AzureSignTool icon indicating copy to clipboard operation
AzureSignTool copied to clipboard
verified publisher icon vcsjones

Signing .hlkx package files

Open Nillissen opened this issue 3 years ago • 11 comments

We need help with signing Windows HLK submission packages. The HLK process will create an .hlkx package file that I can sign using signtool. But AzureSignTool is returning this error: "The file cannot be signed because it is not a recoginized file type for signing or it is corrupt."

Nillissen avatar Feb 12 '22 02:02 Nillissen

hi @Nillissen Have you found the way to sign .hlkx package?

italiks avatar Jul 18 '22 13:07 italiks

Trying to sign .HLKX files too

monrapps avatar Aug 12 '22 01:08 monrapps

Managed to sign the HLKX using the https://github.com/vcsjones/OpenOpcSignTool thanks @vcsjones.

dotnet tool install -g OpenVsixSignTool

OpenVsixSignTool sign -fd sha384 -kvu https://example.vault.azure.net -kvi FFFFFFFF-FFFF-FFFFF-FFFF-FFFFFFFFFFFF -kvs exampleSecret -kvc CodeSignExampleCertificate "package.hlkx"

monrapps avatar Aug 19 '22 19:08 monrapps

Well it wont work for submission... the hlkx needs the certificate .cer to be embedded.. and there is some missing entries on the content XML.. working on it

monrapps avatar Aug 22 '22 13:08 monrapps

Sorry for not updating sooner. I also managed to "sign" the file but like @monrapps is discovering it doesn't include all the requirements for a HLK submission.

Nillissen avatar Aug 22 '22 13:08 Nillissen

https://github.com/monrapps/OpenOpcSignTool

So, what do we have here: It´s a hard ported OpenOpcSignTool from @vcsjones with hardcoded nonsense that ONLY WORKS for HLKX signing... this code is very rough and should not be considered as a reference for the correct implementation.

monrapps avatar Aug 29 '22 21:08 monrapps