[Bug 45757] Visual Studio 2017 Installer - " The installer manifest failed signature validation"

[wine-bugs at winehq.org]

https://bugs.winehq.org/show_bug.cgi?id=45757

--- Comment #13 from Dmitry Timoshkov <dmitry at baikal.ru> ---
Created attachment 64294
  --> https://bugs.winehq.org/attachment.cgi?id=64294
CryptMsgUpdate should skip broken certificates

I've dumped the blob and created 2 test apps: one loads the blob with
CertOpenStore(), and another one loads it with  CryptMsgOpenToDecode() +
CryptMsgUpdate() (like the VS installer does). The opened store contains
2 certificates because before adding the certificate to the store it
gets verified by an attempt to create a certificate context. However
CryptMsg* doesn't perform the verification and simply copies the certificate.

dumpasn1 shows that the blob in question has 3 certificates, but the last
one is corrupted.

Attached patch adds the verification step to CryptMsgUpdate(), and this
makes the loop that fetches the certificates from the blob and creates
the context succeed. Unfortunately after that the installer still fails
the signature verification due to another problem.

P.S.
And yes, crypt32 code is not the best thing to work on.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.