Skip to content

Fix Bug #949, "BAD signature" when validating #1090

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Feb 13, 2022
Merged

Fix Bug #949, "BAD signature" when validating #1090

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
473d421
Fixed Validate.c (Issue 949)
yobson Nov 24, 2020
77d97ec
Added check of assumed memory layout
yobson Nov 24, 2020
82e54ea
Added support for older appimages (untested)
Dec 5, 2020
988a8cb
Tested on current appimage standard
yobson Dec 7, 2020
68d69e3
Typo fix and indentation fix
yobson Dec 7, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 28 additions & 9 deletions src/validate.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
typedef unsigned char byte;

char segment_name[] = ".sha256_sig";
char segment_key_name[] = ".sig_key";

int sha256_file(char *path, char outputBuffer[65], int skip_offset, int skip_length)
{
Expand Down Expand Up @@ -109,38 +110,56 @@ int main(int argc,char **argv) {

char *filename = argv[1];

unsigned long skip_offset = 0;
unsigned long skip_length = 0;
unsigned long skip_offset_sig = 0;
unsigned long skip_length_sig = 0;

unsigned long skip_offset_key = 0;
unsigned long skip_length_key = 0;

if (!appimage_get_elf_section_offset_and_length(filename, ".sha256_sig", &skip_offset, &skip_length)) {
if (!appimage_get_elf_section_offset_and_length(filename, ".sha256_sig", &skip_offset_sig, &skip_length_sig)) {
fprintf(stderr, "Failed to read .sha256_sig section");
exit(1);
}
if (!appimage_get_elf_section_offset_and_length(filename, ".sig_key", &skip_offset_key, &skip_length_key)) {
Copy link
Member

@TheAssassin TheAssassin Dec 4, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Older AppImages simply don't have this section at all. When AppImageUpdate gained some actual signature verification support, there was a need for the pubkey to be distributed along with the AppImages. Before, that wasn't needed.

I think if we fix this, there should be a fallback for these older runtimes. I could however also live with this tool not supporting old AppImages any more. (The old code can always be restored from the repo, after all.)

@probonopd what do you think?

skip_length_key = 0;
skip_offset_key = 0;
}

if(skip_length > 0) {
fprintf(stderr, "Skipping ELF section %s with offset %lu, length %lu\n", segment_name, skip_offset, skip_length);
if(skip_length_sig > 0) {
fprintf(stderr, "Skipping ELF section %s with offset %lu, length %lu\n", segment_name, skip_offset_sig, skip_length_sig);
} else {
fprintf(stderr, "ELF section %s not found, is the file signed?\n", segment_name);
exit(1);
}
if(skip_length_key > 0) {
fprintf(stderr, "Skipping ELF section %s with offset %lu, length %lu\n", segment_key_name, skip_offset_key, skip_length_key);
} else {
fprintf(stderr, "ELF section %s not found, assuming older AppImage Standard\n", segment_key_name);
}
if(skip_offset_sig + skip_length_sig != skip_offset_key && skip_length_key != 0) {
fprintf(stderr, "validate only works when .sha256_sig and .sig_key are contiguous in the ELF header\n");
exit(0);
}
int skip_offset = skip_offset_sig;
int skip_length = skip_length_sig + skip_length_key;

char *digestfile;
digestfile = g_strconcat("/tmp/", basename(g_strconcat(filename, ".digest", NULL)), NULL);
char *signaturefile;
signaturefile = g_strconcat("/tmp/", basename(g_strconcat(filename, ".sig", NULL)), NULL);

uint8_t *data = malloc(skip_length);
uint8_t *data = malloc(skip_length_sig);
unsigned long k;
FILE* fd = fopen(filename, "r");
fseek(fd, skip_offset, SEEK_SET);
fread(data, skip_length, sizeof(uint8_t), fd);
fseek(fd, skip_offset_sig, SEEK_SET);
fread(data, skip_length_sig, sizeof(uint8_t), fd);
fclose(fd);
FILE *fpdst2 = fopen(signaturefile, "w");
if (fpdst2 == NULL) {
fprintf(stderr, "Not able to open the signature file for writing, aborting");
exit(1);
}
for (k = 0; k < skip_length; k++) {
for (k = 0; k < skip_length_sig; k++) {
fprintf(fpdst2, "%c", data[k]);
}
fclose(fpdst2);
Expand Down