[Bug 46898] New: SIMATIC WinCC V15.1 Runtime installer fails in Windows 7 mode, reporting "The Microsoft security update KB3033929 was not found on your system." (' ksecdd.sys' missing with version resource)

wine-bugs at winehq.org wine-bugs at winehq.org
Sun Mar 24 13:01:32 CDT 2019 

https://bugs.winehq.org/show_bug.cgi?id=46898

            Bug ID: 46898
           Summary: SIMATIC WinCC V15.1 Runtime installer fails in Windows
                    7 mode, reporting "The Microsoft security update
                    KB3033929 was not found on your system." ('ksecdd.sys'
                    missing with version resource)
           Product: Wine
           Version: 4.4
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: -unknown
          Assignee: wine-bugs at winehq.org
          Reporter: focht at gmx.net
      Distribution: ---

Hello folks,

continuation of bug 46895

The installer aborts in Windows 7 mode (default WINEPREFIX WinVer):

--- snip ---
$ pwd
/home/focht/Downloads/SIMATIC WinCC Runtime Advanced V15.1

$ WINEDEBUG=+loaddll,+process,+seh,+wbemprox,+msi,+relay wine ./Start.exe
>>log.txt 2>&1
...
0054:fixme:advapi:ReportEventW
(0xcafe4242,0x0001,0x0000,0x00000000,(nil),0x0001,0x00000000,0x124804c,0x1247f54):
stub
0054:err:eventlog:ReportEventW L"18:38:12|ERROR     |CheckFileTerm()           
             |(01)    File-Term. The term value
{Condition=([OS_VERSION_String]>=6.1 AND [OS_VERSION_String]<6.2 AND
[OS_PLATFORM]='x64')};{File};{[WINDOWSFOLDER]Sysnative\\drivers\\ksecdd.sys};{=>};{6.1.7601.18741};{TermMessage44}
is not satisfied."
0056:fixme:advapi:DeregisterEventSource (0xcafe4242) stub
--- snip ---

Condition can be found in installer .ini file (unicode):

--- snip ---
$ grep -Hrni -a -A2 K.B.3.0.3.3.9.2.9

InstData/Resources/SIA2.ini:190:;// KB3033929
InstData/Resources/SIA2.ini-191-{Condition=([OS_VERSION_String]>=6.1 AND
[OS_VERSION_String]<6.2 AND
[OS_PLATFORM]='x64')};{File};{[WINDOWSFOLDER]Sysnative\drivers\ksecdd.sys};{=>};{6.1.7601.18741};{TermMessage44}
InstData/Resources/SIA2.ini-192-{Condition=([OS_VERSION_String]>=6.1 AND
[OS_VERSION_String]<6.2 AND
[OS_PLATFORM]='x32')};{File};{[SystemFolder]drivers\ksecdd.sys};{=>};{6.1.7601.18741};{TermMessage44}
--
InstData/Resources/SIA2.ini:306:TermMessage44=Das Microsoft Sicherheitsupdate
KB3033929 oder ein entsprechender Nachfolger wurde auf ihrem System nicht
gefunden. Bitte installieren Sie das Update, bevor sie mit der Installation
fortfahren.
InstData/Resources/SIA2.ini-307-TermMessage45=Dummy
InstData/Resources/SIA2.ini-308-TermMessage46=Das Microsoft Update KB2919355
oder ein entsprechender Nachfolger wurde auf ihrem System nicht gefunden. Bitte
installieren Sie das Update, bevor sie mit der Installation fortfahren.
--
InstData/Resources/SIA2.ini:363:TermMessage44=The Microsoft security update
KB3033929 or a corresponding successor was not found on your system. Please
install the update before you continue with the installation.
--- snip ---

Link to Microsoft Security Advisory 3033929 (KB3033929):

https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2015/3033929

The driver is present with all Windows versions since Vista. Fix is included in
Windows 8+ by default.

