Index: /trunk/src/VBox/Runtime/tools/RTSignTool.cpp =================================================================== --- /trunk/src/VBox/Runtime/tools/RTSignTool.cpp (revision 64896) +++ /trunk/src/VBox/Runtime/tools/RTSignTool.cpp (revision 64897) @@ -300,4 +300,8 @@ if (iPos >= 0) { + if (cVerbosity >= 3) + RTMsgInfo("Adding UnauthenticatedAttribute #%u...", iPos); + Assert((uint32_t)iPos < pSignerInfo->UnauthenticatedAttributes.cItems); + PRTCRPKCS7ATTRIBUTE pAttr = pSignerInfo->UnauthenticatedAttributes.papItems[iPos]; int rc = RTAsn1ObjId_InitFromString(&pAttr->Type, RTCR_PKCS9_ID_MS_NESTED_SIGNATURE, pAttr->Allocation.pAllocator); @@ -316,4 +320,5 @@ { iPos = RTCrPkcs7SetOfContentInfos_Append(pAttr->uValues.pContentInfos); + Assert(iPos == 0); if (iPos >= 0) { @@ -324,4 +329,10 @@ if (cVerbosity > 0) RTMsgInfo("Added nested signature"); + if (cVerbosity >= 3) + { + RTMsgInfo("SingerInfo dump after change:"); + RTAsn1Dump(RTCrPkcs7SignerInfo_GetAsn1Core(pSignerInfo), 0, 2, RTStrmDumpPrintfV, g_pStdOut); + } + return RTEXITCODE_SUCCESS; } @@ -581,6 +592,7 @@ * Write the header followed by the signature data. */ + uint32_t const cbZeroPad = (uint32_t)(RT_ALIGN_Z(pThis->cbNewBuf, 8) - pThis->cbNewBuf); pSecDir->VirtualAddress = (uint32_t)offCur; - pSecDir->Size = cbWinCert + (uint32_t)pThis->cbNewBuf; + pSecDir->Size = cbWinCert + (uint32_t)pThis->cbNewBuf + cbZeroPad; if (cVerbosity >= 2) RTMsgInfo("Writing %u (%#x) bytes of signature at %#x (%u).\n", @@ -597,33 +609,38 @@ offCur += cbWinCert; rc = RTFileWriteAt(hFile, offCur, pThis->pbNewBuf, pThis->cbNewBuf, NULL); + } + if (RT_SUCCESS(rc) && cbZeroPad) + { + offCur += pThis->cbNewBuf; + rc = RTFileWriteAt(hFile, offCur, g_abRTZero4K, cbZeroPad, NULL); + } + if (RT_SUCCESS(rc)) + { + /* + * Reset the checksum (sec dir updated already) and rewrite the header. + */ + uBuf.NtHdrs32.OptionalHeader.CheckSum = 0; + offCur = offNtHdrs; + rc = RTFileWriteAt(hFile, offNtHdrs, &uBuf, cbNtHdrs, NULL); + if (RT_SUCCESS(rc)) + rc = RTFileFlush(hFile); if (RT_SUCCESS(rc)) { /* - * Reset the checksum (sec dir updated already) and rewrite the header. + * Calc checksum and write out the header again. */ - uBuf.NtHdrs32.OptionalHeader.CheckSum = 0; - offCur = offNtHdrs; - rc = RTFileWriteAt(hFile, offNtHdrs, &uBuf, cbNtHdrs, NULL); - if (RT_SUCCESS(rc)) - rc = RTFileFlush(hFile); - if (RT_SUCCESS(rc)) + uint32_t uCheckSum = UINT32_MAX; + if (SignToolPkcs7Exe_CalcPeCheckSum(pThis, hFile, &uCheckSum)) { - /* - * Calc checksum and write out the header again. - */ - uint32_t uCheckSum = UINT32_MAX; - if (SignToolPkcs7Exe_CalcPeCheckSum(pThis, hFile, &uCheckSum)) + rc = RTFileWriteAt(hFile, offNtHdrs, &uBuf, cbNtHdrs, NULL); + if (RT_SUCCESS(rc)) + rc = RTFileFlush(hFile); + if (RT_SUCCESS(rc)) { - rc = RTFileWriteAt(hFile, offNtHdrs, &uBuf, cbNtHdrs, NULL); + rc = RTFileClose(hFile); if (RT_SUCCESS(rc)) - rc = RTFileFlush(hFile); - if (RT_SUCCESS(rc)) - { - rc = RTFileClose(hFile); - if (RT_SUCCESS(rc)) - return RTEXITCODE_SUCCESS; - RTMsgError("RTFileClose failed: %Rrc\n", rc); - return RTEXITCODE_FAILURE; - } + return RTEXITCODE_SUCCESS; + RTMsgError("RTFileClose failed: %Rrc\n", rc); + return RTEXITCODE_FAILURE; } } @@ -866,4 +883,5 @@ if (rcExit == RTEXITCODE_SUCCESS) rcExit = SignToolPkcs7Exe_WriteSignatureToFile(&Dst, cVerbosity); + SignToolPkcs7Exe_Delete(&Dst); } @@ -1677,6 +1695,16 @@ */ if (pSignedData->Certificates.cItems > 0) + { RTPrintf("%s Certificates: %u\n", pThis->szPrefix, pSignedData->Certificates.cItems); - /** @todo display certificates. */ + for (uint32_t i = 0; i < pSignedData->Certificates.cItems; i++) + { + if (i != 0) + RTPrintf("\n"); + RTPrintf("%s Certificate #%u:\n", pThis->szPrefix, i); + RTAsn1Dump(RTCrPkcs7Cert_GetAsn1Core(pSignedData->Certificates.papItems[i]), 0, + ((uint32_t)offPrefix + 9) / 2, RTStrmDumpPrintfV, g_pStdOut); + } + /** @todo display certificates properly. */ + } if (pSignedData->Crls.cb > 0)