locked
Application manifest differences RRS feed

  • Question

  • I am deploying an update to a software build for a client today but had ventured to look and see if the Manifest for the existing update is the same as what I am deploying. They are not and now I am not sure if the clients that use this software will get their updates or all this will fail. Can you help me to determine what I need to do to deploy this update?

     

    Existing manifest on client's server

    <?xml version="1.0" encoding="utf-8"?>
    <asmv1:assembly xsi:schemaLocation="urn:schemas-microsoft-com:asm.v1 assembly.adaptive.xsd" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:co.v1="urn:schemas-microsoft-com:clickonce.v1" xmlns:co.v2="urn:schemas-microsoft-com:clickonce.v2" xmlns="urn:schemas-microsoft-com:asm.v2" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xrml="urn:mpeg:mpeg21:2003:01-REL-R-NS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
     <assemblyIdentity name="RealSign.application" version="1.11.0.4" publicKeyToken="098f6ec5092c3f65" language="neutral" processorArchitecture="x86" xmlns="urn:schemas-microsoft-com:asm.v1" />
     <description asmv2:publisher="RealSign Technologies Inc." co.v1:suiteName="RealSign" asmv2:product="RealSign" asmv2:supportUrl="http://www.realsign.com/" co.v1:errorReportUrl="http://www.realsign.com/" xmlns="urn:schemas-microsoft-com:asm.v1" />
     <deployment install="true" mapFileExtensions="true" trustURLParameters="true" co.v1:createDesktopShortcut="true">
      <subscription>
       <update>
        <expiration maximumAge="50" unit="weeks" />
       </update>
      </subscription>
      <deploymentProvider codebase="http://www.realsign.com/updates/RealSign.application" />
     </deployment>
     <compatibleFrameworks xmlns="urn:schemas-microsoft-com:clickonce.v2">
      <framework targetVersion="4.0" profile="Full" supportedRuntime="4.0.30319" />
     </compatibleFrameworks>
     <dependency>
      <dependentAssembly dependencyType="install" codebase="Application Files\RealSign_1_11_0_4\RealSign.exe.manifest" size="11083">
       <assemblyIdentity name="RealSign.exe" version="1.11.0.4" publicKeyToken="098f6ec5092c3f65" language="neutral" processorArchitecture="x86" type="win32" />
       <hash>
        <dsig:Transforms>
         <dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" />
        </dsig:Transforms>
        <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <dsig:DigestValue>B9rZCTPVHSIVNHOcLB5QDEGwQcU=</dsig:DigestValue>
       </hash>
      </dependentAssembly>
     </dependency>
    <publisherIdentity name="CN=RealSign Technologies Inc." issuerKeyHash="1d394e8e3ab5e9f1fb9921b3431543e288810066" /><Signature Id="StrongNameSignature" xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>pG8ft0xnWS7zSk2KMGnAYBYz0UE=</DigestValue></Reference></SignedInfo><SignatureValue>lcQhhKD5IQXXXC9CFPyKu2f1Z8Kc1XDL8Z3+VM3q0BDTe/+AZqJqUMuCdyk+DcXTn8EXznH0QlZJRxfd5sfMS3PEezU0zcPR2lvUot2eFpIJknJoBgqt9+DzalGzsMyYTy1xt3d785zRdnvaI3PPtHfsnlILu94eGE9XUbhseaY=</SignatureValue><KeyInfo Id="StrongNameKeyInfo"><KeyValue><RSAKeyValue><Modulus>m4Rr1O2VoYl0OGjIkuGrC3jnvDKquMpvXuQSpmUhvcRAUTgBCiyAMRyHwY80jC3Kf46T8uEG2W5zNyfrC05923e2CbY0+P5f/M9euUrCs9ytw86TkIP1jdP1wD2kqoPf2NVYLDz6fw2p4+ugHHG9pxZpzFFnVCD6Y2ganRkq6fM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue><msrel:RelData xmlns:msrel="http://schemas.microsoft.com/windows/rel/2005/reldata"><r:license xmlns:r="urn:mpeg:mpeg21:2003:01-REL-R-NS" xmlns:as="http://schemas.microsoft.com/windows/pki/2005/Authenticode"><r:grant><as:ManifestInformation Hash="41d1331660c069308a4d4af32e59674cb71f6fa4" Description="" Url=""><as:assemblyIdentity name="RealSign.application" version="1.11.0.4" publicKeyToken="098f6ec5092c3f65" language="neutral" processorArchitecture="x86" xmlns="urn:schemas-microsoft-com:asm.v1" /></as:ManifestInformation><as:SignedBy /><as:AuthenticodePublisher><as:X509SubjectName>CN=RealSign Technologies Inc.</as:X509SubjectName></as:AuthenticodePublisher></r:grant><r:issuer><Signature Id="AuthenticodeSignature" xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>E0mVxRdBmsnr8+2VcLG0zeqvozc=</DigestValue></Reference></SignedInfo><SignatureValue>BbvCLctwg12i0wHNyzJ1yS2AlrkepCkobIT/4kARp44Ru7Lx/iRPthg94Qx6GN2eBWX0IPLiQp+7HJH29C81z81ajUcmjFHyJj6h9Rtef5b1QPiB64m+KZu6/AsZcI4IzaFq7uXyxlv9TZDVfEOXAYA3KFbzZf5pr8ClfFU8xHA=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>m4Rr1O2VoYl0OGjIkuGrC3jnvDKquMpvXuQSpmUhvcRAUTgBCiyAMRyHwY80jC3Kf46T8uEG2W5zNyfrC05923e2CbY0+P5f/M9euUrCs9ytw86TkIP1jdP1wD2kqoPf2NVYLDz6fw2p4+ugHHG9pxZpzFFnVCD6Y2ganRkq6fM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue><X509Data><X509Certificate>MIIBwjCCAXCgAwIBAgIQyQUGchUYkLRPis6H47oXVDAJBgUrDgMCHQUAMBYxFDASBgNVBAMTC1Jvb3QgQWdlbmN5MB4XDTEwMTIyMTA3MDAwMFoXDTMwMTIzMTA3MDAwMFowJTEjMCEGA1UEAxMaUmVhbFNpZ24gVGVjaG5vbG9naWVzIEluYy4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJuEa9TtlaGJdDhoyJLhqwt457wyqrjKb17kEqZlIb3EQFE4AQosgDEch8GPNIwtyn+Ok/LhBtluczcn6wtOfdt3tgm2NPj+X/zPXrlKwrPcrcPOk5CD9Y3T9cA9pKqD39jVWCw8+n8NqeProBxxvacWacxRZ1Qg+mNoGp0ZKunzAgMBAAGjSzBJMEcGA1UdAQRAMD6AEBLkCS0GHR1PAI1hIdwWZGOhGDAWMRQwEgYDVQQDEwtSb290IEFnZW5jeYIQBjdsAKoAZIoRz7jUqlw19DAJBgUrDgMCHQUAA0EAKH9+uvZ/OCQ8u1bq3JNWn5MQLe+9HzNp+Rwk0PdfDFHC1egJa9PKvi2pmygdVtR5sHbYoz992VXEQLpfnn/YQA==</X509Certificate></X509Data></KeyInfo></Signature></r:issuer></r:license></msrel:RelData></KeyInfo></Signature></asmv1:assembly>
    

