[Bug 14483] New: WinVerifyTrustEx doesn't return expected HRESULT for PE images not digitally signed (TRUST_E_NOSIGNATURE)

wine-bugs at winehq.org wine-bugs at winehq.org
Mon Jul 14 17:45:00 CDT 2008 

http://bugs.winehq.org/show_bug.cgi?id=14483

           Summary: WinVerifyTrustEx doesn't return expected HRESULT for PE
                    images not digitally signed (TRUST_E_NOSIGNATURE)
           Product: Wine
           Version: CVS/GIT
          Platform: PC
               URL: http://www.filehippo.com/download_msn_messenger/751/
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: wintrust
        AssignedTo: wine-bugs at winehq.org
        ReportedBy: focht at gmx.net


Hello,

this is a follow-up bug of bug 12718

Enable tracing:

--- snip ---
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Trace]
"Level"=dword:00000099
--- snip ---

"msnmsgr.exe" PE image is *not* digitally signed.

Compare both:

--- snip windows trace ---
..
<3776, 3780>:  Verifying calling process image is
signed... at passportclientlibrary.cpp_103
<3776, 3780>:  Failed to WinVerifyTrustEx : C:\Program Files\MSN
Messenger\msnmsgr.exe. hr = 0x800b0100 at util.cpp_802
<3776, 3780>:  Failed to Verify the file signature : C:\Program Files\MSN
Messenger\msnmsgr.exe. hr = 0x800b0100 at util.cpp_858
<3776, 3780>:  Unable to verify caller is signed by MSFT cert 0x800b0100.
GetCertificate API will not function correctly. at passportclientlibrary.cpp_124
--- snip windows trace ---

vs.

--- snip wine trace ---
..
<8, 9>:  Verifying calling process image is
signed... at passportclientlibrary.cpp_103
<8, 9>:  Passed WinVerifyTrustEx : C:\Program Files\MSN Messenger\msnmsgr.exe.
@util.cpp_807
<8, 9>:  Verify certificate against microsoft root : C:\Program Files\MSN
Messenger\msnmsgr.exe. @util.cpp_808
<8, 9>:  Failed to Verify the file signature : C:\Program Files\MSN
Messenger\msnmsgr.exe. hr = 0x800b0100 at util.cpp_858
<8, 9>:  Unable to verify caller is signed by MSFT cert 0x800b0100.
GetCertificate API will not function correctly. at passportclientlibrary.cpp_124
--- snip wine trace ---

--- snip wine ---
0030:Ret  imagehlp.ImageGetCertificateHeader() retval=00000000 ret=609fb7cc
..
0030:trace:wintrust:CryptSIPGetSignedDataMsg returning 0
0030:Ret  wintrust.CryptSIPGetSignedDataMsg() retval=00000000 ret=607c4b2a
0030:trace:crypt:CryptSIPGetSignedDataMsg returning 0
0030:trace:wintrust:SoftpubLoadMessage returning 1 (800b0100)
0030:Ret  wintrust.SoftpubLoadMessage() retval=00000001 ret=60a05942
0030:trace:wintrust:WINTRUST_DefaultVerify returning 00000001
0030:trace:wintrust:WinVerifyTrust returning 00000001
0030:Ret  wintrust.WinVerifyTrustEx() retval=00000001 ret=003ad2e9 
--- snip wine ---

Remember: S_FALSE is not a failure code at all.

The return code evaluation from messenger looks like an inlined FAILED() macro
((HRESULT)(Status)<0) which basically just tests if the result has the high bit
set.
They don't test for S_OK, hence it incorrectly reports "pass" in wine.

TRUST_E_NOSIGNATURE has to be propagated somewhere because that's what
WinVerifyTrustEx() should return in that case.

Reagrds


-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list