Closed lievenm closed 12 months ago
Thank you for the feedback. Is the signature valid if the file is only signed once?
I think this is the version I only signed once. After the first signature, windows refused to open it.
Do you think you could send the signed file to ebourg@apache.org so I can analyze it?
Emmanuel Bourg @.***> writes:
Do you think you could send the signed file to @.*** so I can analyze it?
I will send you a new one I made. You were right the other one was double signed but this one isn't and has the same problem.
Thanks for looking into this.
-- Laat hulle almal sterf. Ek is tevrede om die wêreld te sien brand en die vallende konings te spot. Ek en my aasdier sal loop op die as van die verwoeste aarde.
Are you sure the package is valid? Even with the signature removed it fails to install
If I try to install it refuses because of the signatures. I will check with the packager.
I've spotted one issue leading to an invalid data hash: the entries have to be hashed in the order they appear in the central directory. This order may be different from the actual order in the file. Jsign ignored the central directory order and simply hashed from the start of the file to the start of the central directory. I've fixed that by sorting the central directory when signing. Now osslsigncode computes the same hash, but the package is still corrupted :(
Actually the error is normal, since the CN of the test certificate doesn't match the publisher of the package.
I've pushed the fix, could you give it a try?
osslsigncode now sees the signature. For some reason signtool or sigcheck don't see the signature. We may be hitting a known bug where msix packaging has issues if your certificate CN contains non ascii characters. I'll try with a different certificate later this week.
If so then signing with signtool should fail, and signing with osslsigncode should also make the package uninstallable.
Hey,
I had a similar issue while signing an msix file. In my case the location (L=) of the certificate and the location in the AppxManifest.xml
were different, causing jsign to fail silently.
It could be worth to add a warning message :)
I may open a PR if I find time.
@lripoche Thank you for reporting this issue. Do you have an example? I'd like to reproduce it.
Unfortunately, I won't be able to share with you the packaging repo because it contains proprietary code.
First, I had to copy all the certificate fields in the AppxManifest.xml
. Then I had a character issue, a quotation mark in the S field was technically a single quote. I found out by printing the Unicode of each character in the file.
I think you can reproduce this by signing any MSIX with a certificate located in Provence-Alpes-Côte d’Azur
with the single comma quotation mark replaced by a single quotation mark.
Right unicode: 0050 0072 006F 0076 0065 006E 0063 0065 002D 0041 006C 0070 0065 0073 002D 0043 00F4 0074 0065 0020 0064 2019 0041 007A 0075 0072
Wrong unicode: 0050 0072 006F 0076 0065 006E 0063 0065 002D 0041 006C 0070 0065 0073 002D 0043 00F4 0074 0065 0020 0064 0027 0041 007A 0075 0072
@lripoche The code on the master branch now checks if the publisher in the manifest matches the subject of the signing certificate. I guess the issue with the quotation mark you mentioned should now be caught when signing.
Hi,
I tried to sign an msix file with the new support and on windows it refused the signatures. I verified with the forked osslsigncode referenced in the issue and that agreed:
./osslsigncode verify FileZi* Use -catalog option Hash method is SHA256 Checking Block Map hashes: Message digest algorithm : SHA256 Current message digest : 88D8BEF9D88FAAC996BD5F49CB40FEDBD664947AF26FC6C8EE629B53A6A3282E Calculated message digest : 88D8BEF9D88FAAC996BD5F49CB40FEDBD664947AF26FC6C8EE629B53A6A3282E
Checking Content Types hashes: Message digest algorithm : SHA256 Current message digest : 030EC72357EBBBF3B69134AF677187A92FA1D97F259A7509D75F9E5DE218C58A Calculated message digest : 030EC72357EBBBF3B69134AF677187A92FA1D97F259A7509D75F9E5DE218C58A
Checking Data hashes: Message digest algorithm : SHA256 Current message digest : E5A555C19066B5D04F61B6C8C9C13569D448CCC18A30DAA7047D5F1E9A28AB5C Calculated message digest : 6B20C0FFF37EB73FB3FC4D1CBE1943B14116B067FFE875395C0CCC8C2A04B0D7 MISMATCH!!!
Signature hash verification failed Checking Block Map hashes: Message digest algorithm : SHA256 Current message digest : 88D8BEF9D88FAAC996BD5F49CB40FEDBD664947AF26FC6C8EE629B53A6A3282E Calculated message digest : 88D8BEF9D88FAAC996BD5F49CB40FEDBD664947AF26FC6C8EE629B53A6A3282E
Checking Content Types hashes: Message digest algorithm : SHA256 Current message digest : 030EC72357EBBBF3B69134AF677187A92FA1D97F259A7509D75F9E5DE218C58A Calculated message digest : 030EC72357EBBBF3B69134AF677187A92FA1D97F259A7509D75F9E5DE218C58A
Checking Data hashes: Message digest algorithm : SHA256 Current message digest : E5A555C19066B5D04F61B6C8C9C13569D448CCC18A30DAA7047D5F1E9A28AB5C Calculated message digest : 6B20C0FFF37EB73FB3FC4D1CBE1943B14116B067FFE875395C0CCC8C2A04B0D7 MISMATCH!!!
Signature hash verification failed Number of verified signatures: 2 Failed