[Mono-bugs] [Bug 79741][Nor] New - signcode creates bad signature when data follows the last PE section
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Wed Oct 25 22:41:12 EDT 2006
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by elevine at gmail.com.
http://bugzilla.ximian.com/show_bug.cgi?id=79741
--- shadow/79741 2006-10-25 22:41:12.000000000 -0400
+++ shadow/79741.tmp.12449 2006-10-25 22:41:12.000000000 -0400
@@ -0,0 +1,34 @@
+Bug#: 79741
+Product: Mono: Class Libraries
+Version: unspecified
+OS: All
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Normal
+Component: Mono.Security
+AssignedTo: sebastien at ximian.com
+ReportedBy: elevine at gmail.com
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: signcode creates bad signature when data follows the last PE section
+
+Description of Problem:
+Mono.Security.Authenticode computes the hash by including all the data
+until the very end of the file being signed/verified, however if the file
+contains data following the last PE section this is incorrect according to
+Microsoft. This causes the signcode tool to create a signature which is
+invalid for Authenticode on Windows. See Appendix A of
+http://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/pecoff_v8.doc
+for more information about what is supposed to be excluded from the hash
+computation.
+
+Examples of files for which signcode creates a bad signature:
+1. EXE files with debugging info, for example files built with mingw
+default compiler and linker flags that have not yet been stripped (simple
+workaround in this case is to strip the file first)
+2. Installer files created with makensis http://nsis.sourceforge.net (no
+workaround known)
More information about the mono-bugs
mailing list