This change connects the pulling of the subject of the certificate used to sign the package up to the Package object which then handles coordination of signature enforcement by way of a simple string compare against the publisher portion of the identity section of the appx manifest. For now, we're skipping appx manifest schema validation (much like how the Windows' AppxPackaging stack does at the tooling layer). We'll enable XSD validation of the appx manifest and provide a relief switch for tooling support in a subsequent patch as there are multiple XSD issues w.r.t. the AppxManifest XSDs that have to be worked out in the new year. Testing was done by way of existing BVT coverage. The most recent patch applied to this PR was a fix that was found as a result of running the BVTs on MacOS.
Change adds three new test cases: 2 w.r.t. [content_types].xml and one w.r.t. an invalid opc container due to an invalid zip archive (something we were otherwise missing in our test collateral). The opc-contentTypes XSD comes straight from the ECMA 376 standard: https://www.ecma-international.org/publications/standards/Ecma-376.htm Confirmed that makeappx fails with OPC_E_INVALID_CONTENT_TYPE_XML (0x80510006 ) and OPC_E_NONCONFORMING_CONTENT_TYPES_XML (0x80510008) with both of these packages when using the /nv switch (to get around the fact that technically, the signatures aren't valid).
The only code change required for this validation was to include the XSD, and pass it to the XmlObject, everything else was already wired up (as per blockmap validation).
Related work items: #14986525
Fix saving the files using the percentage encoding name that OPC uses. We now save files as the name defined in the AppxBlockMap.xml file.
Unpacking test\appx\BlockMap\HelloWorld.appx used to produce a file with name Shortcut%20File\HelloWorld.appxref-ms and now is Shortcut File\HelloWorld.appxref-ms
Unpacking test\appx\HelloWorld.appx used to produce a files with name icon-32%255B2%255D.png and icon-32%25255B2%25255D.png and now is icon-32%5B2%5D.png and icon-32%255B2%255D.png respectively.
Related work items: #14874780
Explicitly check that [Content_Types].xml is not part of the AppxBlockMap.appx file
// Test
bin\makexplat.exe unpack -d output -p ..\test\appx\BlockMap\ContentTypes_in_blockmap.appx -ss
Microsoft (R) bin\makexplat.exe version
Copyright (C) 2017 Microsoft. All rights reserved.
Error: 8bad0001
Related work items: #14883294
Sample fails with E_NOTIMPL because HashStream and BlockMapStream don't override the IAppxFile implementation of StreamBase.
// Test with
bin\ExtractContentsSample.exe ..\test\appx\StoreSigned_Desktop_x64_MoviesTV.appx output
Extracting footprint files from the package...
File name: AppxManifest.xml
Content type: TODO: Implement
Size: 13627 bytes
File name: AppxBlockMap.xml
Content type: TODO: Implement
Size: 59403 bytes
...
Related work items: #14914290
Phil Smith
Phil Smith
Phillip Smith
Phil Smith
Ruben Guerrero Samaniego
Thomas Olsen