY of bytes. For more information, see the SAFEARRAY Data Type. The data from this array must be converted to Unicode because Visual Basic does not have a way to write bytes straight into a file. The SetStream method can then use the file of converted data to write stream data into a specified record field of a Record object. Note that conversion of the byte data to Unicode can potentially change the data and that the converted data must match the original data for correct signature verification. The package author must ensure that the original and converted data match.

Sub PopulateDigitalSignature()

    Dim Installer As Object
    Dim Database As Object
    Dim x() As Byte
    
    Const szSignedCabinet = "c:\test.cab"
    Const szCertFile = "c:\temp\test.cer"
    Const szDatabase = "c:\test.msi"
        
    Set Installer = CreateObject("WindowsInstaller.Installer")
    
    x = Installer.FileSignatureInfo(szSignedCabinet, 0, msiSignatureInfoCertificate)
    
    Dim fs, ts
    Dim s As String
    Set fs = CreateObject("Scripting.FileSystemObject")
    Set ts = fs.CreateTextFile(szCertFile, True)        'Create a file
    
    s = StrConv(x, vbUnicode)
    ts.Write s
    ts.Close
        
    Set Database = Installer.OpenDatabase(szDatabase, msiOpenDatabaseModeTransact)
    Set ViewCert = Database.OpenView("SELECT * FROM `MsiDigitalCertificate`")
    ViewCert.Execute 0
    Set ViewSig = Database.OpenView("SELECT * FROM `MsiDigitalSignature`")
    ViewSig.Execute 0
    
    Set RecordCert = Installer.CreateRecord(2)
    RecordCert.StringData(1) = "Test"
    RecordCert.SetStream 2, szCertFile
    ViewCert.Modify msiViewModifyInsert, RecordCert
    
    Set RecordSig = Installer.CreateRecord(4)
    RecordSig.StringData(1) = "Media"
    RecordSig.StringData(2) = "1"
    RecordSig.StringData(3) = "Test"
    ViewSig.Modify msiViewModifyInsert, RecordSig
    
    Database.Commit
      fs.DeleteFile(szCertFile)
End Sub