Hi Friedrich,

There has been some discussion on the C10 ng about code signing
certificates and what they actually do. Years ago, I tried to change a
single byte in a signed exe and it would no longer run. This I remember
clearly.

Now, it seems, based on posts from Jeff Slarve and Thomas Glomb that you
can modify the exe after code signing and all that happens is that if
you open the certificate in the exe properties and go into "Details" it
shows that the signature is invalid. Here is what I posted just now:

According to:
https://www.comodo.com/e-commerce/code-signing/code-signing-certificate.php?track=5630&key5sk0=5630&key5sk1=d4c99b1fafddffe24c2619ae628dd333779e281d

* Ensure integrity- Verifies that code has not been tampered with
since publication


According to:
https://www.godaddy.com/ssl/code-signing-certificate.aspx

* *Validates*and secures your code

Accoding to:
https://msdn.microsoft.com/en-us/library/ms537361(v=vs.85).aspx

Ensuring authenticity Assures users that they know where the code came
from.
Ensuring integrity Verifies that the code hasn't been tampered with
since its publication.

According to:
https://en.wikipedia.org/wiki/Code_signing

Code signing is used on Windows and Mac OS X to authenticate software
onfirst run<https://en.wikipedia.org/wiki/First_run>, ensuring that the
software has not been maliciously tampered with by a third-party
distributor or download site.

It sounds to_me_ that this should PREVENT executables that are signed
from running if they have been tampered with. Am I not understanding
this correctly?

Seems to me that you should NOT be able to tamper with the exe and still
get it to run. If the verification is just to show that the certificate
is invalid IF the user digs it up, then it's not much of a protection
from malicious code added after it was signed.

If people can modify applications that have been signed and they run
just fine, then what exactly is the point of using certificates for
products? I understand the value for installers, but I'm getting
concerned about the rest.

Best regards,

--
Arnor Baldvinsson
Icetips Alta LLC

Hi Arnor,

If it did NOT work after you changed the a single byte then you changed a
byte that was vital for the execution of the program (silent exit). If you
change a byte that is not vital then the executable will still run. This is
the expected bahaviour.

But if you change a byte in a code-signed executable then this will
definitely "break" the signature. It is impossible to change anything in
the file without breaking the digital authentication. *YOU* (the developer)
have to decide what to do if the code-signature is invalid. Or the
signatures of your DLLs. I know that most (99%) of all developers forget to
do the checks.

For example, what we do in high-security installations and web update
processes (U.S. Army, U.S. Government) is to handle a code-signature check
from within the application. We even have built-in functions in
SetupBuilder to handle this (see attached screenhot).

Similar to this:

http://www.lindersoft.com/forums/showthread.php?43842&p=78580
http://www.lindersoft.com/forums/showthread.php?43842&p=78775


Friedrich

--
Friedrich Linder
Lindersoft | www.lindersoft.com
+1.954.252.3910

--SetupBuilder "point. click. ship"
--Helping You Build Better Installations
--Create Windows 10 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner

Hi Friedrich,

> If it did NOT work after you changed the a single byte then you changed a
> byte that was vital for the execution of the program (silent exit). If you
> change a byte that is not vital then the executable will still run. This is
> the expected bahaviour.

I don't remember - it wasn't yesterday so it's gone<bg>

Here is my reply as I wrote it on C10 ng:

I would say it's probably closer to 99.9% and I don't think it's that
developer forget, I think that it's the implied safety that the code
certificate gives and they don't know about this. Without that check,
the code signing is virtually useless. Yet all the documentation I find
online about code signing and code certificates implicitly states that
the code certificate WILL _validate_ and _secure_ your code. It may do
the first, but it certainly does NOT do the second.

IMO this is where Microsoft and other code signing enforcers have
completely let their guard down. They should NOT allow code signed
application with invalid signature to be executed.

But I understand now the limitation of this process and will act
accordingly.

Best regards,

--
Arnor Baldvinsson - Icetips Alta LLC

Hi Friedrich -

Does this process phone-home to any site?

Thanks.

Also, it would be neat if SB could generate a DLL from which we could
utilize these goodies.

>
>For example, what we do in high-security installations and web update
>processes (U.S. Army, U.S. Government) is to handle a code-signature check
>from within the application. We even have built-in functions in
>SetupBuilder to handle this (see attached screenhot).

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

Source code is like a joke.
If you have to explain it, then it's not funny.

Hi Jeff,

> Also, it would be neat if SB could generate a DLL from which we could
> utilize these goodies.

See sample code here to verify signature:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa382384(v=vs.85).aspx

I plan to add this to the Icetips Utilities as soon as I can so that I
can implement this. I'll probably leave the code in C though, don't
have good experience translating stuff like this and google translate
doesn't work on it<g>

Best regards,

--
Arnor Baldvinsson - Icetips Alta LLC

Hi Jeff,

> can implement this. I'll probably leave the code in C though, don't
> have good experience translating stuff like this and google translate

What I meant was that I don't have good experience translating stuff
with structures with UNION in them:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa388205(v=vs.85).aspx


Best regards,

--
Arnor Baldvinsson - Icetips Alta LLC

They're akin to OVER(), if I'm not mistaken.

If I'm mistaken, then that's incorrect<g>.

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

Source code is like a joke.
If you have to explain it, then it's not funny.

Arnor,

> with structures with UNION in them:

It's the C equivalent of Clarion's OVER.

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"
And, now, Windows 10 brings us "The Inch Worm, Bumper Car of Wait!"


The life of a Clarion Developer: https://youtu.be/ozitqabi6UM

That I overlooked be for.

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

Source code is like a joke.
If you have to explain it, then it's not funny.

Jeff,

> That I overlooked be for.

I noticed after I posted my reply!<g>

Lee White

Hi Lee,

> It's the C equivalent of Clarion's OVER.

Hmmm....

union {
struct WINTRUST_FILE_INFO_ *pFile;
struct WINTRUST_CATALOG_INFO_ *pCatalog;
struct WINTRUST_BLOB_INFO_ *pBlob;
struct WINTRUST_SGNR_INFO_ *pSgnr;
struct WINTRUST_CERT_INFO_ *pCert;
};

means that it's a pointer to ONE of those structures. I'm not sure how
OVER would apply in this context? Have an example?

Best regards,

--
Arnor Baldvinsson - Icetips Alta LLC

Arnor,

> means that it's a pointer to ONE of those structures. I'm not sure how
> OVER would apply in this context? Have an example?

OVER in that it's the reuse of the same memory.

Such as this part of a devmode...

union {
struct {
short dmOrientation;
short dmPaperSize;
short dmPaperLength;
short dmPaperWidth;
short dmScale;
short dmCopies;
short dmDefaultSource;
short dmPrintQuality;
};
struct {
POINTL dmPosition;
DWORD dmDisplayOrientation;
DWORD dmDisplayFixedOutput;
};
};

It's either the first struct or the second struct that uses the memory
and that's dependent on what you're reading with the devmode.

In your case it's a pointer that could point to any 1 of the 5 objects
but there's just one pointer in the structure. If you wanted to reuse
that memory in Clarion you would use OVER(structure member)

YourGroup GROUP,PRE()
Something1 LONG
Memp UNSIGNED
Something2 LONG
END

WINTRUST_FILE_INFO_ UNSIGNED,OVER(Memp)
WINTRUST_CATALOG_INFO_ UNSIGNED,OVER(Memp)
WINTRUST_BLOB_INFO_ UNSIGNED,OVER(Memp)
WINTRUST_SGNR_INFO_ UNSIGNED,OVER(Memp)
WINTRUST_CERT_INFO_ UNSIGNED,OVER(Memp)

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"
And, now, Windows 10 brings us "The Inch Worm, Bumper Car of Wait!"


The life of a Clarion Developer: https://youtu.be/ozitqabi6UM

DLL?

DLL the man suggests???

I like it, Jeffy. Enough to have made the request in 2009<g>:

http://www.lindersoft.com/forums/showthread.php?19878-SetupBuilder-7-x-8-x-Wish-List&p=37929#post37929

Friedrich says it's not trivial.

Trivial, shmivial.

*I* get to do the trivial stuff. He needs to do the hard stuff !!!!

Of course... sniff... EVERYBODY ignores me. But maybe he'll listen to you
<g>.

jf

I invented the maglev train as a kid, but oh well<g>

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

Source code is like a joke.
If you have to explain it, then it's not funny.

Hi Lee,

> OVER in that it's the reuse of the same memory.
....
> In your case it's a pointer that could point to any 1 of the 5 objects
> but there's just one pointer in the structure. If you wanted to reuse
> that memory in Clarion you would use OVER(structure member)
>
> YourGroup GROUP,PRE()
> Something1 LONG
> Memp UNSIGNED
> Something2 LONG
> END
>
> WINTRUST_FILE_INFO_ UNSIGNED,OVER(Memp)
> WINTRUST_CATALOG_INFO_ UNSIGNED,OVER(Memp)
> WINTRUST_BLOB_INFO_ UNSIGNED,OVER(Memp)
> WINTRUST_SGNR_INFO_ UNSIGNED,OVER(Memp)
> WINTRUST_CERT_INFO_ UNSIGNED,OVER(Memp)

I figured it out for this after I posted since it's all just a pointer.
But how would you do that with the more complex DEVMODE union struct,
where it's actually referencing different datatypes, structs?

Lot of times you see things like this:

union{
int i;
char[40] ch;
}

etc, where you are dealing with vastly different datatypes. I've never
been able to wrap my head around how to do this in Clarion - or maybe I
have but then I've forgot it!<g>

Best regards,

--
Arnor Baldvinsson - Icetips Alta LLC

Arnor,

> I figured it out for this after I posted since it's all just a pointer.
> But how would you do that with the more complex DEVMODE union struct,
> where it's actually referencing different datatypes, structs?

