https://bugs.winehq.org/show_bug.cgi?id=55165
Bug ID: 55165 Summary: Age of Empires II Definitive Edition quits on startup, due to WinVerifyTrust() failing on game binaries. Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: wintrust Assignee: wine-bugs@winehq.org Reporter: david@davidgow.net Distribution: ---
The latest update of Age of Empires II: Definitive Edition no longer runs under wine and wine derivatives like Proton, Crossover, etc. This is because the updated version has an anti-tampering check which calls WinVerifyTrust() on all of the bundled .exe and .dll files (even those the game doesn't use).
Under Wine, WinVerifyTrust() fails with TRUST_E_CERT_SIGNATURE on these PE files, even though it works on other signed executables.
Patching wine to always return 0 from WinVerifyTrust() allows the game to start, and to run successfully. See: https://github.com/ValveSoftware/Proton/issues/3189#issuecomment-1610974028
I've written a simple program which calls WinVerifyTrust() on a file and prints the error: (source): https://davidgow.net/stuff/trustchk.c (x86_64 binary): https://davidgow.net/stuff/trustchk64.exe
The trustchk64.exe binary is signed, so "trustchk64.exe trustchk64.exe" prints: trustchk64.exe: 0 (Success. )
Running against an unsigned binary gives: trustchk.exe: 800B0100 (No Signature found in file. )
Running against AoE2:DE's AoE2DE_s.exe file (or any other .exe or .dll from the game) fails with: AoE2DE_s.exe: 80096004 (TRUST_E_CERT_SIGNATURE: The signature of the certificate cannot be verified.)
I've extracted the offending executable's signature with osslsigncode extract-signature: https://davidgow.net/stuff/AoE2DE_s.sig
Equally, I've verified the executable signature with osslsigncode: https://davidgow.net/stuff/AoE2DE_s.sig-verify.txt
The Steam game info for the affected version is: App ID: 813780 Build ID: 11543327