     

    New manifest

    <?xml version="1.0" encoding="utf-8"?>
    <asmv1:assembly xsi:schemaLocation="urn:schemas-microsoft-com:asm.v1 assembly.adaptive.xsd" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:co.v1="urn:schemas-microsoft-com:clickonce.v1" xmlns:co.v2="urn:schemas-microsoft-com:clickonce.v2" xmlns="urn:schemas-microsoft-com:asm.v2" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xrml="urn:mpeg:mpeg21:2003:01-REL-R-NS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
     <assemblyIdentity name="RealSign.application" version="1.11.0.10" publicKeyToken="0000000000000000" language="neutral" processorArchitecture="x86" xmlns="urn:schemas-microsoft-com:asm.v1" />
     <description asmv2:publisher="RealSign Technologies Inc." co.v1:suiteName="RealSign" asmv2:product="RealSign" asmv2:supportUrl="http://www.realsign.com/" co.v1:errorReportUrl="http://www.realsign.com/" xmlns="urn:schemas-microsoft-com:asm.v1" />
     <deployment install="true" mapFileExtensions="true" trustURLParameters="true" co.v1:createDesktopShortcut="true">
      <deploymentProvider codebase="file://pluto/Team.Dev/Projects/RealSign/Current%20Release/05252011/RealSign.application" />
     </deployment>
     <compatibleFrameworks xmlns="urn:schemas-microsoft-com:clickonce.v2">
      <framework targetVersion="4.0" profile="Full" supportedRuntime="4.0.30319" />
     </compatibleFrameworks>
     <dependency>
      <dependentAssembly dependencyType="install" codebase="Application Files\RealSign_1_11_0_10\RealSign.exe.manifest" size="8156">
       <assemblyIdentity name="RealSign.exe" version="1.11.0.10" publicKeyToken="0000000000000000" language="neutral" processorArchitecture="x86" type="win32" />
       <hash>
        <dsig:Transforms>
         <dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" />
        </dsig:Transforms>
        <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <dsig:DigestValue>X9PEBGbdfdhFvtZgvVM2AJcBrEI=</dsig:DigestValue>
       </hash>
      </dependentAssembly>
     </dependency>
    </asmv1:assembly>
    

     

    I am baffled, does the existing manifest have security in it? And if so, how do I get that security into my manifest? The client really didn't give us much to work with.

    Thursday, May 26, 2011 6:14 PM