msixbundle
| Crates.io | msixbundle |
| lib.rs | msixbundle |
| version | 1.1.0 |
| created_at | 2025-12-27 22:50:43.994271+00 |
| updated_at | 2026-01-06 17:59:34.343185+00 |
| description | Rust library to pack per-arch MSIX and build/sign .msixbundle using Windows SDK tools |
| homepage | https://github.com/Choochmeque/msixbundle-rs |
| repository | https://github.com/Choochmeque/msixbundle-rs |
| max_upload_size | |
| id | 2007969 |
| size | 69,353 |
Vladimir Pankratov (Choochmeque)
documentation
README
msixbundle
Rust library for building and signing Windows MSIX packages and bundles using the Windows SDK toolchain.
Installation
[dependencies]
msixbundle = "1.0"
Features
- SDK auto-discovery: Automatically locate Windows SDK tools via registry
- Manifest parsing: Extract version and display name from
AppxManifest.xml - Package creation: Create
.msixfiles for each architecture - Bundle creation: Combine multiple
.msixfiles into a.msixbundle - Code signing: Sign packages and bundles with PFX certificates or certificate store thumbprints
- Timestamping: Support for RFC3161 and Authenticode protocols
- Validation: Validate packages using WACK and verify signatures
API
| Function | Description |
|---|---|
locate_sdk_tools() |
Find Windows SDK tools on the system |
read_manifest_info() |
Parse AppxManifest.xml for version and identity |
pack_arch() |
Create a per-architecture .msix package |
build_bundle() |
Combine multiple .msix files into a .msixbundle |
sign_artifact() |
Sign packages/bundles with a PFX or certificate thumbprint |
verify_signature() |
Verify digital signatures |
validate_package() |
Validate packages using WACK |
Usage
use msixbundle::*;
use std::path::Path;
fn main() -> anyhow::Result<()> {
// Locate Windows SDK tools
let tools = locate_sdk_tools()?;
// Read manifest information
let x64_dir = Path::new("./build/x64/AppxContent");
let manifest = read_manifest_info(x64_dir)?;
println!("Building {} v{}", manifest.display_name, manifest.version);
// Pack architectures (last param: overwrite existing files)
let out_dir = Path::new("./output");
let x64_msix = pack_arch(&tools, x64_dir, out_dir, &manifest, "x64", true)?;
let arm64_dir = Path::new("./build/arm64/AppxContent");
let arm64_msix = pack_arch(&tools, arm64_dir, out_dir, &manifest, "arm64", true)?;
// Build bundle
let packages = vec![
("x64".to_string(), x64_msix),
("arm64".to_string(), arm64_msix),
];
let bundle = build_bundle(&tools, out_dir, &packages, &manifest, true)?;
// Sign the bundle with PFX
let pfx = Path::new("./signing.pfx");
sign_artifact(&tools, &SignOptions {
artifact: &bundle,
certificate: CertificateSource::Pfx {
path: pfx,
password: Some("password"),
},
sip_dll: None,
timestamp_url: Some("http://timestamp.digicert.com"),
rfc3161: true,
signtool_override: None,
})?;
// Or sign with a certificate thumbprint from the Windows store
// sign_artifact(&tools, &SignOptions {
// artifact: &bundle,
// certificate: CertificateSource::Thumbprint {
// sha1: "1a2b3c4d5e6f...",
// store: Some("My"),
// machine_store: false,
// },
// sip_dll: None,
// timestamp_url: Some("http://timestamp.digicert.com"),
// rfc3161: true,
// signtool_override: None,
// })?;
// Verify the signature
verify_signature(&tools, &bundle)?;
println!("Bundle created: {}", bundle.display());
Ok(())
}
Cargo Features
sdk-discovery (default)
Automatically locates Windows SDK tools via the Windows registry.
[dependencies]
msixbundle = { version = "1.0", default-features = true }
To disable auto-discovery and provide paths manually:
[dependencies]
msixbundle = { version = "1.0", default-features = false }
Error Handling
The library uses anyhow::Result for error handling and provides custom error types via MsixError:
ToolMissing: Windows SDK tool not foundMakeAppx: MakeAppx.exe operation failedSignTool: signtool.exe operation failedManifest: Manifest parsing errorValidation: WACK validation failed
Requirements
- Windows OS with Windows SDK 10 installed
- MakeAppx.exe, signtool.exe, and appcert.exe (for validation)
License
MIT License