From 200113521128fb88fe8bec6d9d8ecd927fd09865 Mon Sep 17 00:00:00 2001 From: David Bennett Date: Thu, 9 Oct 2025 15:05:23 -0700 Subject: [PATCH 1/2] Allow unsigned source for development testing --- .../Microsoft/PreIndexedPackageSourceFactory.cpp | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/AppInstallerRepositoryCore/Microsoft/PreIndexedPackageSourceFactory.cpp b/src/AppInstallerRepositoryCore/Microsoft/PreIndexedPackageSourceFactory.cpp index bbe0082cb8..d09362e8c4 100644 --- a/src/AppInstallerRepositoryCore/Microsoft/PreIndexedPackageSourceFactory.cpp +++ b/src/AppInstallerRepositoryCore/Microsoft/PreIndexedPackageSourceFactory.cpp @@ -20,6 +20,14 @@ namespace AppInstaller::Repository::Microsoft { namespace { + // To use an unsigned source, set AICLI_ALLOW_UNSTIGNED_SOURCE and use a debug build. + // Ex: set CL=/DAICLI_ALLOW_UNSIGNED_SOURCE +#if ! defined( AICLI_DISABLE_TEST_HOOKS ) && defined( AICLI_ALLOW_UNSIGNED_SOURCE ) + static bool s_AllowUnsignedSource = true; +#else + static bool s_AllowUnsignedSource = false; +#endif + static constexpr std::string_view s_PreIndexedPackageSourceFactory_PackageFileName = "source.msix"sv; static constexpr std::string_view s_PreIndexedPackageSourceFactory_V2_PackageFileName = "source2.msix"sv; static constexpr std::string_view s_PreIndexedPackageSourceFactory_PackageVersionHeader = "x-ms-meta-sourceversion"sv; @@ -593,7 +601,7 @@ namespace AppInstaller::Repository::Microsoft Msix::WriteLockedMsixFile indexPackage{ packageLocation }; // Validate index package trust info. - THROW_HR_IF(APPINSTALLER_CLI_ERROR_SOURCE_DATA_INTEGRITY_FAILURE, !indexPackage.ValidateTrustInfo(WI_IsFlagSet(m_details.TrustLevel, SourceTrustLevel::StoreOrigin))); + THROW_HR_IF(APPINSTALLER_CLI_ERROR_SOURCE_DATA_INTEGRITY_FAILURE, !s_AllowUnsignedSource && !indexPackage.ValidateTrustInfo(WI_IsFlagSet(m_details.TrustLevel, SourceTrustLevel::StoreOrigin))); // Create a temp lock exclusive index file. auto tempIndexFilePath = Runtime::GetNewTempFilePath(); @@ -683,7 +691,7 @@ namespace AppInstaller::Repository::Microsoft THROW_HR_IF(APPINSTALLER_CLI_ERROR_SOURCE_DATA_INTEGRITY_FAILURE, GetPackageFamilyNameFromDetails(details) != Msix::GetPackageFamilyNameFromFullName(tempMsixInfo.GetPackageFullName())); - if (!tempIndexPackage.ValidateTrustInfo(WI_IsFlagSet(details.TrustLevel, SourceTrustLevel::StoreOrigin))) + if (!s_AllowUnsignedSource && !tempIndexPackage.ValidateTrustInfo(WI_IsFlagSet(details.TrustLevel, SourceTrustLevel::StoreOrigin))) { AICLI_LOG(Repo, Error, << "Source update failed. Source package failed trust validation."); THROW_HR(APPINSTALLER_CLI_ERROR_SOURCE_DATA_INTEGRITY_FAILURE); @@ -719,7 +727,7 @@ namespace AppInstaller::Repository::Microsoft std::unique_ptr PreIndexedPackageSourceFactory::Create() { - if (Runtime::IsRunningInPackagedContext()) + if (!s_AllowUnsignedSource && Runtime::IsRunningInPackagedContext()) { return std::make_unique(); } From ce099f9896e955cf8d5c007b1e616c12d7b0adc4 Mon Sep 17 00:00:00 2001 From: David Bennett Date: Fri, 10 Oct 2025 15:35:39 -0700 Subject: [PATCH 2/2] Fix spelling --- .github/actions/spelling/allow.txt | 1 + .../Microsoft/PreIndexedPackageSourceFactory.cpp | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/actions/spelling/allow.txt b/.github/actions/spelling/allow.txt index 01ea0ee6ff..aa7367b1f1 100644 --- a/.github/actions/spelling/allow.txt +++ b/.github/actions/spelling/allow.txt @@ -59,6 +59,7 @@ curated CURSORPOSITON CUSTOMHEADER cvd +DAICLI datatelemetry datetime dbconn diff --git a/src/AppInstallerRepositoryCore/Microsoft/PreIndexedPackageSourceFactory.cpp b/src/AppInstallerRepositoryCore/Microsoft/PreIndexedPackageSourceFactory.cpp index d09362e8c4..e0fda43daa 100644 --- a/src/AppInstallerRepositoryCore/Microsoft/PreIndexedPackageSourceFactory.cpp +++ b/src/AppInstallerRepositoryCore/Microsoft/PreIndexedPackageSourceFactory.cpp @@ -20,7 +20,7 @@ namespace AppInstaller::Repository::Microsoft { namespace { - // To use an unsigned source, set AICLI_ALLOW_UNSTIGNED_SOURCE and use a debug build. + // To use an unsigned source, set AICLI_ALLOW_UNSIGNED_SOURCE and use a debug build. // Ex: set CL=/DAICLI_ALLOW_UNSIGNED_SOURCE #if ! defined( AICLI_DISABLE_TEST_HOOKS ) && defined( AICLI_ALLOW_UNSIGNED_SOURCE ) static bool s_AllowUnsignedSource = true;