Improve VM-Assert-Signature

The current implementation of `VM-Assert-Signature` uses
`Get-AuthenticodeSignature` status, that only checks that the file has a
syntactically syntactically valid signature. Verify the signing
authority using `signtool.exe`.

packages/common.vm/common.vm.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>common.vm</id>
-    <version>0.0.0.20241029</version>
+    <version>0.0.0.20241106</version>
     <description>Common libraries for VM-packages</description>
     <authors>Mandiant</authors>
   </metadata>

packages/common.vm/tools/vm.common/vm.common.psm1

@@ -128,20 +128,20 @@ function VM-Assert-Path {
     }
 }
 
-# Raise an exception if the Signature of $file_path is invalid
+# Raise an exception if the signtool.exe is not found or if the signature of $filePath is invalid
+# vcbuildtools.vm installs signtool.exe
 function VM-Assert-Signature {
     [CmdletBinding()]
     Param(
         [Parameter(Mandatory=$true)]
-        [String] $file_path
+        [String] $filePath
     )
-    $signature_status = (Get-AuthenticodeSignature -FilePath $file_path).Status
-    if ($signature_status -eq 'Valid') {
-        VM-Write-Log "INFO" "Valid signature: $file_path"
-    } else {
-        $err_msg = "Invalid signature: $file_path"
-        VM-Write-Log "ERROR" $err_msg
-        throw $err_msg
+    $signtoolPath = Get-ChildItem -Path "C:\Program Files*\Windows Kits\10\bin\*\x86\signtool.exe" | Select-Object -Last 1
+    if (-Not $signtoolPath) { throw "signtool.exe not found" }
+
+    & $signtoolPath verify /pa /all /tw /q $filePath
+    if ($LASTEXITCODE) {
+        throw "INVALID SIGNATURE: $filePath"
     }
 }
 

packages/googlechrome.vm/googlechrome.vm.nuspec

@@ -2,11 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>googlechrome.vm</id>
-    <version>0.0.0.20241002</version>
+    <version>0.0.0.20241106</version>
     <authors>Google LLC.</authors>
     <description>Chrome is a popular web browser.</description>
     <dependencies>
-      <dependency id="common.vm" version="0.0.0.20240425" />
+      <dependency id="common.vm" version="0.0.0.20241106" />
+      <dependency id="vcbuildtools.vm" />
     </dependencies>
   </metadata>
 </package>

packages/metasploit.vm/metasploit.vm.nuspec

@@ -2,11 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>metasploit.vm</id>
-    <version>6.4.13.20240614</version>
+    <version>6.4.13.20241106</version>
     <authors>Rapid7</authors>
     <description>A computer security project that provides information about security vulnerabilities, aids in penetration testing, and IDS signature development.</description>
     <dependencies>
-      <dependency id="common.vm" />
+      <dependency id="common.vm" version="0.0.0.20241106" />
+      <dependency id="vcbuildtools.vm" />
     </dependencies>
   </metadata>
 </package>

packages/sysinternals.vm/sysinternals.vm.nuspec

@@ -2,11 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>sysinternals.vm</id>
-    <version>0.0.0.20240717</version>
+    <version>0.0.0.20241106</version>
     <authors>Mark Russinovich, Bryce Cogswell</authors>
     <description>Sysinternals suite.</description>
     <dependencies>
-      <dependency id="common.vm" version="0.0.0.20240111" />
+      <dependency id="common.vm" version="0.0.0.20241106" />
+      <dependency id="vcbuildtools.vm" />
     </dependencies>
   </metadata>
 </package>