2007-01-12 Sebastien Pouliot <sebastien@ximian.com>

	* AuthenticodeFormatter.cs: The ASN.1 structure must be padded to a
	multiple of 8 bytes, else the signature is invalid - even if the hash
	is correct!

svn path=/trunk/mcs/; revision=70936

diff --git a/mcs/class/Mono.Security/Mono.Security.Authenticode/AuthenticodeFormatter.cs b/mcs/class/Mono.Security/Mono.Security.Authenticode/AuthenticodeFormatter.cs
index aee643388145e708988160b275c4e752ab33bc35..3b7560856a18fdc6a058fab65bc1abfa60372a57 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Authenticode/AuthenticodeFormatter.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Authenticode/AuthenticodeFormatter.cs
@@ -5,7 +5,7 @@
 //     Sebastien Pouliot <sebastien@ximian.com>
 //
 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
-// Copyright (C) 2004, 2006 Novell, Inc (http://www.novell.com)
+// Copyright (C) 2004, 2006-2007 Novell, Inc (http://www.novell.com)
 //
 // Permission is hereby granted, free of charge, to any person obtaining
 // a copy of this software and associated documentation files (the
@@ -272,6 +272,7 @@ namespace Mono.Security.Authenticode {
                                int addsize = (filesize & 7);
                                if (addsize > 0)
                                        addsize = 8 - addsize;
+
                                // IMAGE_DIRECTORY_ENTRY_SECURITY (offset, size)
                                byte[] data = BitConverterLE.GetBytes (filesize + addsize);
                                file[PEOffset + 152] = data[0];
@@ -279,7 +280,10 @@ namespace Mono.Security.Authenticode {
                                file[PEOffset + 154] = data[2];
                                file[PEOffset + 155] = data[3];
                                int size = asn.Length + 8;
-                               data = BitConverterLE.GetBytes (size);
+                               int addsize_signature = (size & 7);
+                               if (addsize_signature > 0)
+                                       addsize_signature = 8 - addsize_signature;
+                               data = BitConverterLE.GetBytes (size + addsize_signature);
                                file[PEOffset + 156] = data[0];
                                file[PEOffset + 157] = data[1];
                                file[PEOffset + 158] = data[2];
@@ -294,6 +298,10 @@ namespace Mono.Security.Authenticode {
                                data = BitConverterLE.GetBytes (0x00020200);    // magic
                                fs.Write (data, 0, data.Length);
                                fs.Write (asn, 0, asn.Length);
+                               if (addsize_signature > 0) {
+                                       byte[] fillup = new byte[addsize_signature];
+                                       fs.Write (fillup, 0, fillup.Length);
+                               }
                                fs.Close ();
                        }
                        return true;

diff --git a/mcs/class/Mono.Security/Mono.Security.Authenticode/ChangeLog b/mcs/class/Mono.Security/Mono.Security.Authenticode/ChangeLog
index 1616b8505fafb3842b2fd5bb453cb490fe6b6272..48be4d1a6e88f4c1d156a464c3042991d65f4a83 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Authenticode/ChangeLog
+++ b/mcs/class/Mono.Security/Mono.Security.Authenticode/ChangeLog
@@ -1,3 +1,9 @@
+2007-01-12  Sebastien Pouliot  <sebastien@ximian.com>
+
+       * AuthenticodeFormatter.cs: The ASN.1 structure must be padded to a
+       multiple of 8 bytes, else the signature is invalid - even if the hash 
+       is correct!
+
 2006-12-14  Sebastien Pouliot  <sebastien@ximian.com>
 
        * AuthenticodeBase.cs: Support (strip) COFF symbol table when