From 0a737c8c87fded05a74cad5232c9c973b3037d61 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Mon, 16 Apr 2018 00:23:05 +0200
Subject: Windows: implement internal verification of Authenticode digital
 signature for all modules to protect against simple binaries tampering.

---
 src/Setup/SelfExtract.c |  9 +++++++++
 src/Setup/Setup.c       | 15 +++++++++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)

(limited to 'src/Setup')

diff --git a/src/Setup/SelfExtract.c b/src/Setup/SelfExtract.c
index 9bae2119..7b3fb4fe 100644
--- a/src/Setup/SelfExtract.c
+++ b/src/Setup/SelfExtract.c
@@ -396,6 +396,15 @@ BOOL VerifyPackageIntegrity (void)
 
 	GetModuleFileName (NULL, path, ARRAYSIZE (path));
 
+#ifdef NDEBUG
+	// verify Authenticode digital signature of the exe file
+	if (!VerifyModuleSignature (path))
+	{
+		Error ("DIST_PACKAGE_CORRUPTED", NULL);
+		return FALSE;
+	}
+#endif
+
 	fileDataEndPos = (int) FindStringInFile (path, MagEndMarker, strlen (MagEndMarker));
 	if (fileDataEndPos < 0)
 	{
diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c
index a1f27f41..cedd9f61 100644
--- a/src/Setup/Setup.c
+++ b/src/Setup/Setup.c
@@ -1051,7 +1051,7 @@ err:
 
 			FindClose (h);
 		}
-
+		
 		SetCurrentDirectory (SetupFilesDir);
 	}
 
@@ -2571,7 +2571,18 @@ int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpsz
 #ifndef PORTABLE
 		SetInstallationPath (NULL);
 #endif
-		if (!bUninstall)
+		if (bUninstall)
+		{
+			wchar_t path [TC_MAX_PATH];
+
+			GetModuleFileName (NULL, path, ARRAYSIZE (path));
+			if (!VerifyModuleSignature (path))
+			{
+				Error ("DIST_PACKAGE_CORRUPTED", NULL);
+				exit (1);
+			}
+		}
+		else
 		{
 			if (IsSelfExtractingPackage())
 			{
-- 
cgit v1.2.3