-
Notifications
You must be signed in to change notification settings - Fork 124
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multiple MSI signatures with different algorithms and a MsiDigitalSignatureEx entry #262
Comments
Could you elaborate on the reason you consider this a useful feature? |
That's useful for the same reasons users want to sign multiple times other file formats I guess. It also impacts the signature verification, if osslsigncode computes MsiDigitalSignatureEx when verifying the signature, it may see a signature as invalid while Windows consider it valid. In order to replicate the Windows verification process, the existing MsiDigitalSignatureEx entry should be taken as is and not recomputed when verifying. |
@olszomal Can you take a look? How hard would it be to implement? |
The MsiDigitalSignatureEx hash is used to calculate the DigitalSignature hash. The MsiDigitalSignatureEx hash is verified by Windows when the DigitalSignature hash is verified. I checked whether Windows signtool verifies the MsiDigitalSignatureEx hash.
The initial signature is corrupted,
These DigitalSignatures can be found in the parsed PKCS#7 signature:
The initial signature is corrupted in the following cases:
A corrupted signature is useless, so the file should be signed again instead of adding a nested signature. |
While working on MSI file signing in Jsign I've noticed that the metadata hash in the MsiDigitalSignatureEx entry is not verified by Windows (tested on Windows 10 22H2). It could be a simple byte array of zeros, as long as it's prepended to the content hash, the signature is valid. The size isn't event checked to match the size of the hashing algorithm used for signing, if MsiDigitalSignatureEx is 20 bytes long (as produced by SHA-1) and the content is hashed with SHA-256, the signature is also valid.
That's fairly counter-intuitive and I had to pinch myself twice to be convinced this was real. If confirmed on other versions of Windows this means that it's possible to sign a MSI file multiple times with a MsiDigitalSignatureEx entry and different hashing algorithms. So the
msi_check_MsiDigitalSignatureEx
method could be modified to allow this case.The text was updated successfully, but these errors were encountered: