Skip to content

Commit

Permalink
Hash the class identifier of the sub storages in MSI files (#149)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ebourg
ebourg committed Jun 2, 2023
1 parent 15f655d commit 8f41af1
Showing 1 changed file with 23 additions and 34 deletions.
57 changes: 23 additions & 34 deletions jsign-core/src/main/java/net/jsign/msi/MSIFile.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,29 +169,6 @@ public boolean hasExtendedSignature() {
}
}

private List<Property> getSortedProperties() {
List<Property> entries = new ArrayList<>();

append(fsRead.getPropertyTable().getRoot(), entries);

return entries;
}

private void append(DirectoryProperty node, List<Property> entries) {
Map<MSIStreamName, Property> sortedEntries = new TreeMap<>();
for (Property entry : node) {
sortedEntries.put(new MSIStreamName(entry.getName()), entry);
}

for (Property property : sortedEntries.values()) {
if (!property.isDirectory()) {
entries.add(property);
} else {
append((DirectoryProperty) property, entries);
}
}
}

@Override
public byte[] computeDigest(MessageDigest digest) throws IOException {
try {
Expand All @@ -202,26 +179,38 @@ public byte[] computeDigest(MessageDigest digest) throws IOException {
updateDigest(digest, msiDigitalSignatureExDocument);
}

// hash the entries
for (Property property : getSortedProperties()) {
computeDigest(digest, fsRead.getPropertyTable().getRoot());

return digest.digest();
} catch (IndexOutOfBoundsException | IllegalArgumentException | IllegalStateException | NoSuchElementException e) {
throw new IOException("MSI file format error", e);
}
}

private void computeDigest(MessageDigest digest, DirectoryProperty node) {
Map<MSIStreamName, Property> sortedEntries = new TreeMap<>();
for (Property child : node) {
sortedEntries.put(new MSIStreamName(child.getName()), child);
}

for (Property property : sortedEntries.values()) {
if (!property.isDirectory()) {
String name = new MSIStreamName(property.getName()).decode();
if (name.equals(DIGITAL_SIGNATURE_ENTRY_NAME) || name.equals(MSI_DIGITAL_SIGNATURE_EX_ENTRY_NAME)) {
continue;
}

POIFSDocument document = new POIFSDocument((DocumentProperty) property, fsRead);
updateDigest(digest, document);
} else {
computeDigest(digest, (DirectoryProperty) property);
}

// hash the package ClassID, in serialized form
byte[] classId = new byte[16];
fsRead.getRoot().getStorageClsid().write(classId, 0);
digest.update(classId);

return digest.digest();
} catch (IndexOutOfBoundsException | IllegalArgumentException | IllegalStateException | NoSuchElementException e) {
throw new IOException("MSI file format error", e);
}

// hash the package ClassID, in serialized form
byte[] classId = new byte[16];
node.getStorageClsid().write(classId, 0);
digest.update(classId);
}

private void updateDigest(MessageDigest digest, POIFSDocument document) {
Expand Down

0 comments on commit 8f41af1

Please sign in to comment.