Fix TrustFunc not checking ISSigVerifySignature result but not also always raising an exception. Harden the other non checking ones for this.

Components/TrustFunc.pas

@@ -56,12 +56,18 @@ begin
     else
       AllowedKeys := [Key1];
 
-    ISSigVerifySignature(Filename, AllowedKeys, ExpectedFileSize, ExpectedFileHash, nil, nil,
+    if not ISSigVerifySignature(Filename, AllowedKeys, ExpectedFileSize, ExpectedFileHash,
+      nil,
+      procedure(const Filename, SigFilename: String)
+      begin
+        raise Exception.CreateFmt('Signature file "%s" does not exist', [SigFileName]);
+      end,
       procedure(const SigFilename: String; const VerifyResult: TISSigVerifySignatureResult)
       begin
-        if VerifyResult <> vsrSuccess then
-          raise Exception.CreateFmt('Signature file "%s" is not valid', [SigFileName]);
-      end);
+        raise Exception.CreateFmt('Signature file "%s" is not valid', [SigFileName]);
+      end
+    ) then
+      raise Exception.Create('Unexpected ISSigVerifySignature result');
   finally
     Key2.Free;
     Key1.Free;

Projects/Src/Compiler.SetupCompiler.pas

@@ -7045,7 +7045,7 @@ var
             if Length(ISSigAvailableKeys) = 0 then { shouldn't fail: flag stripped already }
               AbortCompileFmt(SCompilerCompressInternalError, ['Length(ISSigAvailableKeys) = 0']);
             var ExpectedFileSize: Int64;
-            ISSigVerifySignature(FileLocationEntryFilenames[I],
+            if not ISSigVerifySignature(FileLocationEntryFilenames[I],
               GetISSigAllowedKeys(ISSigAvailableKeys, FLExtraInfo.ISSigAllowedKeys),
               ExpectedFileSize, ExpectedFileHash, FLExtraInfo.ISSigKeyUsedID,
               nil,
@@ -7065,7 +7065,8 @@ var
                 AbortCompileFmt(SCompilerSourceFileISSigInvalidSignature1,
                   [SigFilename, VerifyResultAsString]);
               end
-            );
+            ) then
+              AbortCompileFmt(SCompilerCompressInternalError, ['Unexpected ISSigVerifySignature result']);
             if Int64(SourceFile.Size) <> ExpectedFileSize then
               AbortCompileFmt(SCompilerSourceFileISSigInvalidSignature2,
                 [FileLocationEntryFilenames[I], SCompilerSourceFileISSigFileSizeIncorrect]);

Projects/Src/Setup.Install.pas

@@ -278,7 +278,7 @@ begin
   var ExpectedFileHash: TSHA256Digest;
   if ISSigVerify then begin
     var ExpectedFileSize: Int64;
-    ISSigVerifySignature(ISSigSourceFilename,
+    if not ISSigVerifySignature(ISSigSourceFilename,
       GetISSigAllowedKeys(ISSigAvailableKeys, ISSigAllowedKeys),
       ExpectedFileSize, ExpectedFileHash,
       nil,
@@ -297,7 +297,8 @@ begin
         end;
         ISSigVerifyError(VerifyResultAsString, SetupMessages[msgSourceIsCorrupted]);
       end
-    );
+    ) then
+      InternalError('Unexpected ISSigVerifySignature result');
     if Int64(SourceF.Size) <> ExpectedFileSize then
       ISSigVerifyError(ISSigFileSizeIncorrect, SetupMessages[msgSourceIsCorrupted]);
     { ExpectedFileHash checked below after copy }

Projects/Src/Setup.ScriptFunc.pas

@@ -1836,7 +1836,7 @@ var
         end;
 
         { Verify signature }
-        ISSigVerifySignature(Filename, AllowedKeys, ExpectedFileSize, ExpectedFileHash,
+        if not ISSigVerifySignature(Filename, AllowedKeys, ExpectedFileSize, ExpectedFileHash,
           procedure(const Filename: String)
           begin
             raise Exception.Create('File does not exist');
@@ -1856,7 +1856,8 @@ var
               InternalError('Unknown verify result');
             end;
           end
-        );
+        ) then
+          InternalError('Unexpected ISSigVerifySignature result');
       finally
         for var I := 0 to NAllowedKeys-1 do
           AllowedKeys[I].Free;