From 0a737c8c87fded05a74cad5232c9c973b3037d61 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Mon, 16 Apr 2018 00:23:05 +0200
Subject: Windows: implement internal verification of Authenticode digital
 signature for all modules to protect against simple binaries tampering.

---
 src/Setup/Setup.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'src/Setup/Setup.c')

diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c
index a1f27f41..cedd9f61 100644
--- a/src/Setup/Setup.c
+++ b/src/Setup/Setup.c
@@ -1051,7 +1051,7 @@ err:
 
 			FindClose (h);
 		}
-
+		
 		SetCurrentDirectory (SetupFilesDir);
 	}
 
@@ -2571,7 +2571,18 @@ int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpsz
 #ifndef PORTABLE
 		SetInstallationPath (NULL);
 #endif
-		if (!bUninstall)
+		if (bUninstall)
+		{
+			wchar_t path [TC_MAX_PATH];
+
+			GetModuleFileName (NULL, path, ARRAYSIZE (path));
+			if (!VerifyModuleSignature (path))
+			{
+				Error ("DIST_PACKAGE_CORRUPTED", NULL);
+				exit (1);
+			}
+		}
+		else
 		{
 			if (IsSelfExtractingPackage())
 			{
-- 
cgit v1.2.3