From 9904aea27f2016167a7861b73f8fc1c950645c47 Mon Sep 17 00:00:00 2001
From: Mikkel Krautz <mikkel@krautz.dk>
Date: Tue, 30 Apr 2013 23:08:39 +0200
Subject: [PATCH] MSI: add support for remove-signature.

---
 osslsigncode.c | 65 +++++++++++++++++++++++++++++++-------------------
 1 file changed, 40 insertions(+), 25 deletions(-)

diff --git a/osslsigncode.c b/osslsigncode.c
index ce38aef..9d7cdb2 100644
--- a/osslsigncode.c
+++ b/osslsigncode.c
@@ -1195,7 +1195,8 @@ static gboolean msi_handle_dir(GsfInfile *infile, GsfOutfile *outole, BIO *hash)
 	GSList *sorted = NULL;
 
 	gsf_infile_msole_get_class_id(GSF_INFILE_MSOLE(infile), classid);
-	gsf_outfile_msole_set_class_id(GSF_OUTFILE_MSOLE(outole), classid);
+	if (outole != NULL)
+		gsf_outfile_msole_set_class_id(GSF_OUTFILE_MSOLE(outole), classid);
 
 	sorted = msi_sorted_infile_children(infile);
 
@@ -1206,7 +1207,9 @@ static gboolean msi_handle_dir(GsfInfile *infile, GsfOutfile *outole, BIO *hash)
 			continue;
 
 		gboolean is_dir = GSF_IS_INFILE(child) && gsf_infile_num_children(GSF_INFILE(child)) > 0;
-		GsfOutput *outchild = gsf_outfile_new_child(outole, name, is_dir);
+		GsfOutput *outchild = NULL;
+		if (outole != NULL)
+			outchild = gsf_outfile_new_child(outole, name, is_dir);
 		if (is_dir) {
 			if (!msi_handle_dir(GSF_INFILE(child), GSF_OUTFILE(outchild), hash)) {
 				return FALSE;
@@ -1216,14 +1219,16 @@ static gboolean msi_handle_dir(GsfInfile *infile, GsfOutfile *outole, BIO *hash)
 				gsf_off_t size = MIN(gsf_input_remaining(child), 4096);
 				guint8 const *data = gsf_input_read(child, size, NULL);
 				BIO_write(hash, data, size);
-				if (!gsf_output_write(outchild, size, data)) {
+				if (outchild != NULL && !gsf_output_write(outchild, size, data)) {
 					return FALSE;
 				}
 			}
 		}
 
-		gsf_output_close(outchild);
-		g_object_unref(outchild);
+		if (outchild != NULL) {
+			gsf_output_close(outchild);
+			g_object_unref(outchild);
+		}
 	}
 
 	BIO_write(hash, classid, sizeof(classid));
@@ -1852,8 +1857,8 @@ int main(int argc, char **argv)
 		DO_EXIT_1("Unrecognized file type: %s\n", infile);
 	}
 
-	if (cmd != CMD_SIGN && type != FILE_TYPE_PE)
-		DO_EXIT_1("Command is not supported for non-PE files: %s\n", infile);
+	if (cmd != CMD_SIGN && !(type == FILE_TYPE_PE || type == FILE_TYPE_MSI))
+		DO_EXIT_1("Command is not supported for non-PE/non-MSI files: %s\n", infile);
 
 	hash = BIO_new(BIO_f_md());
 	BIO_set_md(hash, md);
@@ -1882,12 +1887,14 @@ int main(int argc, char **argv)
 		if (!src)
 			DO_EXIT_1("Error opening file %s", infile);
 
-		sink = gsf_output_stdio_new(outfile, NULL);
-		if (!sink)
-			DO_EXIT_1("Error opening output file %s", outfile);
+		if (cmd == CMD_SIGN || cmd == CMD_REMOVE) {
+			sink = gsf_output_stdio_new(outfile, NULL);
+			if (!sink)
+				DO_EXIT_1("Error opening output file %s", outfile);
 
-		ole = gsf_infile_msole_new(src, NULL);
-		outole = gsf_outfile_msole_new(sink);
+			ole = gsf_infile_msole_new(src, NULL);
+			outole = gsf_outfile_msole_new(sink);
+		}
 
 #ifndef NO_MSI_DIGITALSIGNATUREEX
 		/*
@@ -1948,6 +1955,11 @@ int main(int argc, char **argv)
 		if (!msi_handle_dir(ole, outole, hash)) {
 			DO_EXIT_0("unable to msi_handle_dir()\n");
 		}
+
+		if (cmd == CMD_REMOVE) {
+			gsf_output_close(GSF_OUTPUT(outole));
+			g_object_unref(sink);
+		}
 #else
 		DO_EXIT_1("libgsf is not available, msi support is disabled: %s\n", infile);
 #endif
@@ -2260,21 +2272,24 @@ int main(int argc, char **argv)
 		}
 #ifdef WITH_GSF
 	} else if (type == FILE_TYPE_MSI) {
-		GsfOutput *child = gsf_outfile_new_child(outole, "\05DigitalSignature", FALSE);
-		if (!gsf_output_write(child, len, p))
-			DO_EXIT_1("Failed to write MSI 'DigitalSignature' signature to %s", infile);
-		gsf_output_close(child);
-
-		if (p_msiex != NULL) {
-			child = gsf_outfile_new_child(outole, "\05MsiDigitalSignatureEx", FALSE);
-			if (!gsf_output_write(child, len_msiex, p_msiex)) {
-				DO_EXIT_1("Failed to write MSI 'MsiDigitalSignatureEx' signature to %s", infile);
-			}
+		/* Only output signatures if we're signing. */
+		if (cmd == CMD_SIGN) {
+			GsfOutput *child = gsf_outfile_new_child(outole, "\05DigitalSignature", FALSE);
+			if (!gsf_output_write(child, len, p))
+				DO_EXIT_1("Failed to write MSI 'DigitalSignature' signature to %s", infile);
 			gsf_output_close(child);
-		}
 
-		gsf_output_close(GSF_OUTPUT(outole));
-		g_object_unref(sink);
+			if (p_msiex != NULL) {
+				child = gsf_outfile_new_child(outole, "\05MsiDigitalSignatureEx", FALSE);
+				if (!gsf_output_write(child, len_msiex, p_msiex)) {
+					DO_EXIT_1("Failed to write MSI 'MsiDigitalSignatureEx' signature to %s", infile);
+				}
+				gsf_output_close(child);
+			}
+
+			gsf_output_close(GSF_OUTPUT(outole));
+			g_object_unref(sink);
+		}
 #endif
 	}