PDA

View Full Version : Anyone know why a file hash would change during upload/download?



MikeAtSoftware
03-08-2008, 01:35 PM
I've got a working setup.exe installer. Digitally signed in Installshiled in IS2008. Signature verified after build using signtool / verify and chktrust. No problems with the signature there. Alos tried manual signinign outside of IS.

Upload the file to a web server, then go to a page which downloads the .exe file just uploaded. Click the file, select 'Run'. The file downloads. At the end of the download, Windows refuses to run it, with the error "Unknown Publisher". Dig into the error message reveals "The digital signature of the object did not verify”, which apparently means "The file's current hash is invalid according to the hash stored in the file's digital signature".

Now, run chktrust and signtool / verify again - on the file which has just been downloaded, and both tests fail. So - the same file which has a verified signature before uploading does not have one after upload/download.

Why?

Why would the hash change just because of an upload, followed by a download?

MikeAtSoftware
03-09-2008, 06:20 AM
So, talking to myself ....

If you use an FTP client like me, which says: "Auot-detect is enabled by default. When you use auto-detect, the upload will detect what type of file you are uploading, and if it is of the type .exe, the upload will take place in binary mode.", then take care - because my particular FTP client does not do what it says it does. The so-called "auto-detect" does nothing of the sort, and instead uploads in ascii, without telling the user, and uploading in ascii will alter the hash of the file. So, by explicitly setting the transfer mode to binary, the file's hash remained the same, and the file signing problem was solved.

So - a product with unhelpful documentation and behaviour which is both undocumented and unexpected. Hmmm ....