You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix: make mcpb verify/info actually verify PKCS#7 signatures
`verifyMcpbFile()` called node-forge's `PkcsSignedData.verify()`, which is
not implemented and always throws "PKCS#7 signature verification not yet
implemented". The throw was caught and mapped to `status: "unsigned"`, so
`mcpb verify` and `mcpb info` reported *every* signed bundle as unsigned,
regardless of how it was signed. The `"self-signed"` status was also
unreachable: the OS trust-store check returned "unsigned" before it.
This implements the detached PKCS#7 verification manually:
- the signed `messageDigest` attribute must equal SHA-256 of the content, and
- the signer signature must validate over the DER-encoded authenticated
attributes (re-tagged as a SET OF).
It also reverses the EOCD `comment_length` patch that `signMcpbFile()` applies
*after* signing (added in #204): the stored content differs from the signed
content by those two bytes, so verification must restore them before hashing
or the digest never matches for bundles produced by `mcpb sign`.
Trust levels: OS-trusted chain -> "signed"; self-signed (issuer CN == subject
CN) -> "self-signed"; valid signature but untrusted, non-self-signed chain ->
"unsigned".
The self-signed e2e test accepted both "self-signed" and "unsigned", so it
never caught this; it now requires "self-signed".
Related: #195 (championed verify fix, native crypto; lacks the EOCD reversal
needed on current main), #205, #212. Fixes#21.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
0 commit comments