[Bug 44704] Screenhero 0.14.x installer crashes after PE digital signature validation failure (message id 0x800b0109, CERT_E_UNTRUSTEDROOT not found)

WineHQ Bugzilla wine-bugs at winehq.org
Thu Mar 18 15:34:54 CDT 2021 

https://bugs.winehq.org/show_bug.cgi?id=44704

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                URL|http://www.chip.de/download |https://web.archive.org/web
                   |s/Screenhero_61116661.html  |/20210318182049/https://sec
                   |                            |uredl.cdn.chip.de/downloads
                   |                            |/19010186/Screenhero014-Lat
                   |                            |est-setup.exe

--- Comment #4 from Anastasius Focht <focht at gmx.net> ---
Hello folks,

revisiting, still present.

Adding stable download via Internet Archive:

https://web.archive.org/web/20210318182049/https://securedl.cdn.chip.de/downloads/19010186/Screenhero014-Latest-setup.exe

Using Linux 'osslsigncode' tool to dump Windows Authenticode signatures:

--- snip ---
$ osslsigncode verify Screenhero014-Latest-setup.exe 

Current PE checksum   : 01C149D2
Calculated PE checksum: 01C149D2

Signature Index: 0  (Primary Signature)
Message digest algorithm  : SHA1
Current message digest    : D13ABCA180D6C73FDB795872D4FC7D8CCB5D34AE
Calculated message digest : D13ABCA180D6C73FDB795872D4FC7D8CCB5D34AE

Signer's certificate:
    Signer #0:
        Subject: /C=US/postalCode=94043/ST=CA/L=Mountain View/street=#
32/street=1950 Montecito Ave/O=Screenhero, Inc./CN=Screenhero, Inc.
        Issuer : /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA
Limited/CN=COMODO Code Signing CA 2
        Serial : 05E48E72C7BF74E7341D23FF8DA7AF27
        Certificate expiration date:
            notBefore : Feb 18 00:00:00 2014 GMT
            notAfter : Feb 17 23:59:59 2017 GMT

Number of certificates: 5
    Signer #0:
        Subject: /C=US/O=Symantec Corporation/CN=Symantec Time Stamping
Services CA - G2
        Issuer : /C=ZA/ST=Western Cape/L=Durbanville/O=Thawte/OU=Thawte
Certification/CN=Thawte Timestamping CA
        Serial : 7E93EBFB7CC64E59EA4B9A77D406FC3B
        Certificate expiration date:
            notBefore : Dec 21 00:00:00 2012 GMT
            notAfter : Dec 30 23:59:59 2020 GMT
    ------------------
    Signer #1:
        Subject: /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST
Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Object
        Issuer : /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST
Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Object
        Serial : 44BE0C8B500024B411D3362DE0B35F1B
        Certificate expiration date:
            notBefore : Jul  9 18:31:20 1999 GMT
            notAfter : Jul  9 18:40:36 2019 GMT
    ------------------
    Signer #2:
        Subject: /C=US/O=Symantec Corporation/CN=Symantec Time Stamping
Services Signer - G4
        Issuer : /C=US/O=Symantec Corporation/CN=Symantec Time Stamping
Services CA - G2
        Serial : 0ECFF438C8FEBF356E04D86A981B1A50
        Certificate expiration date:
            notBefore : Oct 18 00:00:00 2012 GMT
            notAfter : Dec 29 23:59:59 2020 GMT
    ------------------
    Signer #3:
        Subject: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA
Limited/CN=COMODO Code Signing CA 2
        Issuer : /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST
Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Object
        Serial : 10709D4FF55408D7306001D8EA9175BB
        Certificate expiration date:
            notBefore : Aug 24 00:00:00 2011 GMT
            notAfter : May 30 10:48:38 2020 GMT
    ------------------
    Signer #4:
        Subject: /C=US/postalCode=94043/ST=CA/L=Mountain View/street=#
32/street=1950 Montecito Ave/O=Screenhero, Inc./CN=Screenhero, Inc.
        Issuer : /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA
Limited/CN=COMODO Code Signing CA 2
        Serial : 05E48E72C7BF74E7341D23FF8DA7AF27
        Certificate expiration date:
            notBefore : Feb 18 00:00:00 2014 GMT
            notAfter : Feb 17 23:59:59 2017 GMT

The signature is timestamped: Jul  7 20:24:23 2014 GMT
Hash Algorithm: sha1
Timestamp Verified by:
        Issuer : /C=US/O=Symantec Corporation/CN=Symantec Time Stamping
Services CA - G2
        Serial : 0ECFF438C8FEBF356E04D86A981B1A50

CAfile: /etc/pki/tls/certs/ca-bundle.crt
TSA's certificates file: /etc/pki/tls/certs/ca-bundle.crt
CRL distribution point: http://crl.comodoca.com/COMODOCodeSigningCA2.crl

CMS_verify error
140565580489216:error:2E099064:CMS
routines:cms_signerinfo_verify_cert:certificate verify
error:crypto/cms/cms_smime.c:252:Verify error:unable to get local issuer
certificate
Timestamp Server Signature verification: failed

PKCS7_verify error
140565580489216:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify
error:crypto/pkcs7/pk7_smime.c:284:Verify error:self signed certificate in
certificate chain
Signature verification: failed

Number of verified signatures: 1
Failed
--- snip ---

All of the certs in the chain are expired now (equivalent to
CERT_TRUST_IS_NOT_TIME_VALID) but that shouldn't matter, it should still pass.

$ wine --version
wine-6.4-118-g2828d0820a1

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list