[Mono-bugs] [Bug 79741][Nor] New - signcode creates bad signature when data follows the last PE section

bugzilla-daemon at bugzilla.ximian.com bugzilla-daemon at bugzilla.ximian.com
Wed Oct 25 22:41:12 EDT 2006

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by elevine at gmail.com.


--- shadow/79741	2006-10-25 22:41:12.000000000 -0400
+++ shadow/79741.tmp.12449	2006-10-25 22:41:12.000000000 -0400
@@ -0,0 +1,34 @@
+Bug#: 79741
+Product: Mono: Class Libraries
+Version: unspecified
+OS: All
+OS Details: 
+Status: NEW   
+Priority: Normal
+Component: Mono.Security
+AssignedTo: sebastien at ximian.com                            
+ReportedBy: elevine at gmail.com               
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+Summary: signcode creates bad signature when data follows the last PE section
+Description of Problem:
+Mono.Security.Authenticode computes the hash by including all the data
+until the very end of the file being signed/verified, however if the file
+contains data following the last PE section this is incorrect according to
+Microsoft.  This causes the signcode tool to create a signature which is
+invalid for Authenticode on Windows.  See Appendix A of
+for more information about what is supposed to be excluded from the hash
+Examples of files for which signcode creates a bad signature:
+1. EXE files with debugging info, for example files built with mingw
+default compiler and linker flags that have not yet been stripped (simple
+workaround in this case is to strip the file first)
+2. Installer files created with makensis http://nsis.sourceforge.net (no
+workaround known)

More information about the mono-bugs mailing list