Security improvement to Auto Update feature
iManage Work Desktop for Windows 10.3.0 and later provides enhanced security to the Auto Update feature by providing a signed update.ini file. This allows you to have the flexibility to customize the update.ini file but with added security that differentiates between a customized update.ini file and a compromised update.ini file. With this security upgrade, you have to generate signature files and verify these signature files based on a private key file, every time you edit the update.ini file. You can generate and verify these signature files using the ConfigFileSigner.exe utility.
To generate signature files and verify these files using the ConfigFileSigner.exe utility, do the following:
Ensure that the update server includes the following files:
update.ini
updateinfo.json
imanageinstaller.ts1
imanageinstaller.ts2
imanageinstaller.ts3
ConfigFileSigner.exe
libcrypto-1_1.dll
libssl-1_1.dll
openssl.exe
pubkey.crt
pubkey.pem
sign.txt
Run the following command to generate the signature file.
ConfigFileSigner.exe -sign <pathtoprivate.key> <pathToUpdate.ini>
This creates the sign.txt in the working directory by running the following command:
openssl.exe dgst -sha256 -sign \
""
+ sArgs[
1
] +
"\" -out sign.txt \""
+ sArgs[
2
] + "\".
Alternatively, you can also upload the new sign.txt, pubkey.pem, and pubkey.crt files to iManage Control Center. These files are downloaded to %ProgramData%\iManage\AgentServices\CentralizedConfigs by iManage Work Desktop for Windows and iManage Updater reads all information from this file.
Set the following registry key settings on the client machine to match the subject and the issuer.
Location: HKEY_LOCAL_MACHINE\Software\iManage\AgentServices\AutoUpdate
Key: Issuer
Type: String (REG_SZ)
Value: <Issuer value>
Location: HKEY_LOCAL_MACHINE\Software\iManage\AgentServices\AutoUpdate
Key: Subject
Type: String (REG_SZ)
Value: <subject value>
Run the following command to validate the signature file.
ConfigFileSigner.exe -verify <pathtopublickey.pem> <pathtosign.txt> <pathtopublickey.crt> <pathtoupdate.ini>
This creates the SigVerify.txt file by running the following command to verify if the signature for the update.ini file matches the update.ini file.
openssl.exe dgst -sha256 -verify \
""
+ sArgs[
1
] +
"\" -signature \""
+ sArgs[
2
] +
"\" \""
+ sArgs[
4
] + "\"
And then runs the following command to create the CrtVerify.txt file to verify the subject and issuer of the keys supplied. This file also contains the output values for both issuer and subject.
openssl.exe x509 -in
" + sArgs[3] + "
-text -out " + sOutputCrtFile