Fix Plugin Admin not showing on menu due to certificate checking problem

* Fix certificate checking problem: the old certificate has been expired. In v8.4.2 Notepad++ & its components are signed by the new certificate. The certificate is checked before launching WinGUp (updater) to compare with the certificate key value stored in Notepad++. Updating certificate key value fixes the problem of WinUp validation, so Plugin Admin can be shown on the menu. * Fix a typo. Fix #11742
2022-05-29 17:23:31 +02:00 · 2022-05-29 17:23:31 +02:00 · b5479bb9b0
parent 8498e06193
commit b5479bb9b0
5 changed files with 16 additions and 16 deletions
--- a/PowerEditor/src/MISC/Common/verifySignedfile.cpp
+++ b/PowerEditor/src/MISC/Common/verifySignedfile.cpp
@ -31,10 +31,10 @@

 using namespace std;

-//SecurityMode SecurityGard::_securityMode = sm_sha256;
-SecurityMode SecurityGard::_securityMode = sm_certif;
+//SecurityMode SecurityGuard::_securityMode = sm_sha256;
+SecurityMode SecurityGuard::_securityMode = sm_certif;

-SecurityGard::SecurityGard()
+SecurityGuard::SecurityGuard()
 {
 	_scilexerSha256.push_back(TEXT("03c9177631d2b32de3d32c73a8841cf68fc2cb17f306825489dc3df98000db85")); // v3.5.6 32 bit (signed)
 	_scilexerSha256.push_back(TEXT("9896c4089275e21412fd80421827912ebd80e357394b05145a613d190462e211")); // v3.5.6 64 bit (signed)
@ -49,7 +49,7 @@ SecurityGard::SecurityGard()
 	_pluginListSha256.push_back(TEXT("1c404fd3578273f5ecde585af82179ff3b63c635fb4fa24be21ebde708e403e4")); // v1.0.8 64 bit (unsigned)
 }

-bool SecurityGard::checkModule(const std::wstring& filePath, NppModule module2check)
+bool SecurityGuard::checkModule(const std::wstring& filePath, NppModule module2check)
 {
 #ifndef _DEBUG
 	if (_securityMode == sm_certif)
@ -68,7 +68,7 @@ bool SecurityGard::checkModule(const std::wstring& filePath, NppModule module2ch
 #endif
 }

-bool SecurityGard::checkSha256(const std::wstring& filePath, NppModule module2check)
+bool SecurityGuard::checkSha256(const std::wstring& filePath, NppModule module2check)
 {
 	// Uncomment the following code if the components are rebuilt for testing
 	// It should be stay in commenting out
@ -109,7 +109,7 @@ bool SecurityGard::checkSha256(const std::wstring& filePath, NppModule module2ch
 	return false;
 }

-bool SecurityGard::verifySignedLibrary(const std::wstring& filepath, NppModule module2check)
+bool SecurityGuard::verifySignedLibrary(const std::wstring& filepath, NppModule module2check)
 {
 	wstring display_name;
 	wstring key_id_hex;
--- a/PowerEditor/src/MISC/Common/verifySignedfile.h
+++ b/PowerEditor/src/MISC/Common/verifySignedfile.h
@ -51,10 +51,10 @@
 enum SecurityMode { sm_certif = 0, sm_sha256 = 1 };
 enum NppModule { nm_scilexer = 0, nm_gup = 1, nm_pluginList = 2 };

-class SecurityGard final
+class SecurityGuard final
 {
 public:
-	SecurityGard();
+	SecurityGuard();
 	bool checkModule(const std::wstring& filePath, NppModule module2check);

 private:
@ -69,7 +69,7 @@ private:
 	// Code signing certificate
 	std::wstring _signer_display_name = TEXT("Notepad++");
 	std::wstring _signer_subject = TEXT("C=FR, S=Ile-de-France, L=Saint Cloud, O=\"Notepad++\", CN=\"Notepad++\"");
-	std::wstring _signer_key_id = TEXT("ED255D9151912E40DF048A56288E969A8D0DAFA3");
+	std::wstring _signer_key_id = TEXT("E687332916D6B681FE28C5EF423CEE259D3953B9");
 	bool _doCheckRevocation = false;
 	bool _doCheckChainOfTrust = false;

--- a/PowerEditor/src/NppCommands.cpp
+++ b/PowerEditor/src/NppCommands.cpp
@ -3288,8 +3288,8 @@ void Notepad_plus::command(int id)
 				bool isCertifVerified = true;
 #else //RELEASE
 				// check the signature on updater
-				SecurityGard securityGard;
-				bool isCertifVerified = securityGard.checkModule(updaterFullPath, nm_gup);
+				SecurityGuard securityGuard;
+				bool isCertifVerified = securityGuard.checkModule(updaterFullPath, nm_gup);
 #endif
 				if (isCertifVerified)
 				{
--- a/PowerEditor/src/WinControls/PluginsAdmin/pluginsAdmin.cpp
+++ b/PowerEditor/src/WinControls/PluginsAdmin/pluginsAdmin.cpp
@ -724,13 +724,13 @@ bool PluginsAdminDlg::initFromJson()

 	// check the signature on default location : %APPDATA%\Notepad++\plugins\config\pl\nppPluginList.dll or NPP_INST_DIR\plugins\config\pl\nppPluginList.dll
 	
-	SecurityGard securityGard;
-	bool isSecured = securityGard.checkModule(_pluginListFullPath, nm_pluginList);
+	SecurityGuard securityGuard;
+	bool isSecured = securityGuard.checkModule(_pluginListFullPath, nm_pluginList);

 	if (!isSecured)
 		return false;

-	isSecured = securityGard.checkModule(_updaterFullPath, nm_gup);
+	isSecured = securityGuard.checkModule(_updaterFullPath, nm_gup);

 	if (isSecured)
 	{
--- a/PowerEditor/src/winmain.cpp
+++ b/PowerEditor/src/winmain.cpp
@ -661,8 +661,8 @@ int WINAPI wWinMain(HINSTANCE hInstance, HINSTANCE, PWSTR pCmdLine, int)
 	winVer ver = nppParameters.getWinVersion();
 	bool isGtXP = ver > WV_XP;

-	SecurityGard securityGard;
-	bool isSignatureOK = securityGard.checkModule(updaterFullPath, nm_gup);
+	SecurityGuard securityGuard;
+	bool isSignatureOK = securityGuard.checkModule(updaterFullPath, nm_gup);

 	if (TheFirstOne && isUpExist && isGtXP && isSignatureOK)
 	{