For my uses I define multiple TYPEd groups... less headaches!<g>

> etc, where you are dealing with vastly different datatypes. I've never
> been able to wrap my head around how to do this in Clarion - or maybe I
> have but then I've forgot it!<g>

In all instances I've run into the BYTE count is the same regardless
of the data types used for different purposes. Again, for the sake of
sanity I use multiple TYPEd groups depending on what I'm doing and
then assign it to the &GROUP that I pass to the API.

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"
And, now, Windows 10 brings us "The Inch Worm, Bumper Car of Wait!"


The life of a Clarion Developer: https://youtu.be/ozitqabi6UM

Hi Lee,

> For my uses I define multiple TYPEd groups... less headaches!<g>

That goes without saying.

> In all instances I've run into the BYTE count is the same regardless
> of the data types used for different purposes.

union {
struct {
short dmOrientation;
short dmPaperSize;
short dmPaperLength;
short dmPaperWidth;
short dmScale;
short dmCopies;
short dmDefaultSource;
short dmPrintQuality;
};
struct {
POINTL dmPosition;
DWORD dmDisplayOrientation;
DWORD dmDisplayFixedOutput;
};
};

Isn't the same byte count if I'm counting correctly. The first is 16
(8*2bytes) but the second is 12 (3*4 bytes) - or does that get bumped up
to 16 bytes when memory is allocated by the OS?

Best regards,

--
Arnor Baldvinsson - Icetips Alta LLC

Arnor,

> union {
> struct {
> short dmOrientation;
> short dmPaperSize;
> short dmPaperLength;
> short dmPaperWidth;
> short dmScale;
> short dmCopies;
> short dmDefaultSource;
> short dmPrintQuality;
> };
> struct {
> POINTL dmPosition;
> DWORD dmDisplayOrientation;
> DWORD dmDisplayFixedOutput;
> };
> };
>
> Isn't the same byte count if I'm counting correctly. The first is 16
> (8*2bytes) but the second is 12 (3*4 bytes) - or does that get bumped up
> to 16 bytes when memory is allocated by the OS?

A POINTL is two LONG's so it's 4 longs.

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"
And, now, Windows 10 brings us "The Inch Worm, Bumper Car of Wait!"


The life of a Clarion Developer: https://youtu.be/ozitqabi6UM

The union members don't have to be the same size, anyway.

The largest one is the size of the union.

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

Source code is like a joke.
If you have to explain it, then it's not funny.

Hi Jeff,

> The union members don't have to be the same size, anyway.
>
> The largest one is the size of the union.

Do you mean that the union allocates memory based on the largest data
type in the union? I.e. something like this:

union{
int i;
char[40] ch;
}

would _always_ allocate 40 bytes?

Best regards,


--
Arnor Baldvinsson - Icetips Alta LLC

Yes

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

Source code is like a joke.
If you have to explain it, then it's not funny.

Here's a place where you can see it happen.

http://www.tutorialspoint.com/cprogramming/c_unions.htm

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

Source code is like a joke.
If you have to explain it, then it's not funny.

Hi Jeff,

> Here's a place where you can see it happen.
>
> http://www.tutorialspoint.com/cprogramming/c_unions.htm

Awesome! More specifically from that page: "The memory occupied by a
union will be large enough to hold the largest member of the union."
Cool!

So... You can declare a union in Clarion like:

uniontype String(LargestSizeOfUnionData)

and then do OVER with the proper datatype/group/whatever as appropriate.
Thanks guys!

Best regards,

--
Arnor Baldvinsson - Icetips Alta LLC

Arnor,

> uniontype String(LargestSizeOfUnionData)

BYTE,DIM(LargestSizeOfUnionData) might be easier to read later on.

--
Lee White

RPM Report Viewer.: http://www.cwaddons.com/products/rpm/
RPM Review........: http://www.clarionmag.com/cmag/v11/v11n06rpm.html
Report Faxing.....: http://www.cwaddons.com/products/afe/
---Enroll Today---: http://CWaddons.com

Creative Reporting: http://www.CreativeReporting.com

Product Release & Update Notices
http://twitter.com/DeveloperPLUS

Windows 8 brings us "The Oval, Bumper Car, Roller Coaster of Wait!"
And, now, Windows 10 brings us "The Inch Worm, Bumper Car of Wait!"


The life of a Clarion Developer: https://youtu.be/ozitqabi6UM

Hi Lee,

>> Isn't the same byte count if I'm counting correctly. The first is 16
>> (8*2bytes) but the second is 12 (3*4 bytes) - or does that get bumped up
>> to 16 bytes when memory is allocated by the OS?
>
> A POINTL is two LONG's so it's 4 longs.

Yes, of course, sorry! Read it as POINTer to Long<g>

Best regards,

--
Arnor Baldvinsson - Icetips Alta LLC