VSTO Signing an assembly, not deployment

Question

Hello!

I have an excel-template which is published via click-once to an UNC-share. I signed the click-once-deployment with a root-certificate from our domain. This certificate appears in the computer's information store (trusted publishers). The UNC-Share is listed as a trusted location in the trust center.

When an user creates a new excel-sheet based on this excel-template the code is executed as expected, because the sheet is opened from a trusted location.

When the user saves the excel-sheet in the file-system (network drives assigned with drive-letters) and re-opens the excel-sheet, the code is not executed (not trusted location). When the sheet is saved on the local drive, the code is executed (trusted location).

I know that I have to sign not only the doployment, but also the assembly. The GUI of Visual Studio offers the possibility to sign the assembly with a .pfx or .snk-certificate only, but I have a sha1RSA-certificate. So I tried to sign the assemblies with signtool, but this did not work because the hash in the .vsto-manifests gets changed.

How can I sign the assembly to get my code running when the workbook is opened from such a non-trusted-location?

Thank you

Chris

Answer 1

Hi,

Based on your issue , please refer to this thread I think would be helpful.

http://social.msdn.microsoft.com/forums/en-us/vsto/thread/A42BB2E8-9E9C-494E-A5CA-7CD10475231B

Answer 2

Hello Milan_x!

Thank you for providing the thread.

As mentioned in this thread I tried to add <Assembly: AssemblyKeyName("NameOfCertificate")> to the AssemblyInfo.vb file, but then I get an error (use command line option /keycontainer or appropriate project settings...).

As I take it:

1) I have to sign the assembly

2) sign the click-once-deployment

So I tried to build the assembly with vbc.exe, where I can provide some parameters like /keycontainer

But: How can I build the assembly with vbc.exe, then sign it and finally deploy with click-once-deployment?

Thanks for your patience.

Chris

Answer 3

Hello Chris
Your news about using vbc.exe says you may need to upgrade to a more recent version of Visual Studio. With Visual Studio 2010 you get Visual Studio Tools for Office out of the box. It provides a project template for generating an Excel Template, and the tools for deploying as a ClickOnce.

VS2010 installs .NET Framework 4.5 so you should be aware of the following content:
Framework 4.0 Requires ClickOnce Manifest Signing
https://vkbexternal.partners.extranet.microsoft.com/vkbweb/ViewContent.aspx?portalId=1&filePath=file%3A%2F%2Ftk5pqovkblfsfs.partners.extranet.microsoft.com%2Fkbcatalog%2Fkb%2Fen-us%2F2651%2F504.xml&contentType=KB&displayTermHighlighting=true&promoteToEnglish=true&displayXMLForm=false&searchTerms=%3CSearchTerms%3E%3CTerm+Text%3D%22%26quot%3Bclickonce%26quot%3B%22+%2F%3E%3C%2FSearchTerms%3E&displayActions=true&webPreview=true&source=4096&componentId=2&sequence=54&sessionId=212664803831

Regarding the message you get “(use command line option /keycontainer or appropriate project settings...). please refer to the content in following Forum thread
Signing an assembly with a key container
http://social.msdn.microsoft.com/Forums/en-US/csharpide/thread/a032e5d0-20f1-43cb-a528-40d5aaef9a71/

---

Please remember to mark the replies as answer if they help and unmark them if they provide no help. and click "Vote as Helpful" this and other helpful posts, so other users will see your thread as useful. Best Regards, Chris Jensen

Answer 4

Hello!

I am using VS2010...

I have no trouble in signing the ClickOnce-Deployment (the .vsto-file gets signed) and the deployment is working.

Thanks for the first link, but I can't open it (username and password required).

I tried to sign the assembly itself as suggested in the second link (adding the  <Assembly: AssemblyKeyName("NameOfCertificate")> to the AssemblyInfo.vb file), but I get a compiling error ("Error creating assembly manifest: the keycontainername NameOfCertificate is not available"). When I check "sign the assembly" and use a .pfx file and have the <Assembly: AssemblyKeyName("NameOfCertificate")> in the AssemblyInfo.vb file, I get promped for the certificate's PIN (stored on an Aladdin eToken) and the build succeeds - it seems that VS2010 accesses the correct certificate from the keycontainername.