Technical overview/tidbits:

https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp891.pdf

--- quote ---
Microsoft Kernel Security Support Provider Interface (KSECDD.SYS) is a FIPS
140-2 Level 1 compliant, general purpose, software-based, cryptographic module
residing at kernel mode level of Windows Vista operating system. KSECDD.SYS
(versions 6.0.6000.16386, 6.0.6000.16870, and 6.0.6000.21067) runs as a kernel
mode export driver, and provides cryptographic services, through their
documented interfaces, to Windows Vista kernel components. The KSECDD.SYS
encapsulates several different cryptographic algorithms in an easy-to-use
cryptographic module accessible via the Microsoft CNG (Cryptography, Next
Generation) API. It also supports several cryptographic algorithms accessible
via a Fips function table request irp (I/O request packet). Windows Vista
kernel mode components can use general-purpose FIPS 140-2 Level 1 compliant
cryptography in KSECDD.SYS. 
--- quote ---

Two ways to fix/work around:

- switch WinVer for the installer to Windows 8 or later
- provide a placeholder 'ksecdd.sys' with version resource

For demonstration I've copied one of Wine's existing placeholder which has a
version resource 6.5.x as dummy.

NOTE: For 64-bit WINEPREFIX you need to call with 'wine64' to have it go in
proper folder.

--- snip ---
$ wine64 cmd.exe /c copy "c:\\windows\\system32\\amstream.dll"
"c:\\windows\\system32\\drivers\\ksecdd.sys"
--- snip ---

After that the installer proceeds further. Relevant part of application log:

--- snip ---
...
18:54:09|..        |CheckTerms::CheckTerms()                |(01)    TERM:
'{Condition=([OS_VERSION_String]>=6.1 AND [OS_VERSION_String]<6.2 AND
[OS_PLATFORM]='x64')};{File};{[WINDOWSFOLDER]Sysnative\drivers\ksecdd.sys};{=>};{6.1.7601.18741};{TermMessage44}'
18:54:09|..        |CheckTerms::CheckTerms()                |(01)   
Condition='([OS_VERSION_String]>=6.1 AND [OS_VERSION_String]<6.2 AND
[OS_PLATFORM]='x64')'
18:54:09|..        |CheckTerms::CheckTerms()                |(01)    Condition
is fulfilled. Checking term...
18:54:09|...       |CheckTerms::CheckFileTerm()             |(01)    File-Term:
Exists: True; Path: C:\windows\Sysnative\drivers\ksecdd.sys
18:54:09|...       |CheckTerms::CheckFileTerm()             |(01)    File-Term:
Required file version: 06.01.7601.18741_00.00.00.00
18:54:09|...       |CheckTerms::CheckFileTerm()             |(01)    File-Term:
Current file version: 06.05.01.900_00.00.00.00
18:54:09|...       |CheckTerms::CheckFileTerm()             |(01)    File-Term.
OK: {Condition=([OS_VERSION_String]>=6.1 AND [OS_VERSION_String]<6.2 AND
[OS_PLATFORM]='x64')};{File};{[WINDOWSFOLDER]Sysnative\drivers\ksecdd.sys};{=>};{6.1.7601.18741};{TermMessage44}
18:54:09|..        |CheckTerms::CheckTerms()                |(01)     
18:54:09|..        |CheckTerms::CheckTerms()                |(01)    TERM:
'{Condition=([OS_VERSION_String]>=6.1 AND [OS_VERSION_String]<6.2 AND
[OS_PLATFORM]='x32')};{File};{[SystemFolder]drivers\ksecdd.sys};{=>};{6.1.7601.18741};{TermMessage44}'
18:54:09|..        |CheckTerms::CheckTerms()                |(01)   
Condition='([OS_VERSION_String]>=6.1 AND [OS_VERSION_String]<6.2 AND
[OS_PLATFORM]='x32')'
18:54:09|..        |CheckTerms::CheckTerms()                |(01)    TERM will
be ignored. TERM's condition is not fulfilled.
--- snip ---

$ sha1sum SIMATIC_WinCC_Runtime_Advanced_V15_1.exe
db1f97bb648b62fa1c5d974d7f2bcb6b4a9fd786 
SIMATIC_WinCC_Runtime_Advanced_V15_1.exe

$ du -sh SIMATIC_WinCC_Runtime_Advanced_V15_1.exe
1.3G    SIMATIC_WinCC_Runtime_Advanced_V15_1.exe

$ wine --version
wine-4.4-188-gc988910cae

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list