VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2020-07-22 23:33:21 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2020-07-22 23:54:53 +0200
commitb6b6710d2b055c703f86429b431c616f99cb4c85 (patch)
tree546bce253608d8ed4c9051dc1e95703be80e0598 /src/Common
parentc4a6269c8c384a7b8d4a362cac6a87a8a99b9b62 (diff)
downloadVeraCrypt-b6b6710d2b055c703f86429b431c616f99cb4c85.tar.gz
VeraCrypt-b6b6710d2b055c703f86429b431c616f99cb4c85.zip
Windows: Add possibility to sign binaries using SHA256 only. This fixes Windows Smart Screen warning when launching installer
Diffstat (limited to 'src/Common')
-rw-r--r--src/Common/Dlgcode.c14
1 files changed, 13 insertions, 1 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 7a4f473e..0b9a7105 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -389,6 +389,16 @@ static unsigned char gpbSha1CodeSignCertFingerprint[64] = {
0xE9, 0x65, 0xA5, 0x61
};
+static unsigned char gpbSha256CodeSignCertFingerprint[64] = {
+ 0x88, 0x60, 0xC4, 0x26, 0x6D, 0x42, 0x59, 0x1B, 0xDF, 0x89, 0x0F, 0x1A,
+ 0x2F, 0x70, 0x8D, 0xBB, 0xC0, 0xF0, 0x03, 0x1F, 0x37, 0x11, 0xF9, 0x24,
+ 0x78, 0xDF, 0xD3, 0x60, 0xFB, 0xF3, 0xDC, 0xCA, 0x0D, 0x95, 0x06, 0x6A,
+ 0x5E, 0xAD, 0x5C, 0xA3, 0x3E, 0x75, 0x55, 0x96, 0x7B, 0xD1, 0x0D, 0xC1,
+ 0x00, 0xFE, 0xA0, 0x95, 0x13, 0x23, 0x20, 0x63, 0x26, 0x57, 0xFA, 0x6C,
+ 0xE4, 0x27, 0xF8, 0x36
+};
+
+
typedef HRESULT (WINAPI *SHGETKNOWNFOLDERPATH) (
_In_ REFKNOWNFOLDERID rfid,
_In_ DWORD dwFlags,
@@ -13891,7 +13901,9 @@ BOOL VerifyModuleSignature (const wchar_t* path)
BYTE hashVal[64];
sha512 (hashVal, pProviderCert->pCert->pbCertEncoded, pProviderCert->pCert->cbCertEncoded);
- if (0 == memcmp (hashVal, gpbSha1CodeSignCertFingerprint, 64))
+ if ( (0 == memcmp (hashVal, gpbSha1CodeSignCertFingerprint, 64))
+ || (0 == memcmp (hashVal, gpbSha256CodeSignCertFingerprint, 64))
+ )
{
bResult = TRUE;
}