Creating a new workbook, saving it in the file system and reopening it produces the same error as I mentioned in my first posting.

Any ideas?

Answer 5

Hello Chris,

The message in the blocked article shouldn't have been blocked since its confidentiality level is Public. Here is the content

Framework 4.0 Requires ClickOnce Manifest Signing

View products that this article applies to.

Article   ID	:	2651504
First   Published:	:	12/2/2011
Last   Revised:	:	12/19/2011
Revision	:	1.0
Modification   Type	:	Major
Language   Locale	:	en-us
Article   Status	:	Published   Externally
Confidentiality	:	Public

Related Content

No Related Content was found for the requested resource.

SYMPTOMS

In the past, it has been possible for Visual Studio-developed applications that are deployed using the ClickOnce technology to avoid some of the prompting to accept installation from unknown publishers. It is beyond the scope of this article to identify those steps, particularly since this was not an intended behavior.

Once Framework 4.0 or greater is has been installed, even those applications which have been developed and target Framework versions less than 4.0 will no longer skip those user dialogs.

CAUSE

This change in behavior is an increase in security. It is expected behavior for computers that have Framework 4.0 or greater installed. It is not affected by the targeted version of the Framework for which the application was developed. It is not affected by having lower versions of the Framework installed along with Framework 4.0.

RESOLUTION

The recommended resolution is to honor the certificates and signing of the manifests, providing the appropriate certificates in the target machine’s certificate store.

A non-recommended alternative is to restrict the target machines to exclude the installation of Framework 4.0 or greater. This might limit the deployment to exclude future Window versions.

MORE INFORMATION

•	Signing and re-signing manifests in ClickOnce (Saurabh Bhatia)
•	Caspol.exe (Code Access Security Policy Tool) for   Framework 4.0.
•	Security Changes in the .NET Framework 4
•	ClickOnce Manifest Signing and Strong-Name Assembly Signing Using   Visual Studio Project Designer's Signing Page
•	Signing ClickOnce   Manifests see Starting in Visual Studio 2008 SP1, signing the ClickOnce   manifests and hashing files is optional.
•	Configuring ClickOnce   Trusted Publishers
•	How to: Configure the ClickOnce Trust Prompt

---

Please remember to mark the replies as answer if they help and unmark them if they provide no help. and click "Vote as Helpful" this and other helpful posts, so other users will see your thread as useful. Best Regards, Chris Jensen

Answer 6

Hello cjatms!

I have no problems with the ClickOnce-deployment, I signed the deployment and the user is not prompted when installing the solution on his machine. The solution gets installed and works as expected.

The problem is the signing of the assembly itself:

Creating a new Excel workbook basing on my solution works perfect (all code is executed without any restrictions because it gets opened from a trusted location). But reopening this workbook after saving it in the filesystem (=not trusted location) causes an error - in this case the workbook's code should be executed without limitations because it is signed by a trusted publisher.

Chris

Answer 7

Hi Chris,

You have a template (.xlst file) that contains code that you deploy with ClickOnce.  The end-user installs it using the appropriate deployment and application manifests. The end-user then instantiates Excel and opens the template. Based on the template he edits the workbook and saves it as a workbook, not a template (i.e. a .xlsx file, not a .xlst file). Does any part of this modify the application manifest, and if so, how?

The application manifest describes the application itself. This includes the assemblies, the dependencies and files that make up the application, the required permissions, and the location where updates will be available.

Please consider reviewing the following content:

What's New in Deployment - Microsoft Corporation: Software ...
http://msdn.microsoft.com/en-us/library/5h2db54x.aspx

---

Please remember to mark the replies as answer if they help and unmark them if they provide no help. and click "Vote as Helpful" this and other helpful posts, so other users will see your thread as useful. Best Regards, Chris Jensen

Answer 8

Hi cjatms!

The end-user acts exactly in this way - he saves the file as a workbook (.xlsx). The applicaiton manifest stays the same and doesnt get changed.

When you open the structure behind the .xlsx-file you even see the correct assembly-location (under docProps\custom.xml).

As I take it: the saved workbook seems to link to the correct assembly, but this assembly cannot be opened because it is not signed in the right way.

So I think the only possiblity should be to sign the assembly as I mentioned in my postings before