On Fri, 2009-11-13 at 13:34 -0800, JoelKatz wrote: > We recently tested using the Mono version of 'signcode' in place of > Microsoft's 'signtool'. While the signatures and timestamps checked out, we > noticed that the signed executable was failing PE checksum validation. > > For example, file's signed by the Mono signcode fail this check: > http://msdn.microsoft.com/en-us/library/ms680355%28VS.85%29.aspx > The HeaderSum and CheckSum are unequal. > > Details of the algorithm used can be found here: > http://www.codeproject.com/KB/cpp/PEChecksum.aspx
The field was left empty because it was not required for verifying the authenticode integrity. In fact it's not commonly checked afaik. Is this causing you a problem somewhere ? In this case patches would be welcome :-) Otherwise please open a bug report (as an enhancement) on bugzilla.novell.com so I don't forget about this issue next time I go around fixing those parts. Thanks Sebastien _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
