From c15b84b32d4187d7419cc674d83773a44726fc1c Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Thu, 10 Aug 2023 01:23:24 +0200 Subject: Windows: Fix failure creating Traveler Disk caused by outdated hardcoded value of MS certificate We also rename the variables gpbSha256CodeSignCertFingerprint and gpbSha256MSCodeSignCertFingerprint to gpbSha512CodeSignCertFingerprint and gpbSha512MSCodeSignCertFingerprint respectively to reflect the fact that they are actually SHA512 hash values and not SHA256 ones. --- src/Common/Dlgcode.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index ed5d1844..b137c57b 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -417,7 +417,7 @@ static WTHELPERPROVDATAFROMSTATEDATA WTHelperProvDataFromStateDataFn = NULL; static WTHELPERGETPROVSIGNERFROMCHAIN WTHelperGetProvSignerFromChainFn = NULL; static WTHELPERGETPROVCERTFROMCHAIN WTHelperGetProvCertFromChainFn = NULL; -static unsigned char gpbSha256CodeSignCertFingerprint[64] = { +static unsigned char gpbSha512CodeSignCertFingerprint[64] = { 0x9C, 0xA0, 0x21, 0xD3, 0x7C, 0x90, 0x61, 0x88, 0xEF, 0x5F, 0x99, 0x3D, 0x54, 0x9F, 0xB8, 0xCE, 0x72, 0x32, 0x4F, 0x57, 0x4F, 0x19, 0xD2, 0xA4, 0xDC, 0x84, 0xFF, 0xE2, 0x84, 0x2B, 0xD4, 0x30, 0xAB, 0xA7, 0xE4, 0x63, @@ -426,13 +426,13 @@ static unsigned char gpbSha256CodeSignCertFingerprint[64] = { 0xDB, 0x6F, 0xC0, 0x62 }; -static unsigned char gpbSha256MSCodeSignCertFingerprint[64] = { - 0x9C, 0x96, 0x81, 0x3B, 0x88, 0x54, 0xCB, 0x81, 0xB5, 0x94, 0x40, 0x4E, - 0x15, 0x81, 0x20, 0xA1, 0x19, 0x00, 0x4E, 0x49, 0x8A, 0xA8, 0x98, 0x13, - 0x9D, 0xE2, 0x86, 0x6A, 0xC1, 0xFA, 0xD3, 0x00, 0x0D, 0xAC, 0xE9, 0xE3, - 0x3B, 0xFC, 0x6B, 0x26, 0xCE, 0xC8, 0xE2, 0x36, 0x3B, 0x60, 0x9C, 0x8E, - 0x0A, 0x2A, 0x74, 0x20, 0xD7, 0x4E, 0x0F, 0xEE, 0x2E, 0x79, 0xE2, 0xAF, - 0x1C, 0x90, 0x0B, 0x9C +static unsigned char gpbSha512MSCodeSignCertFingerprint[64] = { + 0xEB, 0x76, 0x2E, 0xD3, 0x5B, 0x4A, 0xB1, 0x0E, 0xF5, 0x3B, 0x99, 0x4E, + 0xC1, 0xF7, 0x48, 0x88, 0xF6, 0xA0, 0xE9, 0xAC, 0x32, 0x69, 0xCF, 0x20, + 0xE1, 0x60, 0xC4, 0x0C, 0xEF, 0x01, 0x1F, 0xCB, 0x41, 0x95, 0x72, 0xB9, + 0xED, 0x63, 0x0C, 0x6B, 0xB9, 0xE9, 0xA2, 0x72, 0xA6, 0x78, 0x96, 0x4C, + 0x69, 0x9F, 0x90, 0x3F, 0xB1, 0x3C, 0x64, 0xF2, 0xAB, 0xCF, 0x14, 0x1D, + 0xEC, 0x7C, 0xB0, 0xC7 }; @@ -1081,8 +1081,8 @@ BOOL VerifyModuleSignature (const wchar_t* path) BYTE hashVal[64]; sha512 (hashVal, pProviderCert->pCert->pbCertEncoded, pProviderCert->pCert->cbCertEncoded); - if ( (0 == memcmp (hashVal, gpbSha256CodeSignCertFingerprint, 64)) - || (0 == memcmp (hashVal, gpbSha256MSCodeSignCertFingerprint, 64)) + if ( (0 == memcmp (hashVal, gpbSha512CodeSignCertFingerprint, 64)) + || (0 == memcmp (hashVal, gpbSha512MSCodeSignCertFingerprint, 64)) ) { bResult = TRUE; -- cgit v1.2.3