Opened 5 months ago

#34368 new enhancement

Improve authenticode-signing script to better check for a signature

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-sign
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Our current authenticode-signing.sh script checks two things at the moment:

1) Whether a .exe is still unsigned
2) Whether removing a signature (using osslsigncode remove-signature) is producing the same SHA-256 sum as outlined in the SHA-256 sums file.

If both conditions hold it concludes that the bundles are properly signed.

There are ways for improvement here. While I think it's important to check that removing the signature provides the expected unsigned SHA-256 we could try to check the signature directly.

osslsigncode verify -require-leaf-hash comes to mind. We should investigate, though, how that behaves in case of truncated/broken signatures or no signatures at all.

Child Tickets

Change History (0)

Note: See TracTickets for help on using tickets.