cmd/tailscale/cli, util/winutil/authenticode: flesh out authenticode support

Previously, tailscale upgrade was doing the bare minimum for checking authenticode signatures via `WinVerifyTrustEx`. This is fine, but we can do better: * WinVerifyTrustEx verifies that the binary's signature is valid, but it doesn't determine *whose* signature is valid; tailscale upgrade should also ensure that the binary is actually signed *by us*. * I added the ability to check the signatures of MSI files. * In future PRs I will be adding diagnostic logging that lists details about every module (ie, DLL) loaded into our process. As part of that metadata, I want to be able to extract information about who signed the binaries. This code is modelled on some C++ I wrote for Firefox back in the day. See https://searchfox.org/mozilla-central/rev/27e4816536c891d85d63695025f2549fd7976392/toolkit/xre/dllservices/mozglue/Authenticode.cpp for reference. Fixes #8284 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
2025-10-29 07:09:33 +00:00 · 2023-06-06 10:08:10 -06:00
parent ec9213a627
commit 7adf15f90e
7 changed files with 681 additions and 29 deletions
--- a/go.mod
+++ b/go.mod
@@ -18,7 +18,7 @@ require (
 	github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf
 	github.com/creack/pty v1.1.18
 	github.com/dave/jennifer v1.6.1
-	github.com/dblohm7/wingoes v0.0.0-20230426155039-111c8c3b57c8
+	github.com/dblohm7/wingoes v0.0.0-20230801195049-ed8077baf0cd
 	github.com/dsnet/try v0.0.3
 	github.com/evanw/esbuild v0.14.53
 	github.com/frankban/quicktest v1.14.5