2008-05-16 Sebastien Pouliot <sebastien@ximian.com>

	* AuthenticodeFormatter.cs: Throw an NotSupportedException if we're
	trying to sign a non-PE (portable executable) file. We do not support
	signing CAB and MSI files (nor does mono generates them).
	[Partial fix for #388602, kept open as Enhancement]

svn path=/trunk/mcs/; revision=103341

diff --git a/mcs/class/Mono.Security/Mono.Security.Authenticode/AuthenticodeBase.cs b/mcs/class/Mono.Security/Mono.Security.Authenticode/AuthenticodeBase.cs
index bee47e7b045ec6e23f4de258b4fde3be29c16ba7..a155874cd667914e218705b70d6fa04bbf472223 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Authenticode/AuthenticodeBase.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Authenticode/AuthenticodeBase.cs
@@ -99,6 +99,7 @@ namespace Mono.Security.Authenticode {
                        if (fs != null)
                                Close ();
                        fs = new FileStream (filename, FileMode.Open, FileAccess.Read, FileShare.Read);
+                       blockNo = 0;
                }
 
                internal void Close ()
@@ -106,14 +107,23 @@ namespace Mono.Security.Authenticode {
                        if (fs != null) {
                                fs.Close ();
                                fs = null;
-                               blockNo = 0;
                        }
                }
 
-               internal bool ReadFirstBlock ()
+               internal void ReadFirstBlock ()
+               {
+                       int error = ProcessFirstBlock ();
+                       if (error != 0) {
+                               string msg = Locale.GetText ("Cannot sign non PE files, e.g. .CAB or .MSI files (error {0}).", 
+                                       error);
+                               throw new NotSupportedException (msg);
+                       }
+               }
+
+               internal int ProcessFirstBlock ()
                {
                        if (fs == null)
-                               return false;
+                               return 1;
 
                        fs.Position = 0;
                        // read first block - it will include (100% sure) 
@@ -121,12 +131,12 @@ namespace Mono.Security.Authenticode {
                        blockLength = fs.Read (fileblock, 0, fileblock.Length);
                        blockNo = 1;
                        if (blockLength < 64)
-                               return false;   // invalid PE file
+                               return 2;       // invalid PE file
 
                        // 1. Validate the MZ header informations
                        // 1.1. Check for magic MZ at start of header
                        if (BitConverterLE.ToUInt16 (fileblock, 0) != 0x5A4D)
-                               return false;
+                               return 3;
 
                        // 1.2. Find the offset of the PE header
                        peOffset = BitConverterLE.ToInt32 (fileblock, 60);
@@ -138,13 +148,13 @@ namespace Mono.Security.Authenticode {
                                throw new NotSupportedException (msg);
                        }
                        if (peOffset > fs.Length)
-                               return false;
+                               return 4;
 
                        // 2. Read between DOS header and first part of PE header
                        // 2.1. Check for magic PE at start of header
                        //      PE - NT header ('P' 'E' 0x00 0x00)
                        if (BitConverterLE.ToUInt32 (fileblock, peOffset) != 0x4550)
-                               return false;
+                               return 5;
 
                        // 2.2. Locate IMAGE_DIRECTORY_ENTRY_SECURITY (offset and size)
                        dirSecurityOffset = BitConverterLE.ToInt32 (fileblock, peOffset + 152);
@@ -154,7 +164,7 @@ namespace Mono.Security.Authenticode {
                        // (otherwise the signature won't work on MS and we don't want to support COFF for that)
                        coffSymbolTableOffset = BitConverterLE.ToInt32 (fileblock, peOffset + 12);
 
-                       return true;
+                       return 0;
                }
 
                internal byte[] GetSecurityEntry () 

diff --git a/mcs/class/Mono.Security/Mono.Security.Authenticode/ChangeLog b/mcs/class/Mono.Security/Mono.Security.Authenticode/ChangeLog
index ac3315e2539c265aeb7f78864c6ec7ac48f5fc46..6829895825883e014bf4ab57b11bdfb83ae30ce2 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Authenticode/ChangeLog
+++ b/mcs/class/Mono.Security/Mono.Security.Authenticode/ChangeLog
@@ -1,3 +1,10 @@
+2008-05-16  Sebastien Pouliot  <sebastien@ximian.com>
+
+       * AuthenticodeFormatter.cs: Throw an NotSupportedException if we're
+       trying to sign a non-PE (portable executable) file. We do not support
+       signing CAB and MSI files (nor does mono generates them).
+       [Partial fix for #388602, kept open as Enhancement]
+
 2008-01-10  Sebastien Pouliot  <sebastien@ximian.com>
 
        * AuthenticodeDeformatter.cs: Use RSAManaged and the new overloaded