search

microsoft / PowerToys

Windows system utilities to maximize productivity
MIT License
109.9k stars 6.48k forks source link

DLL without signature #8143

Closed davidegiacometti closed 3 years ago

davidegiacometti commented 3 years ago

Reference: https://github.com/microsoft/PowerToys/pull/8122#issuecomment-730501684

Files without signature from a 0.25.0 installation.

C:\Program Files\PowerToys\modules\ColorPicker\ManagedCommon.dll
C:\Program Files\PowerToys\modules\ColorPicker\Microsoft.PowerToys.Settings.UI.Lib.dll
C:\Program Files\PowerToys\modules\ColorPicker\PowerToysInterop.dll
C:\Program Files\PowerToys\modules\ColorPicker\Telemetry.dll
C:\Program Files\PowerToys\modules\FancyZones\ManagedCommon.dll
C:\Program Files\PowerToys\modules\FancyZones\Telemetry.dll
C:\Program Files\PowerToys\modules\FileExplorerPreview\Telemetry.dll
C:\Program Files\PowerToys\modules\ImageResizer\ImageResizer.dll
C:\Program Files\PowerToys\modules\ImageResizer\PowerToysInterop.dll
C:\Program Files\PowerToys\modules\launcher\ManagedCommon.dll
C:\Program Files\PowerToys\modules\launcher\Microsoft.Launcher.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.Calculator\Telemetry.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.Folder\Telemetry.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.Indexer\Telemetry.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.Program\Telemetry.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.Shell\Telemetry.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.Uri\Microsoft.Plugin.Uri.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.Uri\Telemetry.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.Uri\Wox.Infrastructure.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.Uri\Wox.Plugin.dll
C:\Program Files\PowerToys\modules\launcher\Plugins\Microsoft.Plugin.WindowWalker\Telemetry.dll
C:\Program Files\PowerToys\SettingsUIRunner\ManagedCommon.dll
crutkas commented 3 years ago

I created it but this is a nicer way. How did you determine this list?

https://github.com/microsoft/PowerToys/issues/7850 was what i did but you seem to have a better list.

my thought was we create some type of common lib for the wsx and this to make sure all dlls / exes are sign'ed and included. image

with a PS script, we can determine quickly. Get-AuthenticodeSignature -FilePath

davidegiacometti commented 3 years ago

@crutkas I have also used PowerShell.

Get-ChildItem 'C:\Program Files\PowerToys\' -Include *.exe,*.dll -Recurse | ForEach-object {Get-AuthenticodeSignature $_.FullName} | Where-Object {$_.status -eq "NotSigned"} | ForEach-Object {Write-Host $_.Path}

I have a PR ready. I think we need something smarter since with this command there are a lot of unsigned 3rd party dlls.

crutkas commented 3 years ago

We can work on getting those signed for PT with a diff cert.

crutkas commented 3 years ago

Shipped with 0.27 release. https://github.com/microsoft/PowerToys/releases/tag/v0.27.0